Scanned pages/files
Request | Server response | Status |
http://alamoreservations.info/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 29 Sep 2014 18:03:41 GMT Location: http://Alamo.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://alamo.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:03:41 GMT Location: https://www.alamo.com/ Server: Apache Vary: Accept-Encoding Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.alamo.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:03:42 GMT Location: https://www.alamo.com/en_US/car-rental/home.html Server: Apache Vary: Accept-Encoding Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: Rental-alamo_com=650583306.14370.0000; path=/ Set-Cookie: TLTSID=1C39632C585C6650F0D1A7D95D8C44EA;path=/;domain=www.alamo.com; Set-Cookie: TLTUID=F876FDA8E07D92EC71261E64842E4C78;expires=Sat, 21-May-2016 18:03:42 GMT;path=/;domain=www.alamo.com; | clean |
https://www.alamo.com/en_us/car-rental/home.html | 404 Not Found Content-Length: 41376 Content-Type: text/html | clean |
https://www.alamo.com/etc/designs/common/clientlibs_31163/init.min.js | 200 OK Content-Length: 101 Content-Type: application/javascript | clean |
http://alamoreservations.info/etc/designs/common/clientlibs_31163/jqueryOld.min.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 29 Sep 2014 18:03:47 GMT Location: http://Alamo.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://alamo.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:03:48 GMT Location: https://www.alamo.com/test404page.js Server: Apache Vary: Accept-Encoding Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.alamo.com/test404page.js | 404 Not Found Content-Length: 16479 Content-Type: text/html | clean |
https://www.alamo.com/etc/designs/common/clientlibs_31163/jqueryOld.min.js | 200 OK Content-Length: 302436 Content-Type: application/javascript | clean |
http://alamo.com/etc/clientlibs/granite/clientlibrarymanager.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:03:53 GMT Location: https://www.alamo.com/etc/clientlibs/granite/clientlibrarymanager.min.js Server: Apache Vary: Accept-Encoding Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.alamo.com/etc/clientlibs/granite/clientlibrarymanager.min.js | 200 OK Content-Length: 6478 Content-Type: application/javascript | clean |
http://alamo.com/etc/designs/common/clientlibs_31163/tealeaf.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:03:54 GMT Location: https://www.alamo.com/etc/designs/common/clientlibs_31163/tealeaf.min.js Server: Apache Vary: Accept-Encoding Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.alamo.com/etc/designs/common/clientlibs_31163/tealeaf.min.js | 200 OK Content-Length: 59314 Content-Type: application/javascript | clean |
http://alamo.com//libs.coremetrics.com/eluminate.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:03:56 GMT Location: https://www.alamo.com/libs.coremetrics.com/eluminate.js/ Server: Apache Vary: Accept-Encoding Content-Length: 264 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.alamo.com/libs.coremetrics.com/eluminate.js/ | 404 Not Found Content-Length: 16479 Content-Type: text/html | clean |
https://www.alamo.com//libs.coremetrics.com/eluminate.js/ | 404 Not Found Content-Length: 16479 Content-Type: text/html | clean |
https://www.alamo.com/en_US/tourSite/checkin.html | 200 OK Content-Length: 28047 Content-Type: text/html | clean |
https://www.alamo.com/en_US/tourSite/ | 403 Forbidden Content-Length: 344 Content-Type: text/html | clean |
http://www.alamo.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 18:04:02 GMT Location: https://www.alamo.com/test404page.js Server: Apache Vary: Accept-Encoding Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.alamo.com/en_US/tourSite.html | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Sep 2014 18:04:02 GMT Location: /content/alamo/en_US/tourSite/home Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html;charset=utf-8 Set-Cookie: loc=US%7Cen_US%7C%7C; Expires=Tue, 29 Sep 2015 18:04:02 GMT; Path=/; Set-Cookie: JSESSIONID=dee86b09-d1c4-4118-a937-3a3f05fdd536; Path=/; HttpOnly; Secure; HttpOnly Set-Cookie: Rental-alamo_com=734469386.14370.0000; path=/; HttpOnly Set-Cookie: TLTSID=264C620AEB54DFF2381D9E0BB4AC8A23;path=/;domain=www.alamo.com;; Set-Cookie: TLTUID=986785BC7BF947FC50FB50B76BB5FB10;expires=Sat, 21-May-2016 18:04:02 GMT;path=/;domain=www.alamo.com;; | clean |
https://www.alamo.com/content/alamo/en_us/toursite/home | 404 Not Found Content-Length: 41390 Content-Type: text/html | clean |
https://www.alamo.com/en_US/car-rental/home.html | 200 OK Content-Length: 134911 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://4332627.fls.doubleclick.net/activityi;src=4332627;type=alamospa;cat=alamo407;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
https://www.alamo.com/en_US/car-rental/ | 403 Forbidden Content-Length: 346 Content-Type: text/html | clean |
https://www.alamo.com/en_US/car-rental/insider.html | 200 OK Content-Length: 80061 Content-Type: text/html | clean |
https://www.alamo.com/en_US/modals/forgot-username.modal.html | 200 OK Content-Length: 4416 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: alamoreservations.info
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 29 Sep 2014 18:03:41 GMT
Location: http://Alamo.com
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: alamoreservations.info
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 29 Sep 2014 18:03:41 GMT
Location: http://Alamo.com
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: alamoreservations.info
Referer: http://www.google.com/search?q=alamoreservations.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: alamoreservations.info
Referer: http://www.google.com/search?q=alamoreservations.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=alamoreservations.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://alamoreservations.info/
Result: alamoreservations.info is not infected or malware details are not published yet.
Result: alamoreservations.info is not infected or malware details are not published yet.