Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.andrefinearts.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.andrefinearts.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Redirect Date: Thu, 29 Jan 2015 03:19:26 GMT Location: http://kpero.ddns.me.uk/ Server: Microsoft-IIS/7.0 Content-Length: 147 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.andrefinearts.com/ | 200 OK Content-Length: 16207 Content-Type: text/html | clean |
http://www.andrefinearts.com/media/system/js/caption.js | 200 OK Content-Length: 2036 Content-Type: application/x-javascript | clean |
http://andrefinearts.com/plugins/content/highslide/highslide-full.packed.js | 200 OK Content-Length: 42108 Content-Type: application/x-javascript | clean |
http://andrefinearts.com/plugins/content/highslide/do_cookie.js | 200 OK Content-Length: 2457 Content-Type: application/x-javascript | clean |
http://andrefinearts.com/plugins/content/ja_tabs/ja_tabs.js | 200 OK Content-Length: 13063 Content-Type: application/x-javascript | clean |
http://andrefinearts.com/templates/ja_uvite/js/ja.script.js | 200 OK Content-Length: 9950 Content-Type: application/x-javascript | clean |
http://andrefinearts.com/templates/ja_uvite/ja_menus/ja_cssmenu/ja.cssmenu.js | 200 OK Content-Length: 1187 Content-Type: application/x-javascript | clean |
http://www.andrefinearts.com/index.php | 200 OK Content-Length: 16243 Content-Type: text/html | clean |
http://www.andrefinearts.com/index.php?option=com_igallery&view=gallerymenu&Itemid=69 | 200 OK Content-Length: 9382 Content-Type: text/html | clean |
http://www.andrefinearts.com/index.php?option=com_phocagallery&view=category&id=1&Itemid=74 | 200 OK Content-Length: 41962 Content-Type: text/html | clean |
http://www.andrefinearts.com/media/system/js/modal.js | 200 OK Content-Length: 10960 Content-Type: application/x-javascript | clean |
http://www.andrefinearts.com/components/com_phocagallery/assets/js/highslide/highslide-full.js | 200 OK Content-Length: 88064 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var hs = { lang : { loadingText : 'Loading...', loadingTitle : 'Click to cancel', focusTitle : 'Click to bring to front', fullExpandTitle : 'Expand to actual size', creditsText : '', creditsTitle : '', previousText : 'Previous', nextText : 'Next', moveText : 'Move', closeText : 'Close', closeTitle : 'Close (esc)', resizeTitle : 'Resize', playText : 'Play', playTitle : 'Play slideshow (spacebar hs.addEventListener(document, 'mousemove', function(e) { hs.mouse = { x: e.clientX, y: e.clientY }; }); hs.addEventListener(document, 'mousedown', hs.mouseClickHandler); hs.addEventListener(document, 'mouseup', hs.mouseClickHandler); hs.addEventListener(window, 'load', hs.preloadImages); hs.addEventListener(window, 'load', hs.preloadAjax); hs.addEventListener(window, 'load', function() { hs.pageLoaded = true; }); hs.setClickEvents(); Antivirus reports:
| ||
http://www.andrefinearts.com/index.php?option=com_content&view=article&id=62&Itemid=67 | 200 OK Content-Length: 9727 Content-Type: text/html | clean |
http://www.andrefinearts.com/test404page.js | 404 Not Found Content-Length: 1549 Content-Type: text/html | clean |
http://www.andrefinearts.com/index.php?option=com_phocagallery&view=detail&catid=1:art-show-2009&id=1:_mg_0203&tmpl=component&Itemid=74 | 200 OK Content-Length: 12972 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=andrefinearts.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://andrefinearts.com/
Result: andrefinearts.com is not infected or malware details are not published yet.
Result: andrefinearts.com is not infected or malware details are not published yet.