Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rugbyusss.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 17 Jul 2014 14:22:17 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/P4yih8-1Ap>; rel=shortlink
Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Thu, 17-Jul-2014 15:30:38 GMT
Set-Cookie: 60gp=R1864131393; path=/; expires=Thu, 17-Jul-2014 15:30:38 GMT
X-Pingback: http://www.rugbyusss.com/WP/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: rugbyusss.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 17 Jul 2014 14:22:17 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/P4yih8-1Ap>; rel=shortlink
Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Thu, 17-Jul-2014 15:30:38 GMT
Set-Cookie: 60gp=R1864131393; path=/; expires=Thu, 17-Jul-2014 15:30:38 GMT
X-Pingback: http://www.rugbyusss.com/WP/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: rugbyusss.com
Referer: http://www.google.com/search?q=rugbyusss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rugbyusss.com
Referer: http://www.google.com/search?q=rugbyusss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://rugbyusss.com/ | 200 OK Content-Length: 85044 Content-Type: text/html | clean |
http://www.rugbyusss.com/WP/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/jetpack/_inc/postmessage.js?ver=2.9.3 | 200 OK Content-Length: 19615 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/jetpack/_inc/jquery.inview.js?ver=2.9.3 | 200 OK Content-Length: 5590 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/jetpack/_inc/jquery.jetpack-resize.js?ver=2.9.3 | 200 OK Content-Length: 8083 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.2.4&ver=3.9.1 | 200 OK Content-Length: 85185 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.2.4&ver=3.9.1 | 200 OK Content-Length: 90961 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/themes/sportlife/js/modernizr.custom.63321.js?ver=3.9.1 | 200 OK Content-Length: 9136 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/attachment-file-icons/jquery.multifile.js?ver=3.9.1 | 200 OK Content-Length: 20284 Content-Type: application/javascript | clean |
http://rugbyusss.com//platform.twitter.com/widgets.js?ver=3.9.1/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 17 Jul 2014 14:22:24 GMT Pragma: no-cache Location: http://www.rugbyusss.com/platform.twitter.com/widgets.js?ver=3.9.1/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: 60gpBAK=R1224195776; path=/; expires=Thu, 17-Jul-2014 15:30:53 GMT Set-Cookie: 60gp=R1864131393; path=/; expires=Thu, 17-Jul-2014 15:42:49 GMT X-Pingback: http://www.rugbyusss.com/WP/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.rugbyusss.com/platform.twitter.com/widgets.js?ver=3.9.1/ | 404 Not Found Content-Length: 29530 Content-Type: text/html | clean |
http://www.rugbyusss.com//platform.twitter.com/widgets.js?ver=3.9.1/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 17 Jul 2014 14:22:25 GMT Pragma: no-cache Location: http://www.rugbyusss.com/platform.twitter.com/widgets.js?ver=3.9.1/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: 60gpBAK=R1224225179; path=/; expires=Thu, 17-Jul-2014 15:30:05 GMT Set-Cookie: 60gp=R1864131393; path=/; expires=Thu, 17-Jul-2014 15:41:58 GMT X-Pingback: http://www.rugbyusss.com/WP/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.rugbyusss.com/test404page.js | 404 Not Found Content-Length: 29502 Content-Type: text/html | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/wc-shortcodes/includes/js/masonry.pkgd.min.js?ver=3.1.5 | 200 OK Content-Length: 25251 Content-Type: application/javascript | clean |
http://www.rugbyusss.com/WP/wp-content/plugins/wc-shortcodes/includes/js/rsvp.js?ver=1.39 | 200 OK Content-Length: 1087 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201429 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rugbyusss.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rugbyusss.com/
Result: rugbyusss.com is not infected or malware details are not published yet.
Result: rugbyusss.com is not infected or malware details are not published yet.