Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vpop3.it
Result:
HTTP/1.1 301 Error
Connection: close
Location: http://www.aicon.com/vendita-software.php
Server: Microsoft-IIS/5.0
Content-Length: 192
Content-Type: text/html
...192 bytes of data.
GET / HTTP/1.1
Host: vpop3.it
Result:
HTTP/1.1 301 Error
Connection: close
Location: http://www.aicon.com/vendita-software.php
Server: Microsoft-IIS/5.0
Content-Length: 192
Content-Type: text/html
...192 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vpop3.it
Referer: http://www.google.com/search?q=vpop3.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vpop3.it
Referer: http://www.google.com/search?q=vpop3.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://vpop3.it/ | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://www.aicon.com/vendita-software.php | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 05 Oct 2014 19:49:45 GMT Pragma: no-cache Location: http://www.aicon.com Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=eg6lrm6r6imooriro6t81q3bo7; path=/ X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://www.aicon.com/ | 200 OK Content-Length: 38528 Content-Type: text/html | clean |
http://www.aicon.com/includes/modernizr/modernizr.custom.27667.js | 200 OK Content-Length: 10553 Content-Type: application/javascript | clean |
http://vpop3.it/cookiechoices.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://www.aicon.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 05 Oct 2014 19:49:46 GMT Pragma: no-cache Location: http://www.aicon.com Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=1ibv682jsusoulbdrvttaf8911; path=/ X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://vpop3.it/vendors/jquery/jquery-1.11.1.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/jquery/jquery-ui-1.10.4.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/includes/bootstrap/js/bootstrap.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/smartresize/jquery.smartresize.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/isotope/jquery.isotope.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/isotope/jquery.isotope.sloppy-masonry.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/cycle/jquery.cycle.all.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/includes/hoverintent/jquery.hoverIntent.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/imagesloaded/imagesloaded.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/smoothdivscroll/jquery.smoothdivscroll-1.3-min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/rs-plugin/js/jquery.themepunch.plugins.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/vendors/rs-plugin/js/jquery.themepunch.revolution.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/js/script.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
http://vpop3.it/includes/retina/retina-1.1.0.min.js | HTTP/1.1 301 Error Connection: close Location: http://www.aicon.com/vendita-software.php Server: Microsoft-IIS/5.0 Content-Length: 192 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vpop3.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vpop3.it/
Result: vpop3.it is not infected or malware details are not published yet.
Result: vpop3.it is not infected or malware details are not published yet.