Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: najjarcafe.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 11:43:31 GMT
Location: http://www.najjarcafe.com/
Server: cloudflare-nginx
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
CF-RAY: 16a4912637bd0f93-FRA
Set-Cookie: __cfduid=d240e6a027dc93c3efcec91fe0a38c37a1410781410275; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.najjarcafe.com; HttpOnly
X-Pingback: http://www.najjarcafe.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: najjarcafe.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 11:43:31 GMT
Location: http://www.najjarcafe.com/
Server: cloudflare-nginx
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
CF-RAY: 16a4912637bd0f93-FRA
Set-Cookie: __cfduid=d240e6a027dc93c3efcec91fe0a38c37a1410781410275; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.najjarcafe.com; HttpOnly
X-Pingback: http://www.najjarcafe.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: najjarcafe.com
Referer: http://www.google.com/search?q=najjarcafe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: najjarcafe.com
Referer: http://www.google.com/search?q=najjarcafe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://najjarcafe.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:43:31 GMT Location: http://www.najjarcafe.com/ Server: cloudflare-nginx Vary: Accept-Encoding,Cookie Content-Type: text/html; charset=UTF-8 CF-RAY: 16a4912637bd0f93-FRA Set-Cookie: __cfduid=d240e6a027dc93c3efcec91fe0a38c37a1410781410275; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.najjarcafe.com; HttpOnly X-Pingback: http://www.najjarcafe.com/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://www.najjarcafe.com/ | 200 OK Content-Length: 110291 Content-Type: text/html | clean |
http://www.najjarcafe.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.najjarcafe.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=222370&bid=1147978 | 200 OK Content-Length: 39 | clean |
http://bdv.bidvertiser.com/test404page.js | 200 OK Content-Length: 50 | clean |
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=222370&bid=1217035 | 200 OK Content-Length: 39 | clean |
http://adspaces.ero-advertising.com/adspace/317478.js | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://pu.plugrush.com/4gsp.js | 200 OK Content-Length: 3544 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/175274.js | 200 OK Content-Length: 1829 Content-Type: application/javascript | clean |
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=222370&bid=1218910 | 200 OK Content-Length: 39 | clean |
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=222370&bid=1436346 | 200 OK Content-Length: 39 | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201433 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Augaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://www.najjarcafe.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.9 | 200 OK Content-Length: 959 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=najjarcafe.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://najjarcafe.com/
Result: najjarcafe.com is not infected or malware details are not published yet.
Result: najjarcafe.com is not infected or malware details are not published yet.