Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://ninjashoesshop.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: ninjashoesshop.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Jul 2014 08:04:33 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 288 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Mon, 14 Jul 2014 08:03:31 GMT Pragma: no-cache Age: 58 Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Jul 2014 08:04:14 GMT Location: http://bitly.com/1kNQqvM Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=CP1251 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://bitly.com/1kNQqvM (imitation of visitor from search engine) GET /1kNQqvM HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Mon, 14 Jul 2014 08:04:30 GMT Location: http://bongacams.com/track?c=18000 Server: nginx Content-Length: 126 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=53c38f0e-0000c-040f0-361cf10a;domain=.bitly.com;expires=Sat Jan 10 08:04:30 2015;path=/; HttpOnly | suspicious |
URL: http://bongacams.com/track?c=18000 (imitation of visitor from search engine) GET /track?c=18000 HTTP/1.1 Host: bongacams.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Mon, 14 Jul 2014 08:04:29 GMT Location: http://bongacash.com/tools/hit.php?c=18000 Server: nginx/1.6.0 Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 Expires: Mon, 14 Jul 2014 08:04:28 GMT | suspicious |
URL: http://bongacash.com/tools/hit.php?c=18000 (imitation of visitor from search engine) GET /tools/hit.php?c=18000 HTTP/1.1 Host: bongacash.com Referer: http://www.google.com/search?q=redirect+check6 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Mon, 14 Jul 2014 08:04:30 GMT Location: http://bongacams.com?bcs=aGVpczZmMGIyNjc5ZGFkNmIyNWQ3ZmI0ZmFiM2NiODA0YTY0OjoxNzQxNTQ6Omh0dHA6Ly93d3cuZ29vZ2xlLmNvbS91cmw6Ojo6OjoxODAwMA~~ Server: nginx/1.4.1 Content-Length: 0 Content-Type: text/html Expires: Mon, 14 Jul 2014 08:04:29 GMT Set-Cookie: BCH_H=6f0b2679dad6b25d7fb4fab3cb804a64; expires=Tue, 01-Jul-2064 08:04:30 GMT; path=/; domain=.bongacash.com X-Powered-By: PHP/5.4.28 | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://ninjashoesshop.com/ | 200 OK Content-Length: 21976 Content-Type: text/html | clean |
http://ninjashoesshop.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/plugins/cf-shopping-cart/js/jquery.form.js?ver=2.52 | 200 OK Content-Length: 22597 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/plugins/cf-shopping-cart/js/jquery.pnotify.min.js?ver=1.0.1 | 200 OK Content-Length: 12857 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/themes/ninjashoes%D0%B0/js/jquery.corner.js | 200 OK Content-Length: 11181 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/themes/ninjashoes%D0%B0/js/jcarousellite_1.0.1.js | 200 OK Content-Length: 13970 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/themes/ninjashoes%D0%B0/js/effects.js | 200 OK Content-Length: 1408 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.7.2 | 200 OK Content-Length: 8913 Content-Type: application/javascript | clean |
http://ninjashoesshop.com/?cat=3 | 200 OK Content-Length: 18404 Content-Type: text/html | clean |
http://ninjashoesshop.com/?cat=6 | 200 OK Content-Length: 17626 Content-Type: text/html | clean |
http://ninjashoesshop.com/?cat=7 | 200 OK Content-Length: 15985 Content-Type: text/html | clean |
http://ninjashoesshop.com/?cat=8 | 200 OK Content-Length: 16740 Content-Type: text/html | clean |
http://ninjashoesshop.com/?cat=4 | 200 OK Content-Length: 31841 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ninjashoesshop.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ninjashoesshop.com/
Result: ninjashoesshop.com is not infected or malware details are not published yet.
Result: ninjashoesshop.com is not infected or malware details are not published yet.