Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kafsima.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 10 Sep 2014 03:04:26 GMT
Pragma: no-cache
Server: Apache
Content-Length: 36856
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 10 Sep 2014 03:04:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 9d31e05fbcc49cc9e0c633dc5929c64a=dcf9kj2ju4v47fafd95t9re514; path=/
...36856 bytes of data.
GET / HTTP/1.1
Host: kafsima.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 10 Sep 2014 03:04:26 GMT
Pragma: no-cache
Server: Apache
Content-Length: 36856
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 10 Sep 2014 03:04:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 9d31e05fbcc49cc9e0c633dc5929c64a=dcf9kj2ju4v47fafd95t9re514; path=/
...36856 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kafsima.com
Referer: http://www.google.com/search?q=kafsima.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kafsima.com
Referer: http://www.google.com/search?q=kafsima.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://kafsima.com/ | 200 OK Content-Length: 36856 Content-Type: text/html | clean |
http://kafsima.com/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://kafsima.com/modules/mod_lofarticlesslideshow/assets/mod_lofarticlesslideshow_jl16x.js | 200 OK Content-Length: 8328 Content-Type: application/javascript | clean |
http://kafsima.com/modules/mod_nastia_news/scripts/engine_1_11_compressed.js | 200 OK Content-Length: 1561 Content-Type: application/javascript | clean |
http://kafsima.com/plugins/system/rokbox/rokbox-mt1.2.js | 200 OK Content-Length: 21800 Content-Type: application/javascript | clean |
http://kafsima.com/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2598 Content-Type: application/javascript | clean |
http://kafsima.com/modules/mod_ariextmenu/mod_ariextmenu/js/ext-core.js | 200 OK Content-Length: 85836 Content-Type: application/javascript | clean |
http://kafsima.com/modules/mod_ariextmenu/mod_ariextmenu/js/menu.min.js | 200 OK Content-Length: 4543 Content-Type: application/javascript | clean |
http://kafsima.com/index.php | 200 OK Content-Length: 36865 Content-Type: text/html | clean |
http://kafsima.com/index.php/company.html | 200 OK Content-Length: 18153 Content-Type: text/html | clean |
http://kafsima.com/index.php/contact.html | 200 OK Content-Length: 30257 Content-Type: text/html | clean |
http://kafsima.com/includes/js/joomla.javascript.js | 200 OK Content-Length: 15405 Content-Type: application/javascript | clean |
http://kafsima.com/index.php/onlineorders/oil.html | 200 OK Content-Length: 32514 Content-Type: text/html | clean |
http://kafsima.com/index.php/onlineorders/firewoods.html | 200 OK Content-Length: 32409 Content-Type: text/html | clean |
http://kafsima.com/index.php/home.html | 200 OK Content-Length: 36800 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kafsima.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kafsima.com/
Result: kafsima.com is not infected or malware details are not published yet.
Result: kafsima.com is not infected or malware details are not published yet.