WOT flags: https://www.mywot.com/en/scorecard/balikavifoca.com?utm_source=addon&utm_content=popup
See Dareks67’s report there. See: http://exposure.easyaudit.org/analysis/balikavifoca.com
Source: openphish.com
and missed here: http://wepawet.iseclab.org/view.php?hash=4c123d4696eeaa63f1bb2744dd5df70e&t=1384673162&type=js
listed here: http://comments.gmane.org/gmane.comp.security.phishings/15633
See: https://www.virustotal.com/en/url/9cef5658eb8178bd7ccd59ac784669e2bcc1772e95466ae7e3ef4f7ba1d01181/analysis/
See: http://quttera.com/detailed_report/balikavifoca.com
Suspicious files 2: -/balik-avi-teknemiz-foca.html
Severity: Suspicious
Reason: Detected suspicious function call.
Details: Detected suspicious PHP call: system
Offset: 1281
-/balik-avi-teknemiz-foca.html
Severity: Suspicious
Reason: Detected suspicious function call.
Details: Detected suspicious PHP call: system
Offset: 1277
[[" /> <script type="\\text/javascript" src="\\/media/system/js/mootools.js\\"></script> <script type="t]]
Potentially suspicious file:
plugins/content/mavikthumbnails/highslide/highslide-with-gallery.packed.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method eval __tmpvar1884118180 = eval;
Threat dump: See attached …
Threat dump MD5: 3A58C1D400B1D80A457906C1F55BF50D
Retirable code (zipfile for later reference and take down): Detected libraries:
jquery - 1.7.1 : -http://balikavifoca.com/language/css/jquery.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
1 vulnerable library detected
See where it is landing: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fbalikavifoca.com%2Flanguage%2Fcss%2Fjquery.js
You should not enter confidential information on this website.
polonus