Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=truein.top.to
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ascimpiantisrl.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 20:25:43 GMT
Location: http://www.ascimpiantisrl.it/
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.ascimpiantisrl.it/xmlrpc.php
X-Powered-By: PHP/5.3.28
...0 bytes of data.
GET / HTTP/1.1
Host: ascimpiantisrl.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 20:25:43 GMT
Location: http://www.ascimpiantisrl.it/
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.ascimpiantisrl.it/xmlrpc.php
X-Powered-By: PHP/5.3.28
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ascimpiantisrl.it
Referer: http://www.google.com/search?q=ascimpiantisrl.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ascimpiantisrl.it
Referer: http://www.google.com/search?q=ascimpiantisrl.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://truein.top.to/ | HTTP/1.1 200 OK Connection: keep-alive Date: Thu, 17 Apr 2014 18:36:13 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: 0 P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE" X-Powered-By: PHP/5.2.9p2 | clean |
http://true.da.to/ti | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 17 Apr 2014 18:36:14 GMT Location: http://true.da.to/ti/ Server: Apache Content-Type: text/html; charset=iso-8859-1 | clean |
http://true.da.to/ti/ | 200 OK Content-Length: 33038 Content-Type: text/html | clean |
http://true.da.to/ti/./js/common.js | 200 OK Content-Length: 14444 Content-Type: application/x-javascript | clean |
http://truein.top.to/./js/sideview.js | HTTP/1.1 302 Found Connection: keep-alive Date: Thu, 17 Apr 2014 18:36:18 GMT Location: http://top.to Server: Apache Content-Type: text/html; charset=iso-8859-1 | malicious |
http://top.to/ | 200 OK Content-Length: 528 Content-Type: text/html | clean |
http://top.to/redirection_html/ | 200 OK Content-Length: 1596 Content-Type: text/html | clean |
http://log.inside.daum.net/dwi_log/js/dwi.js | 500 Can't connect to log.inside.daum.net:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://log.inside.daum.net/test404page.js | 500 Can't connect to log.inside.daum.net:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://truein.top.to/./js/wz_tooltip.js | HTTP/1.1 302 Found Connection: keep-alive Date: Thu, 17 Apr 2014 18:36:22 GMT Location: http://top.to Server: Apache Content-Type: text/html; charset=iso-8859-1 | malicious |
http://truein.top.to/./js/wrest.js | HTTP/1.1 302 Found Connection: keep-alive Date: Thu, 17 Apr 2014 18:36:22 GMT Location: http://top.to Server: Apache Content-Type: text/html; charset=iso-8859-1 | malicious |