Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: excellence.net.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Feb 2015 18:07:11 GMT
Accept-Ranges: bytes
ETag: "5de86bc-188-50e9e609bd400"
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 392
Content-Type: text/html
Last-Modified: Mon, 09 Feb 2015 02:17:52 GMT
...392 bytes of data.
GET / HTTP/1.1
Host: excellence.net.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Feb 2015 18:07:11 GMT
Accept-Ranges: bytes
ETag: "5de86bc-188-50e9e609bd400"
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 392
Content-Type: text/html
Last-Modified: Mon, 09 Feb 2015 02:17:52 GMT
...392 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: excellence.net.br
Referer: http://www.google.com/search?q=excellence.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: excellence.net.br
Referer: http://www.google.com/search?q=excellence.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://excellence.net.br/ | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:11 GMT Accept-Ranges: bytes ETag: "5de86bc-188-50e9e609bd400" Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 392 Content-Type: text/html Last-Modified: Mon, 09 Feb 2015 02:17:52 GMT | clean |
http://www.excellence.net.br/novo | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 18:07:12 GMT Location: http://www.excellence.net.br/novo/ Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.excellence.net.br/novo/ | 200 OK Content-Length: 26021 Content-Type: text/html | clean |
http://www.excellence.net.br/novo/../cdnjs.cloudflare.com/ajax/libs/gsap/1.11.8/TweenMax.min.js | 200 OK Content-Length: 95455 Content-Type: application/javascript | clean |
http://excellence.net.br/jquery-1.js | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:15 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
http://www.excellence.net.br/test404page.js | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:16 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
http://excellence.net.br/wp-content/cache/minify/000000/jYxBCsMwDAQ_lFqBfiTQfEBRhVGQ7ES2D-nrSxzoseQ2MDs7Am6bCibiygQqi6MfsJYTC1h-syf5eKBWarZgkoYnrHtjP37wMImOlbsd_z9eRSjkWdUw | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:16 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
http://excellence.net.br/../use.typekit.net/onu2fuu.js | HTTP/1.1 400 Bad Request Connection: close Date: Sat, 28 Feb 2015 18:07:17 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
http://excellence.net.br/jquery.min.js | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:17 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
http://excellence.net.br/jquery.colorbox.js | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:17 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
http://excellence.net.br/wp-content/cache/minify/000000/dYpBEkAwDAA_RKO8KCpIp9pKykx_j5sDs6ed3Q4w58AYHRVyEHgUlApeQZ1wLtpYWARPLnVOsulT_H6QVOM1xdaa4f_IAR2tKUwkanpjbzaOH__bLw.1 | HTTP/1.1 200 OK Connection: close Date: Sat, 28 Feb 2015 18:07:18 GMT Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Type: text/html X-Powered-By: PHP/5.4.36 | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=excellence.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://excellence.net.br/
Result: excellence.net.br is not infected or malware details are not published yet.
Result: excellence.net.br is not infected or malware details are not published yet.