Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: geoimpuls.org
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 11:37:27 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 21 Aug 2014 11:37:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: edf02133979b8928af289c5dedb6aa4f=7984f052714c9aa310e4c218c69146f5; path=/
GET / HTTP/1.1
Host: geoimpuls.org
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 11:37:27 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 21 Aug 2014 11:37:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: edf02133979b8928af289c5dedb6aa4f=7984f052714c9aa310e4c218c69146f5; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: geoimpuls.org
Referer: http://www.google.com/search?q=geoimpuls.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: geoimpuls.org
Referer: http://www.google.com/search?q=geoimpuls.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://geoimpuls.org/ | 200 OK Content-Length: 11005 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://geoimpuls.org/plugins/system/scjquery/noconflict.js | 200 OK Content-Length: 61 Content-Type: application/javascript | clean |
http://geoimpuls.org/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://geoimpuls.org/plugins/content/jw_allvideos/includes/js/behaviour.js | 200 OK Content-Length: 1211 Content-Type: application/javascript | clean |
http://geoimpuls.org/plugins/content/jw_allvideos/includes/js/mediaplayer/jwplayer.js | 200 OK Content-Length: 140107 Content-Type: application/javascript | clean |
http://geoimpuls.org/plugins/content/jw_allvideos/includes/js/wmvplayer/silverlight.js | 200 OK Content-Length: 17901 Content-Type: application/javascript | clean |
http://geoimpuls.org/plugins/content/jw_allvideos/includes/js/wmvplayer/wmvplayer.js | 200 OK Content-Length: 24010 Content-Type: application/javascript | clean |
http://geoimpuls.org/plugins/content/jw_allvideos/includes/js/quicktimeplayer/AC_QuickTime.js | 200 OK Content-Length: 8527 Content-Type: application/javascript | clean |
http://geoimpuls.org/plugins/system/shadowbox/min/index.php?g=sb&ad=jquery&lan=en&play=img-swf-flv-qt-wmp-iframe-html | 200 OK Content-Length: 65832 Content-Type: application/x-javascript | clean |
http://geoimpuls.org/modules/mod_AutsonSlideShow/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://geoimpuls.org/modules/mod_AutsonSlideShow/js/jquery.animate-colors-min.js | 200 OK Content-Length: 1736 Content-Type: application/javascript | clean |
http://geoimpuls.org/modules/mod_AutsonSlideShow/js/jquery.skitter.min.js | 200 OK Content-Length: 50242 Content-Type: application/javascript | clean |
http://geoimpuls.org/index.php/meedoen | 200 OK Content-Length: 12836 Content-Type: text/html | clean |
http://geoimpuls.org/media/system/js/modal.js | 200 OK Content-Length: 10588 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=geoimpuls.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://geoimpuls.org/
Result: geoimpuls.org is not infected or malware details are not published yet.
Result: geoimpuls.org is not infected or malware details are not published yet.