Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cimsa.com
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Tue, 03 Mar 2015 21:08:13 GMT
Location: cover.aspx
Server: Microsoft-IIS/6.0
Content-Length: 131
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSBTRRRS=JOPJIDMCEKIABBEOAHGBPFIO; path=/
X-Powered-By: ASP.NET
...131 bytes of data.
GET / HTTP/1.1
Host: cimsa.com
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Tue, 03 Mar 2015 21:08:13 GMT
Location: cover.aspx
Server: Microsoft-IIS/6.0
Content-Length: 131
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSBTRRRS=JOPJIDMCEKIABBEOAHGBPFIO; path=/
X-Powered-By: ASP.NET
...131 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cimsa.com
Referer: http://www.google.com/search?q=cimsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cimsa.com
Referer: http://www.google.com/search?q=cimsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://cimsa.com/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Tue, 03 Mar 2015 21:08:13 GMT Location: cover.aspx Server: Microsoft-IIS/6.0 Content-Length: 131 Content-Type: text/html Set-Cookie: ASPSESSIONIDSSBTRRRS=JOPJIDMCEKIABBEOAHGBPFIO; path=/ X-Powered-By: ASP.NET | clean |
http://cimsa.com/cover.aspx | 200 OK Content-Length: 12123 Content-Type: text/html | clean |
http://cimsa.com/slider/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/x-javascript | clean |
http://cimsa.com/slider/js/core.js | 200 OK Content-Length: 4945 Content-Type: application/x-javascript | clean |
http://cimsa.com/slider/pngFix/jquery.pngFix.js | 200 OK Content-Length: 4780 Content-Type: application/x-javascript | clean |
http://cimsa.com/slider/prettyphoto/js/jquery.prettyPhoto.js | 200 OK Content-Length: 15399 Content-Type: application/x-javascript | clean |
http://cimsa.com/privacy.aspx | 200 OK Content-Length: 15850 Content-Type: text/html | clean |
http://www.enternote.fr/vapor.js | 200 OK Content-Length: 525 Content-Type: application/javascript | clean |
http://cimsa.com/terms_use.aspx | 200 OK Content-Length: 15222 Content-Type: text/html | clean |
http://cimsa.com/tactical_system.aspx | 200 OK Content-Length: 14802 Content-Type: text/html | clean |
http://cimsa.com/airborne_troop.aspx | 200 OK Content-Length: 11350 Content-Type: text/html | clean |
http://cimsa.com/emergency.aspx | 200 OK Content-Length: 8057 Content-Type: text/html | clean |
http://cimsa.com/accessories.aspx | 200 OK Content-Length: 12269 Content-Type: text/html | clean |
http://cimsa.com/aerial_delivery.aspx | 200 OK Content-Length: 11359 Content-Type: text/html | clean |
http://cimsa.com/deceleration.aspx | 200 OK Content-Length: 10027 Content-Type: text/html | clean |
http://cimsa.com/skydiving.aspx | 200 OK Content-Length: 10860 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cimsa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cimsa.com/
Result: cimsa.com is not infected or malware details are not published yet.
Result: cimsa.com is not infected or malware details are not published yet.