Scanned pages/files
| Request | Server response | Status |
http://rotarytexcity.com/ | 200 OK Content-Length: 66315 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-title+AD4-Hacked By International Force+ADw-/title+AD4 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"> <head profile="http://gmpg.org/xfn/11"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-7" /> <title> +ADw-/title+AD4 +ADw-title+AD4-Hacked By International Force+ADw-/title+AD4 +ADw-html xmlns:v+AD0AIg-urn:schemas-microsoft-com:vml+ACI xmlns:o+AD0AIg-urn:schemas-microsoft-com:office:office+ACI xmlns:w+AD0AIg-urn:schemas-microsoft-com:office:word+ACI xmlns+AD0AIg-http://www.w3.org/TR/REC-html40+ACIAPg +ADw-head+AD4 +ADw-meta http-equiv+AD0-Content-Type content+AD0AIg-text/html+ADs charset+AD0-iso-8859-9+ACIAPg +ADw-META HTTP- ...[73739 bytes skipped]... | ||
http://rotarytexcity.com/wp-content/themes/dancefloor/js/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/themes/dancefloor/js/jquery.aw-showcase.js | 200 OK Content-Length: 28868 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/themes/dancefloor/js/cufon.js | 200 OK Content-Length: 18626 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/themes/dancefloor/js/DIN_1451_Std_400.font.js | 200 OK Content-Length: 15698 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/themes/dancefloor/js/css_browser_selector.js | 200 OK Content-Length: 1321 Content-Type: application/javascript | clean |
http://maps.google.com/maps/api/js?sensor=false&ver=3.0 | 200 OK Content-Length: 4901 Content-Type: text/javascript | clean |
http://rotarytexcity.com/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/plugins/geo-lightbox/jquery.Geolightbox-0.5.js?ver=0.5 | 200 OK Content-Length: 37715 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-includes/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/plugins/login-box/login-box-script.js | 200 OK Content-Length: 1412 Content-Type: application/javascript | clean |
http://rotarytexcity.com/wp-content/plugins/login-box/wp25/scripts.js | 200 OK Content-Length: 980 Content-Type: application/javascript | clean |
http://rotarytexcity.com/about-us/ | 200 OK Content-Length: 70756 Content-Type: text/html | clean |
http://rotarytexcity.com/members-main/ | 200 OK Content-Length: 75873 Content-Type: text/html | clean |
http://rotarytexcity.com/category/subscription/ | 200 OK Content-Length: 66873 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rotarytexcity.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 06 May 2014 02:29:01 GMT
Server: Apache
Content-Type: text/html; charset=UTF-7
Set-Cookie: wordpress_test_cookie=WP+Cookie+check
X-Pingback: http://rotarytexcity.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
GET / HTTP/1.1
Host: rotarytexcity.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 06 May 2014 02:29:01 GMT
Server: Apache
Content-Type: text/html; charset=UTF-7
Set-Cookie: wordpress_test_cookie=WP+Cookie+check
X-Pingback: http://rotarytexcity.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: rotarytexcity.com
Referer: http://www.google.com/search?q=rotarytexcity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rotarytexcity.com
Referer: http://www.google.com/search?q=rotarytexcity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rotarytexcity.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rotarytexcity.com/
Result: rotarytexcity.com is not infected or malware details are not published yet.
Result: rotarytexcity.com is not infected or malware details are not published yet.