New scan:

Malware Scanner report for 42.62.30.180

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://42.62.30.180/
200 OK
Content-Length: 44906
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


<iframe scrolling="no" height="68" frameborder="0" width="100%" src="http://tianqi.2345.com/city_wea_set2345_1206.htm" name="city_set_ifr" id="city_set_ifr" allowtransparency="true" style="visibility:hidden"></iframe>

Antivirus reports:

McAfee-GW-Edition
Heuristic.LooksLike.HTML.Suspicious-URL.B

Hidden iFrame found.
size: 100x68     style: hidden
src: http://tianqi.2345.com/city_wea_set2345_1206.htm

<iframe scrolling="no" height="68" frameborder="0" width="100%" src="http://tianqi.2345.com/city_wea_set2345_1206.htm" name="city_set_ifr" id="city_set_ifr" allowtransparency="true" style="visibility:hidden">

http://42.62.30.180/css/common_20150909.js?v=2.28.1
200 OK
Content-Length: 18936
Content-Type: application/javascript
clean
http://42.62.30.180/product/
200 OK
Content-Length: 15907
Content-Type: text/html
clean
http://42.62.30.180/test404page.js
HTTP/1.1 404 Not Found
Connection: close
Date: Thu, 01 Oct 2015 06:35:43 GMT
Accept-Ranges: bytes
Age: 0
ETag: "7e3-50742475bfc80"
Vary: Accept-Encoding
Content-Type: text/html; charset=gb2312
Last-Modified: Fri, 07 Nov 2014 10:28:50 GMT
X-Hits: 0
clean
http://www.2345.com/
200 OK
Content-Length: 1116
Content-Type: text/html
clean
http://www.2345.com/test404page.js
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://42.62.30.180/help/repair.htm
200 OK
Content-Length: 6192
Content-Type: text/html
clean
http://42.62.30.180/help/js/jquery.js
200 OK
Content-Length: 93636
Content-Type: application/javascript
clean
http://42.62.30.180/help/js/v2/number.js
200 OK
Content-Length: 4803
Content-Type: application/javascript
clean
http://42.62.30.180/help/js/v2/setHomePage.js
200 OK
Content-Length: 11570
Content-Type: application/javascript
clean
http://42.62.30.180/help/js/v2/clickcount.js
200 OK
Content-Length: 1004
Content-Type: application/javascript
clean
http://union2.50bang.org/js/repair
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://union2.50bang.org/js/inner
200 OK
Content-Length: 0
Content-Type: text/plain
clean
http://42.62.30.180/mail.htm
200 OK
Content-Length: 15668
Content-Type: text/html
clean
http://42.62.30.180/neiye/wide/js/libnew_girl.js
200 OK
Content-Length: 8723
Content-Type: application/javascript
clean
http://42.62.30.180/neiye/js/xtop.1.20.js
200 OK
Content-Length: 18555
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: 42.62.30.180

Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Thu, 01 Oct 2015 06:35:37 GMT
Age: 1005
ETag: "20e37-520f74dc01c40"
Vary: Accept-Encoding
Content-Type: text/html; charset=gb2312
Expires: Thu, 01 Oct 2015 07:18:52 GMT
Last-Modified: Wed, 30 Sep 2015 13:56:57 GMT
X-Died: timeout at scan.pm line 1566.
X-Hits: 9029
Second query (visit from search engine):
GET / HTTP/1.1
Host: 42.62.30.180
Referer: http://www.google.com/search?q=42.62.30.180

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=42.62.30.180

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://42.62.30.180/

Result: 42.62.30.180 is not infected or malware details are not published yet.