Sign of compromise - redirects - https://urlquery.net/report/9adc19db-7a00-4a5d-8152-27c18ed61a3d
Connection failed. Host has either no HTTPS or does not support GCM.
Re: https://otx.alienvault.com/indicator/ip/173.194.222.95/
Redirects: https://aw-snap.info/file-viewer/?protocol=secure&tgt=bbmstaffingsales.com&ref_sel=GSP2&ua_sel=ff&fs=1
-http://bbmstaffingsales.com cookie set
302 - Moved Temporarily
h-ttp://bbmstaffing.com
302 - Moved Temporarily
-http://bbmstaffing.com/website/index.php cookie set
301 - Moved Permanently
-http://bbmstaffing.com/website/ cookie set
200 - OK
F-grade status and recommendations: https://observatory.mozilla.org/analyze.html?host=bbmstaffing.com
CMS issues: WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
soliloquy
column-shortcodes 0.6.9 latest release (1.0) Update required
https://wordpress.org/plugins/column-shortcodes
custom-facebook-feed latest release (2.4.6)
http://smashballoon.com/custom-facebook-feed
wp-job-manager-locations latest release (1.14.0)
https://wordpress.org/plugins/wp-job-manager-locations/
wp-job-manager 1.25.3 latest release (1.29.0) Update required
https://wpjobmanager.com/
mappress-google-maps-for-wordpress 2.44.5 latest release (2.47) Update required
http://www.wphostreviews.com/mappress
forget-about-shortcode-buttons 2.1.1 latest release (2.1.1)
http://www.designsandcode.com/wordpress-plugins/forget-about-shortcode-buttons-plugin/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
Retirable jQuery library: http://retire.insecurity.today/#!/scan/f40de58aff4945577cee89b181ac4bed75e65bd0a525fd9c284755cc7f3bb82f
polonus (volunteer website security analyst and website error-hunter)