Scanned pages/files
Request | Server response | Status |
http://jostens-graduation.com/ | 200 OK Content-Length: 9547 Content-Type: text/html | clean |
http://jostens-graduation.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 3233 Content-Type: application/javascript | clean |
http://jostens-graduation.com/Scripts/tw-sack.js | 200 OK Content-Length: 5215 Content-Type: application/javascript | clean |
http://jostens-graduation.com/Scripts/cii_scripts.js | 200 OK Content-Length: 3194 Content-Type: application/javascript | clean |
http://code.jquery.com/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://jostens-graduation.com/index.php | 200 OK Content-Length: 9547 Content-Type: text/html | clean |
http://jostens-graduation.com/index.php?mod=aboutus | 200 OK Content-Length: 9403 Content-Type: text/html | clean |
http://jostens-graduation.com/index.php?mod=contactus | 200 OK Content-Length: 7991 Content-Type: text/html | clean |
http://jostens-graduation.com/index.php?mod=grad_orders | 200 OK Content-Length: 18250 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By IRAN Security Group ...[10544 bytes skipped]... ; <option value="index.php?mod=category&id_ctg=-100">Forks HS - Forks, WA</option> <option value="index.php?mod=category&id_ctg=-100">Garfield HS - Seattle, WA</option> <option value="index.php?mod=category&id_ctg=100">Hacked By IRAN Security Group</option> <option value="index.php?mod=category&id_ctg=-100">Hazen HS-Renton, WA</option> <option value="index.php?mod=category&id_ctg=-100">Holy Names Academy - Seattle, WA</option> <option value="index.php?mod=category&id_ctg=-100">International Comm. School - Kirkla ...[10239 bytes skipped]... | ||
http://jostens-graduation.com/Scripts/jquery.js | 200 OK Content-Length: 120620 Content-Type: application/javascript | clean |
http://jostens-graduation.com/index.php?mod=order_form | 200 OK Content-Length: 15192 Content-Type: text/html | clean |
http://jostens-graduation.com/index.php?mod=jackets | 200 OK Content-Length: 6997 Content-Type: text/html | clean |
http://jostens-graduation.com/index.php?mod=securityandprivacy | 200 OK Content-Length: 11982 Content-Type: text/html | clean |
http://jostens-graduation.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jostens-graduation.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Thu, 30 Jul 2015 04:44:05 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Content-Length: 9547
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=mk4jgt5rjc3envlpjh7k3sjup4; path=/
X-Powered-By: ASP.NET
...9547 bytes of data.
GET / HTTP/1.1
Host: jostens-graduation.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Thu, 30 Jul 2015 04:44:05 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Content-Length: 9547
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=mk4jgt5rjc3envlpjh7k3sjup4; path=/
X-Powered-By: ASP.NET
...9547 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jostens-graduation.com
Referer: http://www.google.com/search?q=jostens-graduation.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jostens-graduation.com
Referer: http://www.google.com/search?q=jostens-graduation.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jostens-graduation.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jostens-graduation.com/
Result: jostens-graduation.com is not infected or malware details are not published yet.
Result: jostens-graduation.com is not infected or malware details are not published yet.