Scanned pages/files
Request | Server response | Status |
http://beallevents.com/ | 200 OK Content-Length: 14410 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HacKeD ByW3b-Attack T34m <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>HacKeD ByW3b-Attack T34m</title> <style> <!-- p {margin-right:0in; margin-left:0in; font-size:12.0pt; font-family:"Times New Roman","serif"; } p.MsoNormal {mso-style-parent:""; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman","serif"; margin-left:0in; margin-right:0in; margin-top:0in} .style6 { color: #008000; font-siz ...[17196 bytes skipped]... | ||
http://beallevents.com/test404page.js | 404 Not Found Content-Length: 19641 Content-Type: text/html | clean |
http://beallevents.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://beallevents.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://beallevents.com/wp-content/plugins/wp-photo-album-plus/wppa.min.js?ver=5-2-06-000 | 200 OK Content-Length: 69317 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: beallevents.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 23 Jul 2015 11:07:05 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ac2d038a4508d9b1ef7c2313232e4c66; path=/
X-Pingback: http://beallevents.com/xmlrpc.php
X-Powered-By: PHP/5.5.19
GET / HTTP/1.1
Host: beallevents.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 23 Jul 2015 11:07:05 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ac2d038a4508d9b1ef7c2313232e4c66; path=/
X-Pingback: http://beallevents.com/xmlrpc.php
X-Powered-By: PHP/5.5.19
Second query (visit from search engine):
GET / HTTP/1.1
Host: beallevents.com
Referer: http://www.google.com/search?q=beallevents.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: beallevents.com
Referer: http://www.google.com/search?q=beallevents.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=beallevents.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://beallevents.com/
Result: beallevents.com is not infected or malware details are not published yet.
Result: beallevents.com is not infected or malware details are not published yet.