Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theatre-bethune.fr
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 08 Apr 2014 23:40:13 GMT
Location: http://www.theatre-bethune.fr/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: 240planBAK=R2339304326; path=/; expires=Wed, 09-Apr-2014 00:45:12 GMT
Set-Cookie: 240plan=R3498009243; path=/; expires=Wed, 09-Apr-2014 00:43:18 GMT
Set-Cookie: wpfilebase=1
X-Pingback: http://www.theatre-bethune.fr/version2011/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: theatre-bethune.fr
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 08 Apr 2014 23:40:13 GMT
Location: http://www.theatre-bethune.fr/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: 240planBAK=R2339304326; path=/; expires=Wed, 09-Apr-2014 00:45:12 GMT
Set-Cookie: 240plan=R3498009243; path=/; expires=Wed, 09-Apr-2014 00:43:18 GMT
Set-Cookie: wpfilebase=1
X-Pingback: http://www.theatre-bethune.fr/version2011/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theatre-bethune.fr
Referer: http://www.google.com/search?q=theatre-bethune.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theatre-bethune.fr
Referer: http://www.google.com/search?q=theatre-bethune.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://theatre-bethune.fr/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 08 Apr 2014 23:40:13 GMT Location: http://www.theatre-bethune.fr/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: 240planBAK=R2339304326; path=/; expires=Wed, 09-Apr-2014 00:45:12 GMT Set-Cookie: 240plan=R3498009243; path=/; expires=Wed, 09-Apr-2014 00:43:18 GMT Set-Cookie: wpfilebase=1 X-Pingback: http://www.theatre-bethune.fr/version2011/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.theatre-bethune.fr/ | 200 OK Content-Length: 19662 Content-Type: text/html | clean |
http://code.jquery.com/jquery-latest.min.js | 200 OK Content-Length: 93107 Content-Type: application/x-javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/themes/theatre/fancybox/lib/jquery.mousewheel-3.0.6.pack.js | 200 OK Content-Length: 1384 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/themes/theatre/fancybox/source/jquery.fancybox.pack.js?v=2.1.5 | 200 OK Content-Length: 23123 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/themes/theatre/fancybox/source/helpers/jquery.fancybox-buttons.js?v=1.0.5 | 200 OK Content-Length: 3041 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/themes/theatre/fancybox/source/helpers/jquery.fancybox-media.js?v=1.0.6 | 200 OK Content-Length: 5305 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/themes/theatre/fancybox/source/helpers/jquery.fancybox-thumbs.js?v=1.0.7 | 200 OK Content-Length: 3836 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-includes/js/l10n.js | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 91363 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/plugins/download-manager/js/jquery.colorbox-min.js | 200 OK Content-Length: 9820 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/plugins/jquery-collapse-o-matic/collapse.js | 200 OK Content-Length: 5553 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/plugins/login-with-ajax/widget/login-with-ajax.js | 200 OK Content-Length: 7963 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/plugins/sociable/js/sociable.js | 200 OK Content-Length: 1959 Content-Type: application/javascript | clean |
http://www.theatre-bethune.fr/version2011/wp-content/plugins/sociable/js/addtofavorites.js | 200 OK Content-Length: 602 Content-Type: application/javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 11629 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theatre-bethune.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://theatre-bethune.fr/
Result: theatre-bethune.fr is not infected or malware details are not published yet.
Result: theatre-bethune.fr is not infected or malware details are not published yet.