Scanned pages/files
| Request | Server response | Status |
http://cgadda.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Sat, 19 Sep 2015 00:11:27 GMT Age: 2 Location: http://www.cgadda.com/ Server: ATS/5.0.1 Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Set-Cookie: BX=ajcncmtavpa1f&b=3&s=3g; expires=Tue, 19-Sep-2017 00:11:28 GMT; path=/; domain=.cgadda.com X-Pingback: http://www.cgadda.com/xmlrpc.php | clean |
http://www.cgadda.com/ | 200 OK Content-Length: 2703 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By RedHaT <html></head>
<title>Hacked By RedHaT</title> <head><link rel="shortcut icon" href="http://kizilsapkalihackerlar.blogspot.com.tr/favicon.ico"/></head> <body bgcolor="black"> <META http-equiv=content-type content=text/html;charset=utf-8> <center><br><br> </head> <script language="JavaScript"> function none(){ return false; } document.onc ...[3112 bytes skipped]... | ||
http://www.cgadda.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cgadda.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Connection: close
Date: Sat, 19 Sep 2015 00:11:27 GMT
Age: 2
Location: http://www.cgadda.com/
Server: ATS/5.0.1
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=ajcncmtavpa1f&b=3&s=3g; expires=Tue, 19-Sep-2017 00:11:28 GMT; path=/; domain=.cgadda.com
X-Pingback: http://www.cgadda.com/xmlrpc.php
GET / HTTP/1.1
Host: cgadda.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Connection: close
Date: Sat, 19 Sep 2015 00:11:27 GMT
Age: 2
Location: http://www.cgadda.com/
Server: ATS/5.0.1
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=ajcncmtavpa1f&b=3&s=3g; expires=Tue, 19-Sep-2017 00:11:28 GMT; path=/; domain=.cgadda.com
X-Pingback: http://www.cgadda.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: cgadda.com
Referer: http://www.google.com/search?q=cgadda.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cgadda.com
Referer: http://www.google.com/search?q=cgadda.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cgadda.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cgadda.com/
Result: cgadda.com is not infected or malware details are not published yet.
Result: cgadda.com is not infected or malware details are not published yet.