Scanned pages/files
Request | Server response | Status |
http://cocuktiyatrosu.com/ | 200 OK Content-Length: 2038 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/ana_tr.asp | 200 OK Content-Length: 17060 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCKeD By ifactoryx ! ...[4382 bytes skipped]... cellpadding=0 height=250><tr><td bgcolor="#c1d0d0" width=11> </td><td bgcolor="#c1d0d0" width=521 background="img/yatay.gif"> </td><td bgcolor="#c1d0d0" width=10> </td></tr><tr><td bgcolor="#c1d0d0" width=11 background="img/dikey.gif" height=455> </td><td width=520 height=455 valign=top><p align=center>HaCKeD By ifactoryx !</p><div align=center><img src="ana_resim/ana.jpg"></div><p align=left><p align='justify'><html><head><br><title>[+]~HaCKeD By ifactoryx !~[+]</title><br><link rel="shortcut icon" href="http://www.emdd.org/pdf/2.ico"><br><script language="JavaScript"> <br>var numraindrops="150";<br>var speed="5";<br>var rainsize="2";<br>var wind="left";<br>var genxgaller ...[16048 bytes skipped]... | ||
http://newvision.edu.sa/ifcanticlick.js | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
http://newvision.edu.sa//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js/ | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
http://newvision.edu.sa/test404page.js | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/ana_eng.asp | 200 OK Content-Length: 5240 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/history.asp | 200 OK Content-Length: 4028 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/aylik.asp | 200 OK Content-Length: 12696 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/tarihce.asp | 200 OK Content-Length: 5613 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/ozet.asp | 200 OK Content-Length: 4689 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/atolye.asp | 200 OK Content-Length: 7314 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/urunler.asp | 200 OK Content-Length: 4561 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/animasyon.asp | 200 OK Content-Length: 4505 Content-Type: text/html | clean |
http://cocuktiyatrosu.com/drama.asp | 200 OK Content-Length: 12954 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cocuktiyatrosu.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 15 Jul 2015 23:04:04 GMT
Server: Microsoft-IIS/6.0
Content-Length: 2038
Content-Type: text/html
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: ASPSESSIONIDCAACRQTS=DDJDHDHDJPNNFDBGFAJJBMHB; path=/
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...2038 bytes of data.
GET / HTTP/1.1
Host: cocuktiyatrosu.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 15 Jul 2015 23:04:04 GMT
Server: Microsoft-IIS/6.0
Content-Length: 2038
Content-Type: text/html
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: ASPSESSIONIDCAACRQTS=DDJDHDHDJPNNFDBGFAJJBMHB; path=/
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...2038 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cocuktiyatrosu.com
Referer: http://www.google.com/search?q=cocuktiyatrosu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cocuktiyatrosu.com
Referer: http://www.google.com/search?q=cocuktiyatrosu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cocuktiyatrosu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cocuktiyatrosu.com/
Result: cocuktiyatrosu.com is not infected or malware details are not published yet.
Result: cocuktiyatrosu.com is not infected or malware details are not published yet.