Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ashevillemarathon.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 06 Jul 2014 07:05:09 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/P2vIbD-5>; rel=shortlink
Set-Cookie: PHPSESSID=jmdta7921806mjh02pbh2rg132; path=/
X-Pingback: http://ashevillemarathon.com/xmlrpc.php
GET / HTTP/1.1
Host: ashevillemarathon.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 06 Jul 2014 07:05:09 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/P2vIbD-5>; rel=shortlink
Set-Cookie: PHPSESSID=jmdta7921806mjh02pbh2rg132; path=/
X-Pingback: http://ashevillemarathon.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: ashevillemarathon.com
Referer: http://www.google.com/search?q=ashevillemarathon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ashevillemarathon.com
Referer: http://www.google.com/search?q=ashevillemarathon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ashevillemarathon.com/ | 200 OK Content-Length: 27027 Content-Type: text/html | clean |
http://ashevillemarathon.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/wp-content/plugins/awesome-flickr-gallery-plugin/colorbox/jquery.colorbox-min.js?ver=3.9.1 | 200 OK Content-Length: 9601 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/wp-content/plugins/awesome-flickr-gallery-plugin/colorbox/mycolorbox.js?ver=3.9.1 | 200 OK Content-Length: 371 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/wp-content/themes/asheville/includes/modernizr-2.5.2.min.js | 200 OK Content-Length: 15374 Content-Type: text/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201427 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Julaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://ashevillemarathon.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.9.1 | 200 OK Content-Length: 959 Content-Type: text/javascript | clean |
http://stats.wordpress.com/e-201427.js | 200 OK Content-Length: 2346 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/wp-content/themes/asheville/includes/argyll_plugins.js | 200 OK Content-Length: 4587 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/wp-content/themes/asheville/includes/argyll_script.js | 200 OK Content-Length: 929 Content-Type: text/javascript | clean |
http://ashevillemarathon.com/race-info/ | 200 OK Content-Length: 30430 Content-Type: text/html | clean |
http://ashevillemarathon.com/race-info/register/ | 200 OK Content-Length: 29683 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ashevillemarathon.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ashevillemarathon.com/
Result: ashevillemarathon.com is not infected or malware details are not published yet.
Result: ashevillemarathon.com is not infected or malware details are not published yet.