Scanned pages/files
| Request | Server response | Status |
http://keepjesusinchristmas.com/ | 200 OK Content-Length: 130658 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY ICE-CREAM ...[15954 bytes skipped]... m.asp"> <input type="hidden" name="M_id" value="898544028366"> <input type="hidden" name="M_image" value="/graphics/898544028366.jpg"> <tr> <td align="left" colspan="2"><font style="font-family: verdana;" size="6"></font><br><h1><br></h1><font style="font-family: verdana; color: rgb(255, 0, 0);" size="6">HACKED BY ICE-CREAM<br><font style="color: rgb(0, 0, 102);" size="5">Sanjungan Jiwa Team</font><br></font></td> </tr> <tr> <td align="left" width="100%"><br /> <b>Select Quantity:</b> <input type="hidden" name="cmd" value="_cart"> <input type="hidden" name="P_count" value="1"> <input type="text" name="P_qty1" va ...[147526 bytes skipped]... | ||
http://keepjesusinchristmas.com/js/sliderman.1.3.7.js | 200 OK Content-Length: 35705 Content-Type: application/javascript | clean |
http://keepjesusinchristmas.com/../../index.php | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/../page_1.php | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/../page_2.php | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/../page_3.php | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/index.php | 200 OK Content-Length: 130658 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/siteadmin/index.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sat, 18 Oct 2014 13:06:37 GMT Pragma: no-cache Location: login.php Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=3d473b942229b650151d513eee519ba8; path=/ X-Powered-By: PHP/5.4.33 | clean |
http://keepjesusinchristmas.com/siteadmin/login.php | 200 OK Content-Length: 14013 Content-Type: text/html | clean |
http://keepjesusinchristmas.com/siteadmin/js/json-minified.js | 200 OK Content-Length: 1770 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: keepjesusinchristmas.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 18 Oct 2014 13:06:29 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.33
GET / HTTP/1.1
Host: keepjesusinchristmas.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 18 Oct 2014 13:06:29 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.33
Second query (visit from search engine):
GET / HTTP/1.1
Host: keepjesusinchristmas.com
Referer: http://www.google.com/search?q=keepjesusinchristmas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: keepjesusinchristmas.com
Referer: http://www.google.com/search?q=keepjesusinchristmas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=keepjesusinchristmas.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://keepjesusinchristmas.com/
Result: keepjesusinchristmas.com is not infected or malware details are not published yet.
Result: keepjesusinchristmas.com is not infected or malware details are not published yet.