Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webmail.uff.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webmail.uff.br/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://webmail.uff.br/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Connection: close Location: https://webmail.uff.br/ Content-Length: 0 | clean |
https://webmail.uff.br/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 02 Oct 2014 10:16:46 GMT Pragma: no-cache Location: https://webmail.uff.br/login.php Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: UFF=qveh5prtvs7vol9763bbdigrh7; path=/; domain=webmail.uff.br X-Powered-By: PHP/5.3.10-1ubuntu3.14 | clean |
https://webmail.uff.br/login.php | 200 OK Content-Length: 3804 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.uff.br ...[1138 bytes skipped]... 8,f:3.6,o:10.1,s:4,n:9}} $buoop.ol = window.onload; window.onload=function(){ try {if ($buoop.ol) $buoop.ol();}catch (e) {} var e = document.createElement("script"); e.setAttribute("type", "text/javascript"); e.setAttribute("src", "https://webmail.uff.br/js/update-browser.js"); document.body.appendChild(e); } </script> <!-- <div id="barragov"> <a href="http://www.uff.br" target="_blank"> <div id="barragov_left"></div> </a> <a href="http://www.acessoainformacao.gov.br/" target="_blank"> <div id="barragov_acesso"></div> </a> <a href="http://www.brasil.gov.br/" target="_blank"> <div id="barragov_right"></div> </a> </div> <div id="bannermail"> <div id="bannermail_center"></div> < ...[2802 bytes skipped]... | ||
https://webmail.uff.br/services/cache.php?cache=js%2Fcid%3D633b5982307353cd81119b53f65a8f8c | 200 OK Content-Length: 163314 Content-Type: text/js | clean |
https://webmail.uff.br/services/ | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=N;O=D | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=N;O=A | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=M;O=A | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=M;O=D | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=S;O=A | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=S;O=D | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=D;O=A | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/?C=D;O=D | 200 OK Content-Length: 5540 Content-Type: text/html | clean |
https://webmail.uff.br/services/twitter/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 02 Oct 2014 10:17:00 GMT Pragma: no-cache Location: /login.php?url=https%3A%2F%2Fwebmail.uff.br%2Fservices%2Ftwitter%2F%3Fu%3D2103834053542d261c941a2&horde_logout_token=VC0mHPaIs-qjcs3abHNaY0M8WDY5IxouwNmhWUZFkAYL0WbPXpQ&app=horde Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: UFF=sc9v0oo30p8040tvo0vpr3o1c6; path=/; domain=webmail.uff.br Set-Cookie: auth_key=sc9v0oo30p8040tvo0vpr3o1c6; path=/; domain=webmail.uff.br X-Powered-By: PHP/5.3.10-1ubuntu3.14 | clean |
https://webmail.uff.br/login.php?url=https%3a%2f%2fwebmail.uff.br%2fservices%2ftwitter%2f%3fu%3d2103834053542d261c941a2&horde_logout_token=vc0mhpais-qjcs3abhnay0m8wdy5ixouwnmhwuzfkayl0wbpxpq&app=horde | 200 OK Content-Length: 3875 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.uff.br ...[1138 bytes skipped]... 8,f:3.6,o:10.1,s:4,n:9}} $buoop.ol = window.onload; window.onload=function(){ try {if ($buoop.ol) $buoop.ol();}catch (e) {} var e = document.createElement("script"); e.setAttribute("type", "text/javascript"); e.setAttribute("src", "https://webmail.uff.br/js/update-browser.js"); document.body.appendChild(e); } </script> <!-- <div id="barragov"> <a href="http://www.uff.br" target="_blank"> <div id="barragov_left"></div> </a> <a href="http://www.acessoainformacao.gov.br/" target="_blank"> <div id="barragov_acesso"></div> </a> <a href="http://www.brasil.gov.br/" target="_blank"> <div id="barragov_right"></div> </a> </div> <div id="bannermail"> <div id="bannermail_center"></div> < ...[2873 bytes skipped]... | ||
https://webmail.uff.br/services/cache.php?cache=js%2Fcid%3D58f533e31b065fdd8c3c1b387d96de36 | 200 OK Content-Length: 3438 Content-Type: text/js | clean |
http://webmail.uff.br/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Connection: close Location: https://webmail.uff.br/test404page.js Content-Length: 0 | clean |
https://webmail.uff.br/test404page.js | 404 Not Found Content-Length: 293 Content-Type: text/html | clean |
https://webmail.uff.br/services/snooze.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 02 Oct 2014 10:17:05 GMT Pragma: no-cache Location: /login.php?url=https%3A%2F%2Fwebmail.uff.br%2Fservices%2Fsnooze.php%3Fu%3D383371437542d26214ec2f&horde_logout_token=VC0mIem146amVCkZDbhz5e0LT9zgjuzjh-_fbPxRwakg_3IPAK4&app=horde Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: UFF=ib72htrlj0maq1gd3ehiqd2n86; path=/; domain=webmail.uff.br Set-Cookie: auth_key=ib72htrlj0maq1gd3ehiqd2n86; path=/; domain=webmail.uff.br X-Powered-By: PHP/5.3.10-1ubuntu3.14 | clean |
https://webmail.uff.br/login.php?url=https%3a%2f%2fwebmail.uff.br%2fservices%2fsnooze.php%3fu%3d383371437542d26214ec2f&horde_logout_token=vc0miem146amvckzdbhz5e0lt9zgjuzjh-_fbpxrwakg_3ipak4&app=horde | 200 OK Content-Length: 3875 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.uff.br ...[1138 bytes skipped]... 8,f:3.6,o:10.1,s:4,n:9}} $buoop.ol = window.onload; window.onload=function(){ try {if ($buoop.ol) $buoop.ol();}catch (e) {} var e = document.createElement("script"); e.setAttribute("type", "text/javascript"); e.setAttribute("src", "https://webmail.uff.br/js/update-browser.js"); document.body.appendChild(e); } </script> <!-- <div id="barragov"> <a href="http://www.uff.br" target="_blank"> <div id="barragov_left"></div> </a> <a href="http://www.acessoainformacao.gov.br/" target="_blank"> <div id="barragov_acesso"></div> </a> <a href="http://www.brasil.gov.br/" target="_blank"> <div id="barragov_right"></div> </a> </div> <div id="bannermail"> <div id="bannermail_center"></div> < ...[2873 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webmail.uff.br
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Connection: close
Location: https://webmail.uff.br/
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: webmail.uff.br
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Connection: close
Location: https://webmail.uff.br/
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: webmail.uff.br
Referer: http://www.google.com/search?q=webmail.uff.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webmail.uff.br
Referer: http://www.google.com/search?q=webmail.uff.br
Result:
The result is similar to the first query. There are no suspicious redirects found.