Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: geoplan.net.br
Result:
HTTP/1.1 200 OK
Date: Sun, 01 Mar 2015 03:29:24 GMT
Accept-Ranges: bytes
ETag: "136d79ffb7f2cf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 86598
Content-Type: text/html
Last-Modified: Tue, 28 Oct 2014 14:03:49 GMT
X-Powered-By: ASP.NET
...86598 bytes of data.
GET / HTTP/1.1
Host: geoplan.net.br
Result:
HTTP/1.1 200 OK
Date: Sun, 01 Mar 2015 03:29:24 GMT
Accept-Ranges: bytes
ETag: "136d79ffb7f2cf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 86598
Content-Type: text/html
Last-Modified: Tue, 28 Oct 2014 14:03:49 GMT
X-Powered-By: ASP.NET
...86598 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: geoplan.net.br
Referer: http://www.google.com/search?q=geoplan.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: geoplan.net.br
Referer: http://www.google.com/search?q=geoplan.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://geoplan.net.br/ | 200 OK Content-Length: 86598 Content-Type: text/html | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryDOMUtils.js | 200 OK Content-Length: 29611 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryDOMEffects.js | 200 OK Content-Length: 12361 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryWidget.js | 200 OK Content-Length: 22230 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryPanelSet.js | 200 OK Content-Length: 8675 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryFadingPanels.js | 200 OK Content-Length: 5866 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryImageLoader.js | 200 OK Content-Length: 3945 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/SpryImageSlideShow.js | 200 OK Content-Length: 22981 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/Spry-UI-1.7/includes/plugins/ImageSlideShow/SpryPanAndZoomPlugin.js | 200 OK Content-Length: 8072 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/YUI/2.8.2r1/build/yahoo-dom-event/yahoo-dom-event.js | 200 OK Content-Length: 36977 Content-Type: application/x-javascript | clean |
http://geoplan.net.br/YUI/2.8.2r1/build/calendar/calendar-min.js | 200 OK Content-Length: 69695 Content-Type: application/x-javascript | clean |
http://jc.revolvermaps.com/r.js | 200 OK Content-Length: 2365 Content-Type: application/javascript | clean |
http://geoplan.net.br/imagens/foto01.jpg | 200 OK Content-Length: 131215 Content-Type: image/jpeg | clean |
http://geoplan.net.br/test404page.js | 404 Not Found Content-Length: 5200 Content-Type: text/html | clean |
http://geoplan.net.br/imagens/foto02.jpg | 200 OK Content-Length: 220174 Content-Type: image/jpeg | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=geoplan.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://geoplan.net.br/
Result: geoplan.net.br is not infected or malware details are not published yet.
Result: geoplan.net.br is not infected or malware details are not published yet.