Scanned pages/files
Request | Server response | Status |
http://cacalo.net.br/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 03 Mar 2015 10:01:12 GMT Location: http://www.cacalo.net.br Server: nginx Content-Length: 178 Content-Type: text/html Set-Cookie: [RDR][cacalo.net.br][use_frame]=0; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT Set-Cookie: [RDR][cacalo.net.br][title]=; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT Set-Cookie: [RDR][cacalo.net.br][active]=1; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT Set-Cookie: [RDR][cacalo.net.br][location]=http://www.cacalo.net.br; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT Set-Cookie: [RDR][cacalo.net.br][keywords]=; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT | clean |
http://www.cacalo.net.br/ | 200 OK Content-Length: 3566 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/js/jquery-1.2.6.min.js | 200 OK Content-Length: 55774 Content-Type: application/javascript | clean |
http://cacalo.net.br/index.php | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cacalo.net.br/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 03 Mar 2015 10:00:38 GMT Location: http://www.cacalo.net.br/test404page.js Server: nginx Content-Length: 178 Content-Type: text/html Set-Cookie: [RDR][cacalo.net.br][use_frame]=0; Path=/; Expires=Tue, 03-Mar-15 11:00:38 GMT Set-Cookie: [RDR][cacalo.net.br][title]=; Path=/; Expires=Tue, 03-Mar-15 11:00:38 GMT Set-Cookie: [RDR][cacalo.net.br][active]=1; Path=/; Expires=Tue, 03-Mar-15 11:00:38 GMT Set-Cookie: [RDR][cacalo.net.br][location]=http://www.cacalo.net.br; Path=/; Expires=Tue, 03-Mar-15 11:00:38 GMT Set-Cookie: [RDR][cacalo.net.br][keywords]=; Path=/; Expires=Tue, 03-Mar-15 11:00:38 GMT | clean |
http://www.cacalo.net.br/test404page.js | 404 Not Found Content-Length: 398 Content-Type: text/html | clean |
http://cacalo.net.br/bio.php | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cacalo.net.br/fotos.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 03 Mar 2015 10:00:45 GMT Location: http://www.cacalo.net.br/fotos.php Server: nginx Content-Length: 178 Content-Type: text/html Set-Cookie: [RDR][cacalo.net.br][use_frame]=0; Path=/; Expires=Tue, 03-Mar-15 11:00:45 GMT Set-Cookie: [RDR][cacalo.net.br][title]=; Path=/; Expires=Tue, 03-Mar-15 11:00:45 GMT Set-Cookie: [RDR][cacalo.net.br][active]=1; Path=/; Expires=Tue, 03-Mar-15 11:00:45 GMT Set-Cookie: [RDR][cacalo.net.br][location]=http://www.cacalo.net.br; Path=/; Expires=Tue, 03-Mar-15 11:00:45 GMT Set-Cookie: [RDR][cacalo.net.br][keywords]=; Path=/; Expires=Tue, 03-Mar-15 11:00:45 GMT | clean |
http://www.cacalo.net.br/fotos.php | 200 OK Content-Length: 4630 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/index.php | 200 OK Content-Length: 3566 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/bio.php | 200 OK Content-Length: 4976 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/videos.php | 200 OK Content-Length: 4135 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/musicas.php | 200 OK Content-Length: 3884 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/01.php | 200 OK Content-Length: 4100 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/agenda.php | 200 OK Content-Length: 10245 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/contato.php | 200 OK Content-Length: 5181 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/02.php | 200 OK Content-Length: 4288 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
| ||
http://www.cacalo.net.br/03.php | 200 OK Content-Length: 4392 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var Header = { addFade : function(selector){ $("<span class=\"fake-hover\"></span>").css("display", "none").prependTo($(selector)); $(selector+" a").bind("mouseenter",function(){ $(selector+" .fake-hover").fadeIn("slow"); }); $(selector+" a").bind("mouseleave",function(){ $(selector+" .fake-hover").fadeOut("slow"); }); } }; $(function(){ Header.addFade("#header"); }); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cacalo.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Mar 2015 10:01:12 GMT
Location: http://www.cacalo.net.br
Server: nginx
Content-Length: 178
Content-Type: text/html
Set-Cookie: [RDR][cacalo.net.br][use_frame]=0; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][title]=; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][active]=1; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][location]=http://www.cacalo.net.br; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][keywords]=; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
...178 bytes of data.
GET / HTTP/1.1
Host: cacalo.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Mar 2015 10:01:12 GMT
Location: http://www.cacalo.net.br
Server: nginx
Content-Length: 178
Content-Type: text/html
Set-Cookie: [RDR][cacalo.net.br][use_frame]=0; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][title]=; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][active]=1; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][location]=http://www.cacalo.net.br; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
Set-Cookie: [RDR][cacalo.net.br][keywords]=; Path=/; Expires=Tue, 03-Mar-15 11:01:12 GMT
...178 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cacalo.net.br
Referer: http://www.google.com/search?q=cacalo.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cacalo.net.br
Referer: http://www.google.com/search?q=cacalo.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cacalo.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cacalo.net.br/
Result: cacalo.net.br is not infected or malware details are not published yet.
Result: cacalo.net.br is not infected or malware details are not published yet.