See: Up(nil): LACNIC BR abuse at nrserver dot net 187.108.192.99 to 187.108.192.99 lcristalhotel.com dot br
Detected: https://www.virustotal.com/nl/url/abd1b487ee4b418921bb5590fa71f1fc2f68662f73fbf548e2729afd19952211/analysis/1390491770/
blacklisted as PHISH - server redirect → Code: 404, Content cannot be read
Excessive header info spread to the world and potential attackers: apache/2.2.25 (unix) mod_ssl/2.2.25 openssl/1.0.0-fips dav/2 svn/1.5.0 mod_auth_passthrough/2.1 mod_bwlimited/1.4 frontpage/5.0.2.2635 mod_wsgi/3.2 python/2.6.6 mod_perl/2.0.6 perl/v5.10.1

Blacklisted and likely compromised: http://sitecheck.sucuri.net/results/www.lcristalhotel.com.br/tmp/securyt/webpps/pps6/index2.html
Found to be suspicious page: http://app.webinspector.com/public/reports/19648593 (PHISHING alert from Google)
PHISH up or dead? → http://support.clean-mx.de/clean-mx/phishing.php?id=3870238
a 100% here: http://www.phishtank.com/phish_detail.php?phish_id=2244135 → classification server: wXw.lcristalhotel.com.br,Ghosted,

pol