Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://bizimyerimiz.org/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: bizimyerimiz.org Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 04:50:23 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://trustedrxmedicalshop.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: trustedrxmedicalshop.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:24 GMT Location: http://ultradoctors.com Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.28 | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://bizimyerimiz.org/ | 200 OK Content-Length: 27082 Content-Type: text/html | clean |
http://bizimyerimiz.org/templates/jv_dilo/js/jv.script.js.php | 200 OK Content-Length: 77946 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools={version:'1.11'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'||type=='function'){switch(obj.constructor){case Array:return'array';case RegExp:return'regexp';case Class:return'class';} if(typeof obj.le { if(!str || typeof str != 'string') return null; return str.replace(/^[\s]+/,'').replace(/[\s]+$/,'').replace(/[\s]{2,}/,' '); } function hide_nocontent(){ var title = $('jv-maincontent'); if (title) { var titlestring = "a" + trim(title.innerHTML); if (titlestring.length <= 15) { $('mdl-content').setStyle('display','none'); } } } window.addEvent('load', function(){ hide_nocontent(); }); Antivirus reports:
| ||
http://bizimyerimiz.org/media/mod_vinaora_cu3er/js/swfobject/2.2/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
http://bizimyerimiz.org/templates/jv_dilo/jv_menus/jv_moomenu/jv.moomenu.js | 200 OK Content-Length: 3127 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 163628 Content-Type: application/x-javascript | clean |
http://bizimyerimiz.org/anasayfa.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:27 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://trustedrxmedicalshop.com/ | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:27 GMT Location: http://ultradoctors.com Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.28 | clean |
http://ultradoctors.com/ | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://ultradoctors.com/test404page.js | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://bizimyerimiz.org/genel-bakis.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:28 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/genel-bakis/hakkmzda.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:28 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/genel-bakis/iletiim.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:31 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/genel-bakis/basnda-bizimyerimiz.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:31 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/neler-yeni.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:31 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/neler-yeni/yoeresel-yemekler.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:31 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/neler-yeni/zeytinyallar.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/neler-yeni/ordoevr.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/icecekler.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/fotograflar.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/fotograflar/bizimyerimizfotograflar.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/z-defteri.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/duyurular.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-lnn-tarh.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:32 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-fotograflari.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-fotograflari/bursa-fotoraflar-boeluem-1.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-fotograflari/bursa-fotoraflar-boeluem-2.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-fotograflari/bursa-fotoraflar-boeluem-3.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-fotograflari/bursa-fotoraflar-boeluem-4.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-fotograflari/bursa-fotoraflar-boeluem-5.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-mutfa-ve-el-sanatlar.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/bursa-gezi-rehberi/bursa-kent-rehberi.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bizimyerimiz.org/duyurular/61-bizimyerimiz-duyuru-3.html | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 04:50:33 GMT Location: http://trustedrxmedicalshop.com/ Server: nginx Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bizimyerimiz.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bizimyerimiz.org/
Result: bizimyerimiz.org is not infected or malware details are not published yet.
Result: bizimyerimiz.org is not infected or malware details are not published yet.