Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: interplanet-gsa.it
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 02 Sep 2014 05:22:17 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19582
Content-Type: text/html; charset=utf-8
Set-Cookie: .ASPXANONYMOUS=pIdrs__8zwEkAAAAMGI2ZTk3YzQtYjg0Yy00YTA1LTkxOWItZjNiNTI3MTZkNDE20; expires=Mon, 10-Nov-2014 16:02:17 GMT; path=/; HttpOnly
Set-Cookie: language=en-US; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...19582 bytes of data.
GET / HTTP/1.1
Host: interplanet-gsa.it
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 02 Sep 2014 05:22:17 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19582
Content-Type: text/html; charset=utf-8
Set-Cookie: .ASPXANONYMOUS=pIdrs__8zwEkAAAAMGI2ZTk3YzQtYjg0Yy00YTA1LTkxOWItZjNiNTI3MTZkNDE20; expires=Mon, 10-Nov-2014 16:02:17 GMT; path=/; HttpOnly
Set-Cookie: language=en-US; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...19582 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: interplanet-gsa.it
Referer: http://www.google.com/search?q=interplanet-gsa.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: interplanet-gsa.it
Referer: http://www.google.com/search?q=interplanet-gsa.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://interplanet-gsa.it/ | 200 OK Content-Length: 19582 Content-Type: text/html | clean |
http://interplanet-gsa.it/Resources/Shared/Scripts/jquery/jquery.min.js?1.6.1 | 200 OK Content-Length: 91358 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/Resources/Shared/Scripts/jquery/jquery-ui.min.js?1.8.13 | 200 OK Content-Length: 200103 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/WebResource.axd?d=a-LvkSEkBgQ_eM9gyr0Q_2cvg4hwbqkVZv3hTkdyeLGFFSIGFbgYwCrK8xhA85Hefe8_wHsE_UM-27Vj0&t=635357198826695000 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/js/dnncore.js | 200 OK Content-Length: 9424 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/js/dnn.modalpopup.js | 200 OK Content-Length: 2119 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ScriptManager_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d3.5.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3ac2b5a2f3-2711-4e71-b087-b34e92289501%3aea597d4b%3ab25378d2 | 200 OK Content-Length: 132323 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/js/dnn.js | 200 OK Content-Length: 18232 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/js/dnn.xml.js | 200 OK Content-Length: 4538 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/js/dnn.xmlhttp.js | 200 OK Content-Length: 5585 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://interplanet-gsa.it/Portals/_default/Skins/interplanet/slider/jquery-1.7.1.min.js | 200 OK Content-Length: 93871 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/Portals/_default/Skins/interplanet/slider/jquery.nivo.slider.pack.js | 200 OK Content-Length: 11561 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/Portals/_default/Skins/interplanet/fancybox/jquery.mousewheel-3.0.4.pack.js | 200 OK Content-Length: 1292 Content-Type: application/x-javascript | clean |
http://interplanet-gsa.it/Portals/_default/Skins/interplanet/fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15669 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=interplanet-gsa.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://interplanet-gsa.it/
Result: interplanet-gsa.it is not infected or malware details are not published yet.
Result: interplanet-gsa.it is not infected or malware details are not published yet.