Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ascari.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Mar 2015 14:50:19 GMT
Location: http://www.ascari.net.br/site/
Server: Apache
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
...238 bytes of data.
GET / HTTP/1.1
Host: ascari.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Mar 2015 14:50:19 GMT
Location: http://www.ascari.net.br/site/
Server: Apache
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
...238 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ascari.net.br
Referer: http://www.google.com/search?q=ascari.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ascari.net.br
Referer: http://www.google.com/search?q=ascari.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ascari.net.br/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 03 Mar 2015 14:50:19 GMT Location: http://www.ascari.net.br/site/ Server: Apache Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ascari.net.br/site/ | 200 OK Content-Length: 14432 Content-Type: text/html | clean |
http://www.ascari.net.br/site/wp-content/themes/ascari/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://www.ascari.net.br/site/wp-content/themes/ascari/js/cufon-yui.js | 200 OK Content-Length: 18263 Content-Type: application/x-javascript | clean |
http://www.ascari.net.br/site/wp-content/themes/ascari/js/jquery-base.js | 200 OK Content-Length: 35165 Content-Type: application/x-javascript | clean |
http://www.ascari.net.br/site/wp-content/plugins/cforms/js/cforms.js | 200 OK Content-Length: 17451 Content-Type: application/x-javascript | clean |
http://www.ascari.net.br/site/wp-content/uploads/shadowbox-js/53dacf955b2eb689a85d1c73fe0802ad.js?ver=3.0.3 | 200 OK Content-Length: 42741 Content-Type: application/x-javascript | clean |
http://ascari.net.br/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: No-Cache Connection: close Date: Tue, 03 Mar 2015 14:50:30 GMT Pragma: no-cache Via: 1.1 varnish-v4 Age: 0 Location: http://www.ascari.net.br/site/test404page.js Server: Apache Content-Length: 252 Content-Type: text/html; charset=iso-8859-1 X-Varnish: 341120591 | clean |
http://www.ascari.net.br/site/test404page.js | 404 Not Found Content-Length: 1952 Content-Type: text/html | clean |
http://www.ascari.net.br/site/wp-content/themes/ascari/js/TradeGothic_700.font.js | 404 Not Found Content-Length: 1989 Content-Type: text/html | clean |
http://www.ascari.net.br/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: No-Cache Connection: close Date: Tue, 03 Mar 2015 14:50:34 GMT Pragma: no-cache Via: 1.1 varnish-v4 Age: 0 Location: http://www.ascari.net.br/site/test404page.js Server: Apache Content-Type: text/html; charset=iso-8859-1 X-Varnish: 277227612 | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ascari.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ascari.net.br/
Result: ascari.net.br is not infected or malware details are not published yet.
Result: ascari.net.br is not infected or malware details are not published yet.