Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: msccfavor.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Thu, 25 Dec 2014 14:30:52 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 11695
Content-Type: text/html
Expires: -1
Last-Modified: Wed, 03 Dec 2014 18:32:23 GMT
Set-Cookie: is_mobile=0; path=/; domain=msccfavor.org
...11695 bytes of data.
GET / HTTP/1.1
Host: msccfavor.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Thu, 25 Dec 2014 14:30:52 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 11695
Content-Type: text/html
Expires: -1
Last-Modified: Wed, 03 Dec 2014 18:32:23 GMT
Set-Cookie: is_mobile=0; path=/; domain=msccfavor.org
...11695 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: msccfavor.org
Referer: http://www.google.com/search?q=msccfavor.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: msccfavor.org
Referer: http://www.google.com/search?q=msccfavor.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://msccfavor.org/ | 200 OK Content-Length: 11695 Content-Type: text/html | clean |
http://msccfavor.org//ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 25 Dec 2014 14:30:53 GMT Pragma: no-cache Location: http://msccfavor.org/ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=a5n7vt1t91vgijb5s5bgvbv4i6; path=/ X-Pingback: http://www.mountainshadowscc.org/xmlrpc.php | clean |
http://msccfavor.org/ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js/ | 404 Not Found Content-Length: 19013 Content-Type: text/html | clean |
http://www.mountainshadowscc.org/wp-content/plugins/podpress/players/1pixelout/1pixelout_audio-player.js | 200 OK Content-Length: 12020 Content-Type: text/javascript | clean |
http://www.mountainshadowscc.org/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: text/javascript | clean |
http://www.mountainshadowscc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: text/javascript | clean |
http://www.mountainshadowscc.org/wp-content/plugins/podpress/js/podpress.js?ver=3.8.5 | 200 OK Content-Length: 40501 Content-Type: text/javascript | clean |
http://www.biblegateway.com/votd/votd.write.callback.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 14:30:59 GMT Location: https://www.biblegateway.com/votd/votd.write.callback.js Server: nginx/1.4.7 Content-Length: 184 Content-Type: text/html | clean |
https://www.biblegateway.com/votd/votd.write.callback.js | 200 OK Content-Length: 853 Content-Type: text/javascript | clean |
http://www.biblegateway.com/votd/get?format=json&version=31&callback=BG.votdWriteCallback | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 25 Dec 2014 14:31:00 GMT Location: http://www.biblegateway.com/votd/get/?format=json&version=31&callback=BG.votdWriteCallback Server: nginx/1.4.7 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.5.7 | clean |
http://www.biblegateway.com/votd/get/?format=json&version=31&callback=bg.votdwritecallback | 200 OK Content-Length: 933 Content-Type: application/x-javascript | clean |
http://www.mountainshadowscc.org/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.4 | 200 OK Content-Length: 4207 Content-Type: text/javascript | clean |
http://www.mountainshadowscc.org/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.0.1 | 200 OK Content-Length: 133 Content-Type: text/javascript | clean |
http://www.mountainshadowscc.org/wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.0.1 | 200 OK Content-Length: 109 Content-Type: text/javascript | clean |
http://msccfavor.org/test404page.js | 404 Not Found Content-Length: 19013 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://msccfavor.org//assets.www2.dragndropbuilder.com/js/site/main.js?buildTime=1407792794/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 25 Dec 2014 14:31:05 GMT Pragma: no-cache Location: http://msccfavor.org/assets.www2.dragndropbuilder.com/js/site/main.js?buildTime=1407792794/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=llbiqfbfrcbmi25jdfu5q2asn1; path=/ X-Pingback: http://www.mountainshadowscc.org/xmlrpc.php | clean |
http://msccfavor.org/assets.www2.dragndropbuilder.com/js/site/main.js?buildtime=1407792794/ | 404 Not Found Content-Length: 19013 Content-Type: text/html | clean |
http://www2.dragndropbuilder.com/editor/libraries/slideshow-jq.js?buildTime=1407792794 | 200 OK Content-Length: 46076 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=msccfavor.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://msccfavor.org/
Result: msccfavor.org is not infected or malware details are not published yet.
Result: msccfavor.org is not infected or malware details are not published yet.