Scanned pages/files
| Request | Server response | Status |
http://www.ensinas.com.br/ | 200 OK Content-Length: 14573 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by MAD $CI3NTI$T ...[154 bytes skipped]... com/i5n0pw.gif" type="image/x-icon"><title>H_c____b_MAD_$CI3NTI$T</title></head> <body ondragstart="return false" onselectstart="return false" onload="init()" oncontextmenu="return false" onkeydown="return false"> <script language="JavaScript"> function tb5_makeArray(n){ this.length = n; return this.length; } tb5_messages = new tb5_makeArray(5); tb5_messages[0] = "Hacked by MAD $CI3NTI$T"; tb5_messages[1] = "Hacked by MAD $CI3NTI$T"; tb5_messages[2] = "Hacked by MAD $CI3NTI$T"; tb5_messages[3] = "Hacked by MAD $CI3NTI$T"; tb5_messages[4] = "Hacked by MAD $CI3NTI$T"; tb5_messages[5] = "Hacked by MAD $CI3NTI$T"; tb5_messages[6] = "Hacked by MAD $CI3NTI$T"; tb5_messages[7] = "Hacked by MAD $CI3NTI$T"; tb5_rptType = 'infinite'; tb5_rptNbr = 10; tb5_speed = 50; tb5_delay = 2000; var tb5_counter=1; var tb5_currMsg=0; var tb5_stsmsg=""; function tb5_shuffle ...[14495 bytes skipped]... | ||
http://www.ensinas.com.br/Hac_e_%20___E_r_us%20_hilker_files/swfobject_modified.htm | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Jun 2015 04:35:03 GMT Location: http://www.ensinas.com.br/Hac_e_%20___E_r_us%20_hilker_files/swfobject_modified.htm/ Server: nginx/1.8.0 Content-Type: text/html; charset=UTF-8 X-Cacheable: YES X-Pingback: http://www.ensinas.com.br/xmlrpc.php X-Served-From-Cache: Yes | clean |
http://www.ensinas.com.br/hac_e_%20___e_r_us%20_hilker_files/swfobject_modified.htm/ | 200 OK Content-Length: 48843 Content-Type: text/html | clean |
http://www.ensinas.com.br/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/plugins/progress-bar/js/wppb_animate.js?ver=3.5.1 | 200 OK Content-Length: 217 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/css_browser_selector.js?ver=3.5.1 | 200 OK Content-Length: 1321 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/jquery.easing.1.3.js?ver=3.5.1 | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger//js/jquery.pikachoose.js?ver=3.5.1 | 200 OK Content-Length: 25458 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger//js/royalslider.min.js?ver=3.5.1 | 200 OK Content-Length: 50003 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/jquery.flexslider-min.js?ver=3.5.1 | 200 OK Content-Length: 16808 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/cycle.js?ver=3.5.1 | 200 OK Content-Length: 31539 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/easypaginate.min.js?ver=3.5.1 | 200 OK Content-Length: 1510 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/jquery.color.js?ver=3.5.1 | 200 OK Content-Length: 16229 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/jquery.form.js?ver=3.5.1 | 200 OK Content-Length: 31710 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/jquery.tools.min.js?ver=3.5.1 | 200 OK Content-Length: 5993 Content-Type: application/javascript | clean |
http://www.ensinas.com.br/wp-content/themes/superchanger/js/jquery.prettyPhoto.js?ver=3.5.1 | 200 OK Content-Length: 23508 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ensinas.com.br
Result:
GET / HTTP/1.1
Host: ensinas.com.br
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ensinas.com.br
Referer: http://www.google.com/search?q=ensinas.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ensinas.com.br
Referer: http://www.google.com/search?q=ensinas.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ensinas.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ensinas.com.br/
Result: ensinas.com.br is not infected or malware details are not published yet.
Result: ensinas.com.br is not infected or malware details are not published yet.