Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lineacasaonline.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 10 Sep 2014 07:48:37 GMT
Location: http://www.lineacasaonline.com/
Server: Apache
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
...239 bytes of data.
GET / HTTP/1.1
Host: lineacasaonline.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 10 Sep 2014 07:48:37 GMT
Location: http://www.lineacasaonline.com/
Server: Apache
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
...239 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lineacasaonline.com
Referer: http://www.google.com/search?q=lineacasaonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lineacasaonline.com
Referer: http://www.google.com/search?q=lineacasaonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://lineacasaonline.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 10 Sep 2014 07:48:37 GMT Location: http://www.lineacasaonline.com/ Server: Apache Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lineacasaonline.com/ | HTTP/1.1 200 OK Date: Wed, 10 Sep 2014 07:48:38 GMT Accept-Ranges: bytes ETag: "15fe7d1b49cccf1:4ccbf9" Server: Microsoft-IIS/6.0 Content-Length: 5543 Content-Location: http://www.lineacasaonline.com/index.html Content-Type: text/html Last-Modified: Tue, 09 Sep 2014 16:14:18 GMT MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET | clean |
http://www.lineacasaonline.com/index.html | 200 OK Content-Length: 5543 Content-Type: text/html | clean |
http://www.lineacasaonline.com/res/jquery.js?42 | 200 OK Content-Length: 93639 Content-Type: application/x-javascript | clean |
http://lineacasaonline.com/res/x5engine.js?42 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 10 Sep 2014 07:48:39 GMT Location: http://www.lineacasaonline.com/res/x5engine.js?42 Server: Apache Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lineacasaonline.com/res/x5engine.js?42 | 200 OK Content-Length: 3657 Content-Type: application/x-javascript | clean |
http://lineacasaonline.com//www.gmodules.com/ig/ifr?url=http://www.gstatic.com/ig/modules/datetime_v3/datetime_v3.xml&up_color=grey&up_dateFormat=wmd&up_firstDay=1&up_clocks=%5B%5D&up_mainClock=&up_mainClockTimeZoneOffset=&up_mainClockDSTOffset=&up_24hourClock=true&up_showWorldClocks=true&up_useServerTime=false&synd=open&w=400&h=200&title=__MSG_title__&lang=it&country=ALL&border=%23ffffff%7C3px%2C1px+solid+%23999999&output=js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 10 Sep 2014 07:48:39 GMT Location: http://www.lineacasaonline.com//www.gmodules.com/ig/ifr?url=http://www.gstatic.com/ig/modules/datetime_v3/datetime_v3.xml&up_color=grey&up_dateFormat=wmd&up_firstDay=1&up_clocks=%255B%255D&up_mainClock=&up_mainClockTimeZoneOffset=&up_mainClockDSTOffset=&up_24hourClock=true&up_showWorldClocks=true&up_useServerTime=false&synd=open&w=400&h=200&title=__MSG_title__&lang=it&country=ALL&border=%2523ffffff%257C3px%252C1px+solid+%2523999999&output=js/ Server: Apache Content-Length: 726 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lineacasaonline.com//www.gmodules.com/ig/ifr?url=http://www.gstatic.com/ig/modules/datetime_v3/datetime_v3.xml&up_color=grey&up_dateformat=wmd&up_firstday=1&up_clocks=%255b%255d&up_mainclock=&up_mainclocktimezoneoffset=&up_mainclockdstoffset=&up_24hourclock=true&up_showworldclocks=true&up_useservertime=false&synd=open&w=400&h=200&title=__msg_title__&lang=it&country=all&border=%2523ffffff%257c3px%252c1px+solid+%2523999999&output=js/ | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://www.lineacasaonline.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lineacasaonline.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lineacasaonline.com/
Result: lineacasaonline.com is not infected or malware details are not published yet.
Result: lineacasaonline.com is not infected or malware details are not published yet.