Scanned pages/files
| Request | Server response | Status |
http://ralphvellis.com/ | 200 OK Content-Length: 38758 Content-Type: text/html | clean |
http://wasmithandson.com/wp-content/themes/wasmithandson/js/jquery-1.9.1.min.js | 200 OK Content-Length: 92629 Content-Type: application/javascript | clean |
http://wasmithandson.com/wp-content/themes/wasmithandson/js/modernizr-2.6.2.min.js | 200 OK Content-Length: 15414 Content-Type: application/javascript | clean |
http://www.travelers.com/personal-insurance/eAgent/eAgent_js_functions.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Nov 2015 17:20:38 GMT Location: https://www.travelers.com/personal-insurance/eAgent/eAgent_js_functions.js Server: AkamaiGHost Content-Length: 0 | clean |
https://www.travelers.com/personal-insurance/eagent/eagent_js_functions.js | 200 OK Content-Length: 1359 Content-Type: application/x-javascript | clean |
http://wasmithandson.com/wp-content/themes/wasmithandson/fancybox/jquery.fancybox.js?v=2.1.4 | 200 OK Content-Length: 47760 Content-Type: application/javascript | clean |
http://wasmithandson.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 95952 Content-Type: application/javascript | clean |
http://wasmithandson.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://wasmithandson.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/mediaelement-and-player.min.js?ver=2.1.3 | 200 OK Content-Length: 64806 Content-Type: application/javascript | clean |
http://www.google.com/recaptcha/api/challenge?k=6LcbKuESAAAAAP_Fzvasl3qeZyqg2vmHXbCRNy1Q | 200 OK Content-Length: 8059 Content-Type: text/javascript | clean |
http://www.travelers.com/personal-insurance/eAgent/eAgent_200x150.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Nov 2015 17:20:42 GMT Location: https://www.travelers.com/personal-insurance/eAgent/eAgent_200x150.js Server: AkamaiGHost Content-Length: 0 | clean |
https://www.travelers.com/personal-insurance/eagent/eagent_200x150.js | 200 OK Content-Length: 1167 Content-Type: application/x-javascript | clean |
http://wasmithandson.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.32.0-2013.04.03 | 200 OK Content-Length: 15479 Content-Type: application/javascript | clean |
http://wasmithandson.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.4.1 | 200 OK Content-Length: 7077 Content-Type: application/javascript | clean |
http://wasmithandson.com/wp-includes/js/comment-reply.min.js?ver=3.8.7 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://ralphvellis.com/Jack Smith | 404 Not Found Content-Length: 40070 Content-Type: text/html | clean |
http://ralphvellis.com/test404page.js | 404 Not Found Content-Length: 40072 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Page not found | +ADw-/title+AD4-HACKED BYE BILLY ZEG+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xm <!DOCTYPE html> <html class="no-js" lang="en-US" prefix="og: http://ogp.me/ns#"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <meta name="viewport" content="user-scalable=no, width=980, initial-scale=1, maximum-scale=1" /> <title>Page not found | +ADw-/title+AD4-HACKED BYE BILLY ZEG+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4-</title> <script src="http://wasmithandson.com/wp-content/themes/wasmithandson/js/jquery-1.9.1.min.js"></script> <script src="http://wasmithandson.com/wp-content/themes/wasmithandson/js/modernizr-2.6.2.min.js"></script> <script language='javascript' type='text/javascript'>function eAgentCode() {return '0x5582'}< ...[45990 bytes skipped]... | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ralphvellis.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Nov 2015 17:20:34 GMT
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-7
Link: <http://wasmithandson.com/?p=5>; rel=shortlink
X-Pingback: http://wasmithandson.com/xmlrpc.php
X-Powered-By: PHP/5.5.25
GET / HTTP/1.1
Host: ralphvellis.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Nov 2015 17:20:34 GMT
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-7
Link: <http://wasmithandson.com/?p=5>; rel=shortlink
X-Pingback: http://wasmithandson.com/xmlrpc.php
X-Powered-By: PHP/5.5.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: ralphvellis.com
Referer: http://www.google.com/search?q=ralphvellis.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ralphvellis.com
Referer: http://www.google.com/search?q=ralphvellis.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ralphvellis.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ralphvellis.com/
Result: ralphvellis.com is not infected or malware details are not published yet.
Result: ralphvellis.com is not infected or malware details are not published yet.