See where Crypto was observed earlier: https://urlquery.net/report/3409b14a-3944-4643-9460-accf6340fad2
Emisoft flags: https://www.virustotal.com/nl/url/757aaef0535d9872eb23e2a3641f005fab82834d19ef1edda43ad45c398ed25d/analysis/1514586021/
Sucuri’s detect malware: https://sitecheck.sucuri.net/results/jeeploversrus.com
Earlier attack found:
Threat Name: Web Attack: Malicious Redirection 33
Location: htxp://jeeploversrus.com/wp-content/themes/storefront/assets/fonts/Amazon/index/?6a6565706c6f766572737275732e636f6d
Quttera considers it clean, as it now cannot be scanned because of returning HTTP/1.1 500 Internal Server Error,
was domain being taken down or website suspended, because of earlier abuse?
Web domain resorted at: -http://74.81.88.154/cgi-sys/defaultwebpage.cgi
Google Safe Browse passed - all green.
Server: Apache
X-Powered-By: None
IP Address: 74.81.88.154
Provider: GNAX
Country: United States
Linked Sites
Google Safe browse checks have been performed on each of the linked sites. Links with poor reputation could be a threat to users of the site. Hosting and location are also included in the results.
Externally Linked Host Hosting Provider Country
-cpanel.com cPanel United States
-go.cpanel.net cPanel United States
hxtp://74.81.88.154/cgi-sys/defaultwebpage.cgi
GoogleSafe:
OK Load:
119ms Server: 74.81.88.154 → Red Hat Enterprise Linux 7; CPE: cpe:/o:redhat:enterprise_linux:7 Spring, Texas U.S.A.
Apache ASN: 27413 United-States
NETWORK TRANSIT HOLDINGS LLC Reverse DNS:
-server5.floathosting1.com
Netcraft Site Risk Rating 9 red out of 10: https://toolbar.netcraft.com/site_report?url=http://74.81.88.154
Malicious history of that IP reported: https://cymon.io/74.81.88.154 Malware, Phishing and Spam…
polonus