Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: justusboys.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 24 Jan 2015 22:30:31 GMT
Location: http://www.justusboys.com/
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1
...314 bytes of data.
GET / HTTP/1.1
Host: justusboys.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 24 Jan 2015 22:30:31 GMT
Location: http://www.justusboys.com/
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1
...314 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: justusboys.com
Referer: http://www.google.com/search?q=justusboys.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: justusboys.com
Referer: http://www.google.com/search?q=justusboys.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://justusboys.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 24 Jan 2015 22:30:31 GMT Location: http://www.justusboys.com/ Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 314 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.justusboys.com/ | 200 OK Content-Length: 50869 Content-Type: text/html | clean |
http://small2.myjub.com/assets/includes/jquery-1.6.1.js | 200 OK Content-Length: 91363 Content-Type: application/javascript | clean |
http://small2.myjub.com/assets/includes/jquery.lazyload.pack.js | 200 OK Content-Length: 1626 Content-Type: application/javascript | clean |
http://small2.myjub.com/assets/Scripts/header.js.01292008.js | 200 OK Content-Length: 3527 Content-Type: application/javascript | clean |
http://advertising.justusboys.net/advertising/www/delivery/spcjs.php?id=1&block=1&target=_blank | 200 OK Content-Length: 2637 Content-Type: text/html | clean |
http://advertising.justusboys.net/test404page.js | 404 Not Found Content-Length: 208 Content-Type: text/html | clean |
http://www.justusboys.com/forum/clientscript/vbulletin_md5.js?v=364 | 200 OK Content-Length: 5464 Content-Type: application/javascript | clean |
http://small2.myjub.com/assets/includes/general.js | 200 OK Content-Length: 20150 Content-Type: application/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12798 Content-Type: application/javascript | clean |
http://ads.vs.com/_special/banners/js-popunder.php?mp_code=erfj¶ms=c2VydmljZT1ndXlzJmFtcDtzaXRlPWh0dHA6Ly93d3cuanVibGl2ZS5jb20mYW1wO3BhZ2U9cm9vbXMvJmFtcDt3aWR0aD0xMDIwJmFtcDtoZWlnaHQ9NjAwJmFtcDtmcmVxdWVuY3k9MV9ob3VyJmFtcDtoaWRlPXllcyZhbXA7bm9fYXVkaW89MSZhbXA7Y2F0cz0mYW1wO3Nob3dfYWxsPVk= | 200 OK Content-Length: 18924 Content-Type: application/x-javascript | clean |
http://ads.vs.com/_special/banners/tab.php?mp_code=a6azj&service=guys&target=_blank&style=tab-horizontal-3&text_color=ff8800&bg_color=EEEEEE&trigger=hover&sitekey=whitelabel&whitelabel_domain=jublive.com | 200 OK Content-Length: 8642 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=justusboys.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://justusboys.com/
Result: justusboys.com is not infected or malware details are not published yet.
Result: justusboys.com is not infected or malware details are not published yet.