Scanned pages/files
Request | Server response | Status |
http://telcoamerica.com/ | 200 OK Content-Length: 388 Content-Type: text/html | clean |
http://telcoamerica.com/.htpasswds/ | 200 OK Content-Length: 285 Content-Type: text/html | clean |
http://telcoamerica.com/test404page.js | 404 Not Found Content-Length: 397 Content-Type: text/html | clean |
http://telcoamerica.com/cgi-bin/ | 403 Forbidden Content-Length: 395 Content-Type: text/html | clean |
http://telcoamerica.com/pagina/ | 200 OK Content-Length: 321 Content-Type: text/html | clean |
http://telcoamerica.com/pagina/.ftpquota | 200 OK Content-Length: 4 Content-Type: text/plain | clean |
http://telcoamerica.com/w.htm | 200 OK Content-Length: 4441 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: [ HaCked bY w4l3XzY3 | ATTaCker Form NiGeriA | Email: w4l3xzy3@hoTmail.com ] <html><title>[ HaCked bY w4l3XzY3 | ATTaCker Form NiGeriA | Email: w4l3xzy3@hoTmail.com ]</title><link rel="SHORTCUT
ICON" href=""> <meta name="description" content="[ HaCked bY w4l3XzY3 | ATTaCker Form NiGeriA | Email: w4l3xzy3@hoTmail.com ]"> <meta name="keywords" content="[ HaCked bY w4l3XzY3 | ATTaCker Form NiGeriA | Email: w4l3xzy3@hoTmail.com ]"> <body oncontextmenu='return false;' onkeydown='return false;' onmousedown='return fal ...[5237 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: telcoamerica.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 31 Jan 2015 22:32:02 GMT
Server: Apache
Content-Length: 388
Content-Type: text/html;charset=ISO-8859-1
...388 bytes of data.
GET / HTTP/1.1
Host: telcoamerica.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 31 Jan 2015 22:32:02 GMT
Server: Apache
Content-Length: 388
Content-Type: text/html;charset=ISO-8859-1
...388 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: telcoamerica.com
Referer: http://www.google.com/search?q=telcoamerica.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: telcoamerica.com
Referer: http://www.google.com/search?q=telcoamerica.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=telcoamerica.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://telcoamerica.com/
Result: telcoamerica.com is not infected or malware details are not published yet.
Result: telcoamerica.com is not infected or malware details are not published yet.