Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xoops.net.br
Result:
GET / HTTP/1.1
Host: xoops.net.br
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: xoops.net.br
Referer: http://www.google.com/search?q=xoops.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xoops.net.br
Referer: http://www.google.com/search?q=xoops.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.xoops.net.br/ | 200 OK Content-Length: 1643 Content-Type: text/html | clean |
http://www.xoops.net.br//ajax.cloudflare.com/cdn-cgi/nexp/dok3v=dccf16c0cc/appsh.min.js/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.xoops.net.br/test404page.js | 404 Not Found Content-Length: 6693 Content-Type: text/html | clean |
http://www.xoops.net.br//ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache Connection: close Date: Wed, 04 Mar 2015 15:36:36 GMT Pragma: no-cache Via: 1.1 varnish-v4 Age: 0 Location: http://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/ Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 04 Mar 2015 15:36:36 GMT Alternate-Protocol: 80:quic,p=0.08 CF-RAY: 1c1ea851cdce05c3-WAW Set-Cookie: __cfduid=d4bb472a53ccb53666bf3751e1c4f84171425483394; expires=Thu, 03-Mar-16 15:36:34 GMT; path=/; domain=.xoops.net.br; HttpOnly X-Original-Content-Length: 278 X-Page-Speed: 128_2_yq X-Varnish: 12943928 X-XSS-Protection: 1; mode=block | clean |
http://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/ | 404 Not Found Content-Length: 4842 Content-Type: text/html | clean |
http://ajax.cloudflare.com/cdn-cgi/se/javascripts/modernizr.js | 200 OK Content-Length: 7305 Content-Type: application/javascript | clean |
http://www.xoops.net.br//ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/./ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Wed, 04 Mar 2015 15:36:36 GMT Location: http://www.xoops.net.br/ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/ Server: cloudflare-nginx Content-Type: text/html; charset=UTF-8 CF-RAY: 1c1ea85ead240aea-WAW Set-Cookie: __cfduid=d582d5359f60b7e34b89e389d3f138c8a1425483396; expires=Thu, 03-Mar-16 15:36:36 GMT; path=/; domain=.xoops.net.br; HttpOnly | clean |
http://www.xoops.net.br/ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache Connection: close Date: Wed, 04 Mar 2015 15:36:37 GMT Pragma: no-cache Via: 1.1 varnish-v4 Age: 1 Location: http://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=73806ac11c/apps1.min.js/ Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 04 Mar 2015 15:36:37 GMT Alternate-Protocol: 80:quic,p=0.08 CF-RAY: 1c1ea85fbcdf05c3-WAW Set-Cookie: __cfduid=db402ee770078c62d60d43c468c4ade2f1425483397; expires=Thu, 03-Mar-16 15:36:37 GMT; path=/; domain=.xoops.net.br; HttpOnly X-Original-Content-Length: 278 X-Page-Speed: 128_2_yq X-Varnish: 3834625 12943929 X-XSS-Protection: 1; mode=block | clean |
http://ajax.cloudflare.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=14400 Connection: close Date: Wed, 04 Mar 2015 15:36:37 GMT Location: http://www.cloudflare.com/test404page.js Server: cloudflare-nginx Content-Type: text/html Expires: Wed, 04 Mar 2015 19:36:37 GMT CF-Cache-Status: EXPIRED CF-RAY: 1c1ea86239f00aea-WAW Set-Cookie: __cfduid=d33872e386d1a4facb5ca6747b1a80fe81425483397; expires=Thu, 03-Mar-16 15:36:37 GMT; path=/; domain=.cloudflare.com; HttpOnly | clean |
http://www.cloudflare.com/test404page.js | 404 Not Found Content-Length: 178 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xoops.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xoops.net.br/
Result: xoops.net.br is not infected or malware details are not published yet.
Result: xoops.net.br is not infected or malware details are not published yet.