Scanned pages/files
| Request | Server response | Status |
http://yclinsaat.com/ | HTTP/1.1 200 OK Date: Fri, 18 Apr 2014 21:17:19 GMT Accept-Ranges: bytes ETag: "7814704f99ccb1:1ceb03" Server: Microsoft-IIS/6.0 Content-Length: 4069 Content-Location: http://yclinsaat.com/Default.htm Content-Type: text/html Last-Modified: Thu, 16 Dec 2010 08:12:44 GMT X-Powered-By: ASP.NET | clean |
http://yclinsaat.com/default.htm | 200 OK Content-Length: 4069 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HAcked by EJDER ;) ...[728 bytes skipped]... m Members</font>: | </font></b> <font face="Calligraph421 BT"><b>S1B3RK4N | </b><strong> Skyr3x | ToLeRaNs | CamBaZ |</strong></font><p align="center"> <strong><font face="Calligraph421 BT">we are Turkish!</font></strong> </html> <center><br><br><font color=green><b>HAcked by EJDER ;)</b></font><br></center> <marquee scrollAmount=10000 width="1" height="6"> <a href="http://www.nflbestjerseys.com/" title="nfl player jerseys on sale">nfl</a> <a href="http://www.hoganscarpecom.com/" title="sale hogan scarpe">hogan scarpe</a> <a href="http://www.hoganscarpecom.com/hogan-interactive-shoes-womens-c-1_3.html" title="hogan donna on sale">hogan donna</a> <a href="http: ...[3405 bytes skipped]... | ||
http://yclinsaat.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yclinsaat.com
Result:
HTTP/1.1 200 OK
Date: Fri, 18 Apr 2014 21:17:19 GMT
Accept-Ranges: bytes
ETag: "7814704f99ccb1:1ceb03"
Server: Microsoft-IIS/6.0
Content-Length: 4069
Content-Location: http://yclinsaat.com/Default.htm
Content-Type: text/html
Last-Modified: Thu, 16 Dec 2010 08:12:44 GMT
X-Powered-By: ASP.NET
...4069 bytes of data.
GET / HTTP/1.1
Host: yclinsaat.com
Result:
HTTP/1.1 200 OK
Date: Fri, 18 Apr 2014 21:17:19 GMT
Accept-Ranges: bytes
ETag: "7814704f99ccb1:1ceb03"
Server: Microsoft-IIS/6.0
Content-Length: 4069
Content-Location: http://yclinsaat.com/Default.htm
Content-Type: text/html
Last-Modified: Thu, 16 Dec 2010 08:12:44 GMT
X-Powered-By: ASP.NET
...4069 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: yclinsaat.com
Referer: http://www.google.com/search?q=yclinsaat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yclinsaat.com
Referer: http://www.google.com/search?q=yclinsaat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yclinsaat.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yclinsaat.com/
Result: yclinsaat.com is not infected or malware details are not published yet.
Result: yclinsaat.com is not infected or malware details are not published yet.