Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: woodoo.com.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 12:03:47 GMT
Accept-Ranges: bytes
ETag: "129c665-320b-4ff842cba1080"
Server: Apache
Content-Length: 12811
Content-Type: text/html
Last-Modified: Thu, 31 Jul 2014 21:44:18 GMT
...12811 bytes of data.
GET / HTTP/1.1
Host: woodoo.com.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 12:03:47 GMT
Accept-Ranges: bytes
ETag: "129c665-320b-4ff842cba1080"
Server: Apache
Content-Length: 12811
Content-Type: text/html
Last-Modified: Thu, 31 Jul 2014 21:44:18 GMT
...12811 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: woodoo.com.br
Referer: http://www.google.com/search?q=woodoo.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: woodoo.com.br
Referer: http://www.google.com/search?q=woodoo.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://woodoo.com.br/ | 200 OK Content-Length: 12811 Content-Type: text/html | clean |
http://woodoo.com.br/_assets/js/vendor/html5shiv.js | 200 OK Content-Length: 9342 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/js/vendor/modernizr-2.6.2.min.js | 200 OK Content-Length: 15414 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/js/vendor/jquery-1.8.3.min.js | 200 OK Content-Length: 93636 Content-Type: application/x-javascript | clean |
http://code.jquery.com/ui/1.10.2/jquery-ui.js | 200 OK Content-Length: 67160 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/js/greensock/TweenMax.min.js | 200 OK Content-Length: 83592 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/js/plugins.js | 200 OK Content-Length: 590 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/js/main.js | 200 OK Content-Length: 13767 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/source/jquery.fancybox.js?v=2.1.5 | 200 OK Content-Length: 48706 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/source/helpers/jquery.fancybox-buttons.js?v=1.0.5 | 200 OK Content-Length: 3041 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/source/helpers/jquery.fancybox-thumbs.js?v=1.0.7 | 200 OK Content-Length: 3836 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/_assets/source/helpers/jquery.fancybox-media.js?v=1.0.6 | 200 OK Content-Length: 5305 Content-Type: application/x-javascript | clean |
http://woodoo.com.br/timeline/portobrasil.php | 200 OK Content-Length: 353 Content-Type: text/html | clean |
http://woodoo.com.br/test404page.js | 404 Not Found Content-Length: 1020 Content-Type: text/html | clean |
http://woodoo.com.br/timeline/romanzza.php | 200 OK Content-Length: 426 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=woodoo.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://woodoo.com.br/
Result: woodoo.com.br is not infected or malware details are not published yet.
Result: woodoo.com.br is not infected or malware details are not published yet.