Invalid SSL certificate for website, DROWn attack vulnerable!

Viruses and worms
1

Invalid SSL Certificate. DROWn vulnerable: https://test.drownattack.com/?site=http%3A%2F%2Fwww.cvyolla.com
and http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fwww.cvyolla.com
Nameserver also DROWn vulnerable: https://test.drownattack.com/?site=dns2.doruk.net.tr
It looks like a cookie is being set without the “HttpOnly” flag being set (name : value):

PHPSESSID : bglci40v1dmceru9hr4q12lop2
Unless the cookie legitimately needs to be read by JavaScript on the client, the “HttpOnly” flag should always be set to ensure it cannot be read by the client and used in an XSS attack.
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.cvyolla.com

Parallel Plesk Panel site: http://212.58.7.71/ + http://toolbar.netcraft.com/site_report?url=http://212.58.7.71
4 problems for domain: http://mxtoolbox.com/domain/www.cvyolla.com/
For IP see: http://www.malwareurl.com/ns_listing.php?as=AS8685

polonus

polonus