Scanned pages/files
| Request | Server response | Status |
http://enchanthim.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 04 Sep 2014 07:25:23 GMT Location: http://www.enchanthim.com/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 234 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.enchanthim.com/ | 200 OK Content-Length: 12455 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: * Note - hacked by lmh to allow display of (and setting of) different values that can be used elsewh ...[4189 bytes skipped]... ; } --> </style> <script type = "text/javascript"> /*********************************************** * Display time of last visit script- by JavaScriptKit.com * This notice MUST stay intact for use * Visit JavaScript Kit at http://www.javascriptkit.com/ for this script and more ************************************************ * Note - hacked by lmh to allow display of (and setting of) different values that can be used elsewhere * (as in a variable time of delay for certain page elements based on prior visit history) * date of hack 18 Apr 2012 * of course in production you want to comment out all the display of messages... * and much of the code in the previousvisit area is just coming up with a fancy display date ***********************************************/ var days = 14; // days until cookie expires. To clear for testing set ...[9437 bytes skipped]... | ||
https://ssl.clickbank.net/script/custom_footer.js | 200 OK Content-Length: 1105 Content-Type: application/javascript | clean |
http://pixel.sitescout.com/ap/0115830945411d2b | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 07:25:25 GMT Location: http://pixel.sitescout.com/ap/0115830945411d2b?cookieQ=1 Server: AC1.1 Content-Length: 0 Set-Cookie: cookietest3=123; Domain=.sitescout.com | clean |
http://pixel.sitescout.com/ap/0115830945411d2b?cookieq=1 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 07:25:25 GMT Location: http://pixel.sitescout.com/ap/0115830945411d2b?cookieQ=1&cookieq=1 Server: AC1.1 Content-Length: 0 Set-Cookie: cookietest3=123; Domain=.sitescout.com | clean |
http://pixel.sitescout.com/ap/0115830945411d2b?cookieq=1&cookieq=1 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 07:25:25 GMT Location: http://pixel.sitescout.com/ap/0115830945411d2b?cookieQ=1&cookieq=1&cookieq=1 Server: AC1.1 Content-Length: 0 Set-Cookie: cookietest3=123; Domain=.sitescout.com | clean |
http://pixel.sitescout.com/ap/0115830945411d2b?cookieq=1&cookieq=1&cookieq=1 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 07:25:25 GMT Location: http://pixel.sitescout.com/ap/0115830945411d2b?cookieQ=1&cookieq=1&cookieq=1&cookieq=1 Server: AC1.1 Content-Length: 0 Set-Cookie: cookietest3=123; Domain=.sitescout.com | clean |
http://pixel.sitescout.com/ap/0115830945411d2b?cookieq=1&cookieq=1&cookieq=1&cookieq=1 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 07:25:26 GMT Location: http://pixel.sitescout.com/ap/0115830945411d2b?cookieQ=1&cookieq=1&cookieq=1&cookieq=1&cookieq=1 Server: AC1.1 Content-Length: 0 Set-Cookie: cookietest3=123; Domain=.sitescout.com | clean |
http://pixel.sitescout.com/ap/0115830945411d2b?cookieq=1&cookieq=1&cookieq=1&cookieq=1&cookieq=1 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 07:25:26 GMT Location: http://pixel.sitescout.com/ap/0115830945411d2b?cookieQ=1&cookieq=1&cookieq=1&cookieq=1&cookieq=1&cookieq=1 Server: AC1.1 Content-Length: 0 Set-Cookie: cookietest3=123; Domain=.sitescout.com | clean |
http://pixel.sitescout.com/test404page.js | 404 Not Found Content-Length: 979 Content-Type: text/html | clean |
http://enchanthim.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 04 Sep 2014 07:25:27 GMT Location: http://www.enchanthim.com/www.googleadservices.com/pagead/conversion.js/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.enchanthim.com/www.googleadservices.com/pagead/conversion.js/ | 404 Not Found Content-Length: 299 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: enchanthim.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 04 Sep 2014 07:25:23 GMT
Location: http://www.enchanthim.com/
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 234
Content-Type: text/html; charset=iso-8859-1
...234 bytes of data.
GET / HTTP/1.1
Host: enchanthim.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 04 Sep 2014 07:25:23 GMT
Location: http://www.enchanthim.com/
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 234
Content-Type: text/html; charset=iso-8859-1
...234 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: enchanthim.com
Referer: http://www.google.com/search?q=enchanthim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: enchanthim.com
Referer: http://www.google.com/search?q=enchanthim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=enchanthim.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://enchanthim.com/
Result: enchanthim.com is not infected or malware details are not published yet.
Result: enchanthim.com is not infected or malware details are not published yet.