Re: http://killmalware.com/pixiv.net/# and confirmed here: https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fwww.pixiv.net%2F%2Fwww.googleadservices.com%2Fpagead%2Fconversion.js%2F&ref_sel=GSP2&ua_sel=ff&fs=1
Not flagged here: http://urlquery.net/report.php?id=1470170217177 nor here: http://urlquery.net/report.php?id=1470170217177
Website is on the bugBounty contest. They alert it here:
< !-- Google Tag Manager -->< no script > < iframe src=hxxp://www.googletagmanager.com/ns.html?id=GTM-55FG" height="0" width="0" style=" display: none ;visibility:hidden"> < / iframe > < /no script >< script > (function (w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= '//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,' script ','dataLayer','GTM-55FG');< / script >< !-- End Google Tag Manager -->
A next one is here
jQuery(this).append(' < iframe src=hxxp://d.pixiv.org/dummy.html" width="0" height="0" scrolling="no" marginwidth="0" style="border:none;" frameborder="0" style="position: absolute;"> < / iframe > ');
→ http://toolbar.netcraft.com/site_report?url=http://d.pixiv.org Seems suspicious as we do noit know what could be loaded from that page!
DROWn vuln: https://test.drownattack.com/?site=whois.pir.org
Alert for htxp://b92.yahoo.co.jp/js/s_retargeting.js flagged by Yandex as malicious. But could be benign like here
<script type="text/javascript" language="javascript">
/* <![CDATA[ */
var yahoo_retargeting_id = '6BDH2H9OFO';
var yahoo_retargeting_label = '';
/* ]]> */
</script>
<script type="text/javascript" language="javascript" src="//b92.yahoo.co.jp/js/s_retargeting.js"></script>
polonus (volunteer website security analyst and website error-hunter)