Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: elvio.net.br
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Tue, 03 Mar 2015 23:00:15 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 81f30cf708470b974874c8a96a6bcdb2=jsp3cul5dat406ms2nioe7jng2; path=/
X-Powered-By: PHP/5.2.10
GET / HTTP/1.1
Host: elvio.net.br
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Tue, 03 Mar 2015 23:00:15 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 81f30cf708470b974874c8a96a6bcdb2=jsp3cul5dat406ms2nioe7jng2; path=/
X-Powered-By: PHP/5.2.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: elvio.net.br
Referer: http://www.google.com/search?q=elvio.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: elvio.net.br
Referer: http://www.google.com/search?q=elvio.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://elvio.net.br/ | 200 OK Content-Length: 22272 Content-Type: text/html | clean |
http://elvio.net.br/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/x-javascript | clean |
http://elvio.net.br/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/x-javascript | clean |
http://elvio.net.br/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/x-javascript | clean |
http://elvio.net.br/media/widgetkit/js/jquery.js | 200 OK Content-Length: 91037 Content-Type: application/x-javascript | clean |
http://elvio.net.br/cache/widgetkit/widgetkit-0414ec6a.js | 200 OK Content-Length: 13665 Content-Type: application/x-javascript | clean |
http://elvio.net.br/plugins/system/azrul.system/pc_includes/ajax_1.5.pack.js | 200 OK Content-Length: 10725 Content-Type: application/x-javascript | clean |
http://elvio.net.br/templates/yoo_cloud/warp/js/warp.js | 200 OK Content-Length: 6844 Content-Type: application/x-javascript | clean |
http://elvio.net.br/templates/yoo_cloud/warp/js/accordionmenu.js | 200 OK Content-Length: 1526 Content-Type: application/x-javascript | clean |
http://elvio.net.br/templates/yoo_cloud/warp/js/dropdownmenu.js | 200 OK Content-Length: 5421 Content-Type: application/x-javascript | clean |
http://elvio.net.br/templates/yoo_cloud/js/template.js | 200 OK Content-Length: 1168 Content-Type: application/x-javascript | clean |
http://elvio.net.br/templates/yoo_cloud/warp/js/search.js | 200 OK Content-Length: 4080 Content-Type: application/x-javascript | clean |
http://www.google.com/jsapi?key=ABQIAAAA_BpgOkczCb6ZB5K3J0klchRLSACP8v950kN6twGynSvDj-aT4BRueBKYjVcYG2lP- GQuP78i_ZVPvw | 200 OK Content-Length: 24634 Content-Type: text/javascript | clean |
http://elvio.net.br/modules/mod_pgt_rssscroller/pgt_rssscroller.js | 200 OK Content-Length: 11790 Content-Type: application/x-javascript | clean |
http://elvio.net.br/index.php/calendario/month.calendar/2015/03/03/- | 200 OK Content-Length: 30166 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=elvio.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://elvio.net.br/
Result: elvio.net.br is not infected or malware details are not published yet.
Result: elvio.net.br is not infected or malware details are not published yet.