Malware Scanner report for tokyo2hot.com

Malicious/Suspicious/Total urls checked: 2/0/25

2 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/9

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://tokyo2hot.com/	200 OK Content-Length: 60121 Content-Type: text/html	clean
http://static.kinghost.com/kh/head.js	200 OK Content-Length: 187 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write("<a href=\"http://static.kinghost.com/kh/r.php?r=6\">"); document.write("<img src=\"http://static.fleshlight.com/images/banners/fl_468x80.gif\">"); document.write("</a>"); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://sakuralive.com/dynamicbanner/SLpopup.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:47 GMT Location: http://www.sakuralive.com/dynamicbanner/SLpopup.js Server: Zeus/4.3	clean
http://www.sakuralive.com/dynamicbanner/slpopup.js	HTTP/1.1 302 Moved Temporarily Date: Sat, 21 Jun 2014 17:34:47 GMT Accept-Ranges: bytes Location: http://www.sakuralive.com/custom404page.html Server: Zeus/4.3 Content-Type: application/x-javascript X-ServerID: web005.dpt	clean
http://www.sakuralive.com/custom404page.html	HTTP/1.1 200 OK Date: Sat, 21 Jun 2014 17:34:48 GMT Accept-Ranges: bytes Server: Zeus/4.3 Content-Length: 440 Content-Type: text/html Last-Modified: Wed, 02 Oct 2013 15:31:39 GMT X-ServerID: web005.dpt	clean
http://www.sakuralive.com/index.php	200 OK Content-Length: 17289 Content-Type: text/html	clean
http://www.sakuralive.com/../Scripts/swfobject_modified.js	400 Bad Request Content-Length: 200 Content-Type: text/html	clean
http://www.sakuralive.com/test404page.js	HTTP/1.1 302 Moved Temporarily Date: Sat, 21 Jun 2014 17:34:50 GMT Accept-Ranges: bytes Location: http://www.sakuralive.com/custom404page.html Server: Zeus/4.3 Content-Type: application/x-javascript X-ServerID: web005.dpt	clean
http://sakuralive.com/dynamicbanner/Scripts/AC_RunActiveContent.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:50 GMT Location: http://www.sakuralive.com/dynamicbanner/Scripts/AC_RunActiveContent.js Server: Zeus/4.3	clean
http://www.sakuralive.com/dynamicbanner/scripts/ac_runactivecontent.js	HTTP/1.1 302 Moved Temporarily Date: Sat, 21 Jun 2014 17:34:51 GMT Accept-Ranges: bytes Location: http://www.sakuralive.com/custom404page.html Server: Zeus/4.3 Content-Type: application/x-javascript X-ServerID: web005.dpt	clean
http://sakuralive.com/js/sl-mod.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:51 GMT Location: http://www.sakuralive.com/js/sl-mod.js Server: Zeus/4.3	clean
http://www.sakuralive.com/js/sl-mod.js	200 OK Content-Length: 30626 Content-Type: application/x-javascript	clean
http://sakuralive.com/js/js_linkz_v3.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:52 GMT Location: http://www.sakuralive.com/js/js_linkz_v3.js Server: Zeus/4.3	clean
http://www.sakuralive.com/js/js_linkz_v3.js	200 OK Content-Length: 6456 Content-Type: application/x-javascript	clean
http://sakuralive.com/langdir.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:54 GMT Location: http://www.sakuralive.com/langdir.js Server: Zeus/4.3	clean
http://www.sakuralive.com/langdir.js	200 OK Content-Length: 1858 Content-Type: application/x-javascript	clean
http://sakuralive.com/js/css_browser_selector.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:55 GMT Location: http://www.sakuralive.com/js/css_browser_selector.js Server: Zeus/4.3	clean
http://www.sakuralive.com/js/css_browser_selector.js	200 OK Content-Length: 1157 Content-Type: application/x-javascript	clean
http://sakuralive.com/urchin.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:56 GMT Location: http://www.sakuralive.com/urchin.js Server: Zeus/4.3	clean
http://www.sakuralive.com/urchin.js	200 OK Content-Length: 21414 Content-Type: application/x-javascript	clean
http://sakuralive.com/dynamicbanner/random_preview.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:57 GMT Location: http://www.sakuralive.com/dynamicbanner/random_preview.js Server: Zeus/4.3	clean
http://www.sakuralive.com/dynamicbanner/random_preview.js	200 OK Content-Length: 4308 Content-Type: application/x-javascript	clean
http://sakuralive.com/dynamicbanner/mypopup.js	HTTP/1.1 301 Moved Permanently Date: Sat, 21 Jun 2014 17:34:58 GMT Location: http://www.sakuralive.com/dynamicbanner/mypopup.js Server: Zeus/4.3	clean
http://www.sakuralive.com/dynamicbanner/mypopup.js	200 OK Content-Length: 546 Content-Type: application/x-javascript	clean
http://static.kinghost.com/kh/foot.js	200 OK Content-Length: 197 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write("<a href=\"http://static.kinghost.com/kh/go.php?r=5\">"); document.write("<img src=\"http://static.fleshlight.com/images/banners/banner-fleshlight2.gif\">"); document.write("</a>"); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: tokyo2hot.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 21 Jun 2014 17:34:52 GMT
Server: Apache/1.3.42
Content-Type: text/html
Last-Modified: Fri, 03 Feb 2012 15:29:22 GMT
X-Powered-BY: ModLayout/2.11.8

Second query (visit from search engine):
GET / HTTP/1.1
Host: tokyo2hot.com
Referer: http://www.google.com/search?q=tokyo2hot.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=tokyo2hot.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://tokyo2hot.com/

Result: tokyo2hot.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for tokyo2hot.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools