Scanned pages/files
| Request | Server response | Status |
http://redacaonotadez.com.br/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 22 Oct 2015 10:21:27 GMT Location: http://www.redacaonotadez.com.br/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php | clean |
http://www.redacaonotadez.com.br/ | 200 OK Content-Length: 31418 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by d3b~X ...[1871 bytes skipped]... }.wpcf7-display-none{display:none}div.wpcf7 img.ajax-loader{border:none;vertical-align:middle;margin-left:4px}div.wpcf7 div.ajax-error{display:none}div.wpcf7 .placeheld{color:#888}</style> <link rel=stylesheet id=rs-settings-css href='wp-content/plugins/revslider/rs-plugin/css/A.settings.css,qver=4.1.8.pagespeed.cf.Ed3h-Pw9a6.css' type='text/css' media=all /> <style id=rs-captions-css media=all>Hacked by d3b~X</style> <script type='text/javascript' src='wp-includes/js/jquery/jquery.js,qver=1.11.1.pagespeed.jm.z9hb-Gxqf6.js'></script> <script src="wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.2.1+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_widget.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_accordion.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_tabs.min.js,qver==1.11.2+wp-content,_plugins,_indonez ...[31982 bytes skipped]... | ||
http://www.redacaonotadez.com.br/wp-includes/js/jquery/jquery.js,qver=1.11.1.pagespeed.jm.z9hb-Gxqf6.js | 200 OK Content-Length: 95719 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.2.1+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_widget.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_accordion.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_tabs.min.js,qver==1.11.2+wp-content,_plugins,_indonez-shortcodes,_js,_indonez-shortcodes-lib.js,qver==4.1.8.pagespeed.jc.QLY0BsZn5W.js | 200 OK Content-Length: 40450 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.1.8 | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js | 200 OK Content-Length: 92629 Content-Type: text/javascript | clean |
http://redacaonotadez.com.br/wp-content/plugins/indonez-shortcodes,_,_js,_jquery.carouFredSel-6.2.1-packed.js,qver==4.1.8+indonez-shortcodes,_,_js,_masonry.min.js,qver==4.1.8+indonez-shortcodes,_,_js,_jquery.gmap.min.js,qver==4.1.8+indonez-shortcodes,_,_js,_jquery.donutchart.js,qver==4.1.8+contact-form-7,_includes,_js,_jquery.form.min.js,qver==3.51.0-2014.06.20.pagespeed.jc.lW_DLugHRx.js | 200 OK Content-Length: 82767 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js,qver=4.1.2.pagespeed.jm.AyPX16hTOE.js | 200 OK Content-Length: 9377 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/como-funciona/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 22 Oct 2015 10:21:35 GMT Location: http://www.redacaonotadez.com.br/como-funciona/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php | clean |
http://www.redacaonotadez.com.br/como-funciona/ | 200 OK Content-Length: 26293 Content-Type: text/html | clean |
http://www.redacaonotadez.com.br/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.2.1+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_widget.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_accordion.min.js,qver==1.11.2+wp-includes,_js,_jquery,_ui,_tabs.min.js,qver==1.11.2+wp-content,_plugins,_indonez-shortcodes,_js,_indonez-shortcodes-lib.js,qver==4.1.8.pagespeed.jc.QLY0BsZn5W.js | 200 OK Content-Length: 40450 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/entenda-o-programa/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 22 Oct 2015 10:21:39 GMT Location: http://www.redacaonotadez.com.br/entenda-o-programa/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php | clean |
http://www.redacaonotadez.com.br/entenda-o-programa/ | 200 OK Content-Length: 26412 Content-Type: text/html | clean |
http://www.redacaonotadez.com.br/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.1.8 | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/equipe/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 22 Oct 2015 10:21:42 GMT Location: http://www.redacaonotadez.com.br/equipe/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php | clean |
http://www.redacaonotadez.com.br/equipe/ | 200 OK Content-Length: 24956 Content-Type: text/html | clean |
http://www.redacaonotadez.com.br/wp-content/plugins/indonez-shortcodes,_,_js,_jquery.carouFredSel-6.2.1-packed.js,qver==4.1.8+indonez-shortcodes,_,_js,_masonry.min.js,qver==4.1.8+indonez-shortcodes,_,_js,_jquery.gmap.min.js,qver==4.1.8+indonez-shortcodes,_,_js,_jquery.donutchart.js,qver==4.1.8+contact-form-7,_includes,_js,_jquery.form.min.js,qver==3.51.0-2014.06.20.pagespeed.jc.lW_DLugHRx.js | 200 OK Content-Length: 82767 Content-Type: application/javascript | clean |
http://redacaonotadez.com.br/o-pagamento/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 22 Oct 2015 10:21:46 GMT Location: http://www.redacaonotadez.com.br/o-pagamento/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php | clean |
http://www.redacaonotadez.com.br/o-pagamento/ | 200 OK Content-Length: 24840 Content-Type: text/html | clean |
http://www.redacaonotadez.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js,qver=4.1.2.pagespeed.jm.AyPX16hTOE.js | 200 OK Content-Length: 9377 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: redacaonotadez.com.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 22 Oct 2015 10:21:27 GMT
Location: http://www.redacaonotadez.com.br/
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php
GET / HTTP/1.1
Host: redacaonotadez.com.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 22 Oct 2015 10:21:27 GMT
Location: http://www.redacaonotadez.com.br/
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.redacaonotadez.com.br/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: redacaonotadez.com.br
Referer: http://www.google.com/search?q=redacaonotadez.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: redacaonotadez.com.br
Referer: http://www.google.com/search?q=redacaonotadez.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=redacaonotadez.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://redacaonotadez.com.br/
Result: redacaonotadez.com.br is not infected or malware details are not published yet.
Result: redacaonotadez.com.br is not infected or malware details are not published yet.