Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: arduanet.it
Result:
HTTP/1.1 303 See other
Cache-Control: max-age=86400
Connection: close
Date: Mon, 29 Sep 2014 18:04:46 GMT
Location: http://arduanet.it/index.php?lang=it
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g PHP/5.3.9-1~dotdeb.2 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Tue, 30 Sep 2014 18:04:46 GMT
Set-Cookie: f9d1fd816edb5c1dface9e3979c6b956=ca341e4490e59e7f2a43ad3297c9497b; path=/
...0 bytes of data.
GET / HTTP/1.1
Host: arduanet.it
Result:
HTTP/1.1 303 See other
Cache-Control: max-age=86400
Connection: close
Date: Mon, 29 Sep 2014 18:04:46 GMT
Location: http://arduanet.it/index.php?lang=it
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g PHP/5.3.9-1~dotdeb.2 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Tue, 30 Sep 2014 18:04:46 GMT
Set-Cookie: f9d1fd816edb5c1dface9e3979c6b956=ca341e4490e59e7f2a43ad3297c9497b; path=/
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: arduanet.it
Referer: http://www.google.com/search?q=arduanet.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: arduanet.it
Referer: http://www.google.com/search?q=arduanet.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://arduanet.it/ | HTTP/1.1 303 See other Cache-Control: max-age=86400 Connection: close Date: Mon, 29 Sep 2014 18:04:46 GMT Location: http://arduanet.it/index.php?lang=it Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g PHP/5.3.9-1~dotdeb.2 with Suhosin-Patch Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Tue, 30 Sep 2014 18:04:46 GMT Set-Cookie: f9d1fd816edb5c1dface9e3979c6b956=ca341e4490e59e7f2a43ad3297c9497b; path=/ | clean |
http://arduanet.it/index.php?lang=it | 200 OK Content-Length: 11213 Content-Type: text/html | clean |
http://arduanet.it/plugins/system/jqueryintegrator/jqueryintegrator/jquery-1.6.2.min.js | 200 OK Content-Length: 91556 Content-Type: application/javascript | clean |
http://arduanet.it/plugins/system/jqueryintegrator/jqueryintegrator/jquery.noconflict.js | 200 OK Content-Length: 20 Content-Type: application/javascript | clean |
http://arduanet.it/plugins/system/jqueryintegrator/jqueryintegrator/jquery-ui-1.8.6.custom.min.js | 200 OK Content-Length: 205136 Content-Type: application/javascript | clean |
http://arduanet.it/plugins/system/jqueryintegrator/jqueryintegrator/jquery.tools.min.js | 200 OK Content-Length: 46539 Content-Type: application/javascript | clean |
http://arduanet.it/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://arduanet.it/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://arduanet.it/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://arduanet.it/components/com_jfbchat/languages/italian.js | 200 OK Content-Length: 639 Content-Type: application/javascript | clean |
http://arduanet.it/components/com_jfbchat/js/fbchat.js | 200 OK Content-Length: 40910 Content-Type: application/javascript | clean |
http://arduanet.it/components/com_jfbchat/sounds/soundmanager2.js | 200 OK Content-Length: 96878 Content-Type: application/javascript | clean |
http://arduanet.it/components/com_jfbchat/js/sounds.js | 200 OK Content-Length: 930 Content-Type: application/javascript | clean |
http://arduanet.it/components/com_jfbchat/js/emoticons.js | 200 OK Content-Length: 7387 Content-Type: application/javascript | clean |
http://arduanet.it/plugins/system/jsocial_comments/assets/js/lazyload.js | 200 OK Content-Length: 1756 Content-Type: application/javascript | clean |
http://arduanet.it/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=arduanet.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://arduanet.it/
Result: arduanet.it is not infected or malware details are not published yet.
Result: arduanet.it is not infected or malware details are not published yet.