Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: graphikloft.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 21 Aug 2014 18:53:21 GMT
Location: http://www.graphikloft.com/
Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o
Vary: User-Agent
Content-Length: 0
Content-Type: text/html
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 077fadd2a2cb23866aed97e4bfa49c0f=f52d10e73a569612a0d44f31c3601744; path=/
X-Powered-By: PHP/5.2.13-pl1-gentoo
...0 bytes of data.
GET / HTTP/1.1
Host: graphikloft.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 21 Aug 2014 18:53:21 GMT
Location: http://www.graphikloft.com/
Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o
Vary: User-Agent
Content-Length: 0
Content-Type: text/html
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 077fadd2a2cb23866aed97e4bfa49c0f=f52d10e73a569612a0d44f31c3601744; path=/
X-Powered-By: PHP/5.2.13-pl1-gentoo
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: graphikloft.com
Referer: http://www.google.com/search?q=graphikloft.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: graphikloft.com
Referer: http://www.google.com/search?q=graphikloft.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://graphikloft.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 18:53:21 GMT Location: http://www.graphikloft.com/ Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o Vary: User-Agent Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 077fadd2a2cb23866aed97e4bfa49c0f=f52d10e73a569612a0d44f31c3601744; path=/ X-Powered-By: PHP/5.2.13-pl1-gentoo | clean |
http://www.graphikloft.com/ | 200 OK Content-Length: 33641 Content-Type: text/html | clean |
http://www.graphikloft.com/plugins/system/2j_news_slider/jq_last.js | 200 OK Content-Length: 31980 Content-Type: application/x-javascript | clean |
http://graphikloft.com/plugins/system/2j_news_slider/j.e.js | 200 OK Content-Length: 3197 Content-Type: application/x-javascript | clean |
http://graphikloft.com/plugins/system/2j_news_slider/jq.w.js | 200 OK Content-Length: 3771 Content-Type: application/x-javascript | clean |
http://graphikloft.com//ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 18:53:24 GMT Location: http://www.graphikloft.com//ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js/ Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o Vary: User-Agent Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 077fadd2a2cb23866aed97e4bfa49c0f=c8c0a7f8f2626150eac0965318095eed; path=/ X-Powered-By: PHP/5.2.13-pl1-gentoo | clean |
http://www.graphikloft.com//ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js/ | 404 NOT FOUND Content-Length: 27175 Content-Type: text/html | clean |
http://www.graphikloft.com/plugins/system/2j_news_slider/j.e.js | 200 OK Content-Length: 3197 Content-Type: application/x-javascript | clean |
http://graphikloft.com/components/com_k2/js/k2.js?v2.6.8&sitepath=/ | 200 OK Content-Length: 8011 Content-Type: application/x-javascript | clean |
http://graphikloft.com/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://graphikloft.com/plugins/system/jcemediabox/js/jcemediabox.js?version=1111 | 200 OK Content-Length: 56532 Content-Type: application/x-javascript | clean |
http://www.graphikloft.com/templates/ja_teline_ii/js/ja.script.js | 200 OK Content-Length: 6006 Content-Type: application/x-javascript | clean |
http://www.graphikloft.com/templates/ja_teline_ii/highslide/swfobject.js | 200 OK Content-Length: 9759 Content-Type: application/x-javascript | clean |
http://www.graphikloft.com/templates/ja_teline_ii/highslide/highslide-full.js | 200 OK Content-Length: 84999 Content-Type: application/x-javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 144141 Content-Type: application/x-javascript | clean |
http://www.graphikloft.com/modules/mod_iNowSlider/js/jquery-1.6.1.min.js | 200 OK Content-Length: 91342 Content-Type: application/x-javascript | clean |
http://www.graphikloft.com/modules/mod_iNowSlider/js/jquery.mobile-1.0rc2.customized.min.js | 200 OK Content-Length: 48433 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=graphikloft.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://graphikloft.com/
Result: graphikloft.com is not infected or malware details are not published yet.
Result: graphikloft.com is not infected or malware details are not published yet.