Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: taddeisa.ch
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 22 Dec 2014 14:09:57 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0a295473cf4f36c2691e397e17d428ce=78ac608ea039e1411d2ddc475fe244d3; path=/
Set-Cookie: mhap_98=1
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: taddeisa.ch
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 22 Dec 2014 14:09:57 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0a295473cf4f36c2691e397e17d428ce=78ac608ea039e1411d2ddc475fe244d3; path=/
Set-Cookie: mhap_98=1
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: taddeisa.ch
Referer: http://www.google.com/search?q=taddeisa.ch
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: taddeisa.ch
Referer: http://www.google.com/search?q=taddeisa.ch
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://taddeisa.ch/ | 200 OK Content-Length: 7825 Content-Type: text/html | clean |
http://taddeisa.ch/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://taddeisa.ch/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://taddeisa.ch/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://taddeisa.ch/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://taddeisa.ch/modules/mod_mh_ajax_popup/js/mhap.js | 200 OK Content-Length: 986 Content-Type: application/javascript | clean |
http://taddeisa.ch/templates/full_screen_2/lib/js/jquery.easing.min.js | 200 OK Content-Length: 7046 Content-Type: application/javascript | clean |
http://taddeisa.ch/templates/full_screen_2/lib/js/supersized.3.2.1.js | 200 OK Content-Length: 36509 Content-Type: application/javascript | clean |
http://taddeisa.ch/templates/full_screen_2/lib/js/theme/supersized.shutter.js | 200 OK Content-Length: 12548 Content-Type: application/javascript | clean |
http://taddeisa.ch/index.php | 200 OK Content-Length: 7834 Content-Type: text/html | clean |
http://taddeisa.ch/societa/la-storia | 200 OK Content-Length: 14082 Content-Type: text/html | clean |
http://taddeisa.ch//ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js/ | 404 Categoria non trovata Content-Length: 1539 Content-Type: text/html | clean |
http://taddeisa.ch/test404page.js | 404 Articolo non trovato Content-Length: 1536 Content-Type: text/html | clean |
http://taddeisa.ch/modules/mod_ariimageslider/mod_ariimageslider/js/jquery.noconflict.js | 200 OK Content-Length: 81 Content-Type: application/javascript | clean |
http://taddeisa.ch/modules/mod_ariimageslider/mod_ariimageslider/js/jquery.nivo.slider.js | 200 OK Content-Length: 10850 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=taddeisa.ch
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://taddeisa.ch/
Result: taddeisa.ch is not infected or malware details are not published yet.
Result: taddeisa.ch is not infected or malware details are not published yet.