Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ceusabertos.net.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 08:07:15 GMT
Server: Apache/2.2.24 (Unix) mod_hive/4.0 mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.6
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Host-Header: 192fc2e7e50945beb8231a492d6a8024
Link: <http://wp.me/P5JEOL-7H>; rel=shortlink
X-Cache: SGCACHE-HIT
X-Cache-Enabled: True
X-Forwarded-For: 78.158.11.226
X-Frame-Options: ALLOWALL
X-Host: ceusabertos.net.br
X-Pingback: http://ceusabertos.net.br/xmlrpc.php
X-Url: /
GET / HTTP/1.1
Host: ceusabertos.net.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 08:07:15 GMT
Server: Apache/2.2.24 (Unix) mod_hive/4.0 mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.6
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Host-Header: 192fc2e7e50945beb8231a492d6a8024
Link: <http://wp.me/P5JEOL-7H>; rel=shortlink
X-Cache: SGCACHE-HIT
X-Cache-Enabled: True
X-Forwarded-For: 78.158.11.226
X-Frame-Options: ALLOWALL
X-Host: ceusabertos.net.br
X-Pingback: http://ceusabertos.net.br/xmlrpc.php
X-Url: /
Second query (visit from search engine):
GET / HTTP/1.1
Host: ceusabertos.net.br
Referer: http://www.google.com/search?q=ceusabertos.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ceusabertos.net.br
Referer: http://www.google.com/search?q=ceusabertos.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://ceusabertos.net.br/ | 200 OK Content-Length: 37430 Content-Type: text/html | clean |
http://ceusabertos.net.br/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/plugins/mainwp-child/js/tracker.js | 200 OK Content-Length: 1670 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.4&ver=4.1.1 | 200 OK Content-Length: 77389 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.1.4&ver=4.1.1 | 200 OK Content-Length: 81219 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/themes/benevolence-wpl/js/html5.js | 200 OK Content-Length: 2444 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-includes/js/comment-reply.min.js | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://ceusabertos.net.br/wp-content/plugins/jetpack/modules/wpgroho.js | 200 OK Content-Length: 959 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/themes/benevolence-wpl/js/base.js | 200 OK Content-Length: 3447 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/themes/benevolence-wpl/js/stickUp.min.js | 200 OK Content-Length: 2685 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/themes/benevolence-wpl/js/jquery.flexslider-min.js | 200 OK Content-Length: 21638 Content-Type: application/javascript | clean |
http://ceusabertos.net.br/wp-content/themes/benevolence-wpl/css/owl-carousel/owl.carousel.js | 200 OK Content-Length: 52797 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ceusabertos.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ceusabertos.net.br/
Result: ceusabertos.net.br is not infected or malware details are not published yet.
Result: ceusabertos.net.br is not infected or malware details are not published yet.