Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://siddhababa.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: siddhababa.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Tue, 29 Apr 2014 07:42:01 GMT Location: http://costslaid.com/cgi-bin/r.cgi?p=10003&i=2b831773&j=333&m=43e954c91e87003d85feaac2a1346f38&h=siddhababa.com&u=/&q=&t=20140429034201 Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.6 Perl/v5.8.8 Content-Length: 563 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: xccgtswgokoe=1; path=/; domain=siddhababa.com; expires=Tue, 06-May-2014 07:42:01 GMT | malicious |
Scanned pages/files
Request | Server response | Status |
http://siddhababa.com/ | 200 OK Content-Length: 18367 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked By Nofawkx Al ...[10692 bytes skipped]... ; <li> <a href='index.php?linkId=82' title='Authority Certificate' class='listmenu'> :: Authority Certificate</a> </li> </ul> </li> <li> <a href='index.php?linkId=53' title='Vacancies' class='listmenu'> :: Vacancies</a> </li> <li> <a href='files/download/troll3d.html' title='HaCked By Nofawkx Al'>HaCked By Nofawkx Al (Download)</a> </li> <li> <a href='index.php?linkId=63' title='Training & Instruction' class='listmenu'> :: Training & Instruction</a> </li> <li> <a href='index.php?linkId=64' title='Requirement' class='listmenu'> :: Requirement</a> </li> <li> <a href='index.php?linkId=65' title='Assoicated Overseas Ag ...[11713 bytes skipped]... | ||
http://siddhababa.com/js/jquery-1.2.6.min.js | 200 OK Content-Length: 55774 Content-Type: application/javascript | clean |
http://siddhababa.com/js/superfish.js | 200 OK Content-Length: 3710 Content-Type: application/javascript | clean |
http://siddhababa.com/js/hoverIntent.js | 200 OK Content-Length: 3174 Content-Type: application/javascript | clean |
http://siddhababa.com/js/jquery-1.3.2.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://siddhababa.com/js/jquery.cycle.all.2.72.js | 200 OK Content-Length: 42938 Content-Type: application/javascript | clean |
http://siddhababa.com/js/jquery.easing.1.1.1.js | 200 OK Content-Length: 3424 Content-Type: application/javascript | clean |
http://siddhababa.com/index.php | 200 OK Content-Length: 18367 Content-Type: text/html | clean |
http://siddhababa.com/index.php?linkId=8 | 200 OK Content-Length: 16755 Content-Type: text/html | clean |
http://siddhababa.com/index.php?linkId=9 | 200 OK Content-Length: 16739 Content-Type: text/html | clean |
http://siddhababa.com/index.php?action=feedback | 200 OK Content-Length: 17199 Content-Type: text/html | clean |
http://siddhababa.com/index.php?linkId=52 | 200 OK Content-Length: 15478 Content-Type: text/html | clean |
http://siddhababa.com/index.php?linkId=54 | 200 OK Content-Length: 16839 Content-Type: text/html | clean |
http://siddhababa.com/index.php?action=postresume | 200 OK Content-Length: 70909 Content-Type: text/html | clean |
http://siddhababa.com/datetimepicker.js | 200 OK Content-Length: 13907 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=siddhababa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://siddhababa.com/
Result: siddhababa.com is not infected or malware details are not published yet.
Result: siddhababa.com is not infected or malware details are not published yet.