Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: marshallmatlock.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 22 Aug 2014 00:37:26 GMT
Pragma: no-cache
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Vary: Cookie
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/1zIVI>; rel=shortlink
Set-Cookie: PHPSESSID=aae52f5c02c34197e66d9cd90e527d56; path=/
X-CF-Powered-By: WP 1.3.9
X-Pingback: http://marshallmatlock.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.2.8
GET / HTTP/1.1
Host: marshallmatlock.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 22 Aug 2014 00:37:26 GMT
Pragma: no-cache
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Vary: Cookie
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/1zIVI>; rel=shortlink
Set-Cookie: PHPSESSID=aae52f5c02c34197e66d9cd90e527d56; path=/
X-CF-Powered-By: WP 1.3.9
X-Pingback: http://marshallmatlock.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.2.8
Second query (visit from search engine):
GET / HTTP/1.1
Host: marshallmatlock.com
Referer: http://www.google.com/search?q=marshallmatlock.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: marshallmatlock.com
Referer: http://www.google.com/search?q=marshallmatlock.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.marshallmatlock.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 22 Aug 2014 00:37:26 GMT Pragma: no-cache Location: http://marshallmatlock.com/ Server: cloudflare-nginx Vary: Cookie,Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT CF-RAY: 15db0067cee40f57-FRA Set-Cookie: __cfduid=d0a664e92d7ffbff9a752477780a701481408667843802; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.marshallmatlock.com; HttpOnly Set-Cookie: PHPSESSID=259525454b4d5be8bd21ef4869b40e18; path=/ X-CF-Powered-By: WP 1.3.9 X-Pingback: http://marshallmatlock.com/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.2.8 | clean |
http://marshallmatlock.com/ | 200 OK Content-Length: 300518 Content-Type: text/html | clean |
http://marshallmatlock.com/test404page.js | 404 Not Found Content-Length: 39694 Content-Type: text/html | clean |
http://marshallmatlock.com//ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 22 Aug 2014 00:37:35 GMT Pragma: no-cache Location: http://marshallmatlock.com/ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/ Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=3e943ca76a3e080efa9a78eb8fa63630; path=/ X-CF-Powered-By: WP 1.3.9 X-Pingback: http://marshallmatlock.com/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.2.8 | clean |
http://marshallmatlock.com/ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/ | 404 Not Found Content-Length: 39750 Content-Type: text/html | clean |
http://marshallmatlock.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 22 Aug 2014 00:37:39 GMT Pragma: no-cache Location: http://marshallmatlock.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/ Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=e24db84ebf12f35bbb4553c44b0f4b38; path=/ X-CF-Powered-By: WP 1.3.9 X-Pingback: http://marshallmatlock.com/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.2.8 | clean |
http://marshallmatlock.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/ | 404 Not Found Content-Length: 39756 Content-Type: text/html | clean |
http://marshallmatlock.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 22 Aug 2014 00:37:43 GMT Pragma: no-cache Location: http://marshallmatlock.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/ Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=ff7f17ef151e867e45773bd563b4d588; path=/ X-CF-Powered-By: WP 1.3.9 X-Pingback: http://marshallmatlock.com/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.2.8 | clean |
http://marshallmatlock.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/ | 404 Not Found Content-Length: 39750 Content-Type: text/html | clean |
http://marshallmatlock.com/wp-content/plugins/lightbox-2/lightbox.js?ver=1.8 | 200 OK Content-Length: 21338 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1791 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/plugins/audio-player/assets/audio-player.js?ver=2.0.4.6 | 200 OK Content-Length: 29366 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/themes/bigfeature/library/js/cufon/cufon-yui.js | 200 OK Content-Length: 18264 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/themes/bigfeature/library/js/cufon/Vegur_400-Vegur_700.font.js | 200 OK Content-Length: 29778 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/themes/bigfeature/library/js/image-maxwidth.js | 200 OK Content-Length: 238 Content-Type: application/javascript | clean |
http://widgets.twimg.com/j/2/widget.js | 200 OK Content-Length: 1489 Content-Type: application/javascript | clean |
http://marshallmatlock.com/wp-content/themes/bigfeature/library/js/superfish/hoverIntent.js | 200 OK Content-Length: 3256 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=marshallmatlock.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://marshallmatlock.com/
Result: marshallmatlock.com is not infected or malware details are not published yet.
Result: marshallmatlock.com is not infected or malware details are not published yet.