New scan:

Malware Scanner report for g311.com

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.g311.com/content/
404 Not Found
Content-Length: 4603
Content-Type: text/html
clean
http://www.g311.com/adfile/ad1.js
200 OK
Content-Length: 146
Content-Type: application/x-javascript
clean
http://www.g311.com/sitemap.html
200 OK
Content-Length: 14455
Content-Type: text/html
clean
http://www.g311.com/
200 OK
Content-Length: 8518
Content-Type: text/html
clean
http://www.g311.com/js/wudlink.js
200 OK
Content-Length: 1302
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<tr align=\"center\" class=\"q1\"><td height=\"25\"><a href=\"http://www.SF171.com/\" target=\"_blank\">¨€£±Ø¼£·£¶ÀÏËæ·ç¨€</a></td><td class=\"red\">ÐÂÇø½±Àø5000RMB</td><td><img src=\"../images/jrgd.gif\" width=\"150\" height=\"24\" /></td><td class=\"blue\">Ë«Ï߶à»ú¸ºÔØ</td><td>1.76ÀÏËæ·ç-Éý¼¶´ò±¦²»ÀÛ-Æ·ÅÆÖµµÃÐÅÄΨU</td><td>ȺºÅ:88082099</td><td><a href=\"http://www.SF171.com
... 687 bytes are skipped ...
lass=\"q1\"><td height=\"25\"><a href=\"http://gg.djsy.in/\" target=\"_blank\">¡îµ¶½£ÉñÓò¡ï</a></td><td class=\"red\">¿ª×ã1Ä꣡</td><td><img src=\"../images/jrgd.gif\" width=\"150\" height=\"24\" /></td><td class=\"blue\">Èں϶àÖÖÔªËØ</td><td>ÈÈÃŶ¯ÂþС˵¡°µ¶½£ÉñÓò¡±¸Ä±à¡£</td><td>¡îµ¶½£ÉñÓò¡ï</td><td><a href=\"http://gg.djsy.in/\" target=\"_blank\">µã»÷½øÈë</a></td></tr>")

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://www.g311.com/adfile/ad4.js
200 OK
Content-Length: 143
Content-Type: application/x-javascript
clean
http://www.g311.com/js/info.js
200 OK
Content-Length: 201
Content-Type: application/x-javascript
clean
http://count8.51yes.com/click.aspx?id=87036441&logo=1
200 OK
Content-Length: 1773
Content-Type: text/html
clean
http://count8.51yes.com/test404page.js
404 Not Found
Content-Length: 1308
Content-Type: text/html
clean
http://www.g311.com/Sfadd.html
200 OK
Content-Length: 5741
Content-Type: text/html
clean
http://www.g311.com/News/Index10.html
200 OK
Content-Length: 25812
Content-Type: text/html
clean
http://www.g311.com/js/showpage.js
200 OK
Content-Length: 6588
Content-Type: application/x-javascript
clean
http://www.g311.com/News/index9.html
200 OK
Content-Length: 32292
Content-Type: text/html
clean
http://www.g311.com/Temp/downindex.asp
200 OK
Content-Length: 2586
Content-Type: text/html
clean
http://www.g311.com/weburl/indss.asp
200 OK
Content-Length: 11270
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: g311.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: g311.com
Referer: http://www.google.com/search?q=g311.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=g311.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://g311.com/

Result: g311.com is not infected or malware details are not published yet.