Scanned pages/files
Request | Server response | Status |
http://construindofacil.com.br/ | 200 OK Content-Length: 904 Content-Type: text/html | clean |
http://construindofacil.com.br/LICENSE.txt | 200 OK Content-Length: 18156 Content-Type: text/plain | clean |
http://construindofacil.com.br/test404page.js | 404 Not Found Content-Length: 471 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/ | 200 OK Content-Length: 583 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/cache/ | 200 OK Content-Length: 2083 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By the_warri0r <html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
<head> <title>Hacked By the_warri0r</title> <link href='http://fonts.googleapis.com/css?family=Orbitron:700' rel='stylesheet' type='text/css'> <link rel="shortcut icon" href="http://cdn3.iconfinder.com/data/icons/line/36/skull-128.png"/> <meta name="description" content="Hacked By the_warri0r"> <meta name="keywords" content="Hacked By the_warri0r"> <meta name="author" content="Kosova Hacker"> ...[2088 bytes skipped]... | ||
http://construindofacil.com.br/administrator/components/ | 200 OK Content-Length: 801 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_cache/ | 200 OK Content-Length: 2083 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_content/ | 200 OK Content-Length: 2083 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_cpanel/ | 200 OK Content-Length: 2083 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_installer/ | 200 OK Content-Length: 2083 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_login/ | 200 OK Content-Length: 2083 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_menus/ | 200 OK Content-Length: 2083 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_swmenufree/ | 200 OK Content-Length: 1208 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_swmenufree/ImageManager/ | 200 OK Content-Length: 1145 Content-Type: text/html | clean |
http://construindofacil.com.br/administrator/components/com_swmenufree/ImageManager/Classes/ | 200 OK Content-Length: 944 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: construindofacil.com.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 Feb 2015 09:12:08 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 904
Content-Type: text/html;charset=ISO-8859-1
...904 bytes of data.
GET / HTTP/1.1
Host: construindofacil.com.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 Feb 2015 09:12:08 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 904
Content-Type: text/html;charset=ISO-8859-1
...904 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: construindofacil.com.br
Referer: http://www.google.com/search?q=construindofacil.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: construindofacil.com.br
Referer: http://www.google.com/search?q=construindofacil.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=construindofacil.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://construindofacil.com.br/
Result: construindofacil.com.br is not infected or malware details are not published yet.
Result: construindofacil.com.br is not infected or malware details are not published yet.