Scanned pages/files
Request | Server response | Status |
http://puuaa.com/ | 200 OK Content-Length: 86396 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY AYYILDIZ TEAM | SESSIZCE NÃÂBETTEYIZ! ...[55759 bytes skipped]... ¸äººæ' target="_blank" href="/40668/"> ææ¨æå¨ ç§å,å¿«æäºæ天æ¸å¾å¾ç»¼åwww7x_aiai444æ人ç½æ§æ ä¸äººæ</a></li> <li> <div class="litpic"> <a title='HACKED BY AYYILDIZ TEAM | SESSIZCE NÃÂBETTEYIZ!' href='/40556/' target="_blank"> <img src='/Uploads/201505/36/thumb_YT0N96.jpg' border='0' width='120' height='160' alt='HACKED BY AYYILDIZ TEAM | SESSIZCE NÃÂBETTEYIZ!'></a></div> <a title='HACKED BY AYYILDIZ TEAM | SESSIZCE NÃÂBETTEYIZ!' target="_blank" href="/40556/"> HACKED BY AYYILDIZ TEAM ...[40329 bytes skipped]... | ||
http://puuaa.com/_templates/default/js/jquery-1.6.3.min.js | 200 OK Content-Length: 91626 Content-Type: application/x-javascript | clean |
http://puuaa.com/_templates/default/js/flash.js | 200 OK Content-Length: 3910 Content-Type: application/x-javascript | clean |
http://puuaa.com/js/ads/top.js | 200 OK Content-Length: 191 Content-Type: application/x-javascript | clean |
http://puuaa.com/js/ads/menubanner.js | 200 OK Content-Length: 3 Content-Type: application/x-javascript | clean |
http://puuaa.com/js/common/count.js | 200 OK Content-Length: 581 Content-Type: application/x-javascript | clean |
http://puuaa.com/renyudongwu/ | 200 OK Content-Length: 37990 Content-Type: text/html | clean |
http://puuaa.com/haoleavcom/ | 200 OK Content-Length: 40023 Content-Type: text/html | clean |
http://puuaa.com/www777mecom/ | 200 OK Content-Length: 35072 Content-Type: text/html | clean |
http://puuaa.com/4444kkcom/ | 200 OK Content-Length: 39276 Content-Type: text/html | clean |
http://puuaa.com/sifangdianying/ | 200 OK Content-Length: 37300 Content-Type: text/html | clean |
http://puuaa.com/42138/ | 200 OK Content-Length: 16911 Content-Type: text/html | clean |
http://puuaa.com/js/common/count.aspx?id=42138 | 200 OK Content-Length: 20 Content-Type: text/html | clean |
http://puuaa.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://puuaa.com/42056/ | 200 OK Content-Length: 16180 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: puuaa.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 02 Aug 2015 11:54:15 GMT
Server: Microsoft-IIS/7.5
Content-Length: 86396
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...86396 bytes of data.
GET / HTTP/1.1
Host: puuaa.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 02 Aug 2015 11:54:15 GMT
Server: Microsoft-IIS/7.5
Content-Length: 86396
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...86396 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: puuaa.com
Referer: http://www.google.com/search?q=puuaa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: puuaa.com
Referer: http://www.google.com/search?q=puuaa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=puuaa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://puuaa.com/
Result: puuaa.com is not infected or malware details are not published yet.
Result: puuaa.com is not infected or malware details are not published yet.