Scanned pages/files
Request | Server response | Status |
http://turquiaya.com/ | 200 OK Content-Length: 45522 Content-Type: text/html | clean |
http://turquiaya.com/menu/menu_ya.js | 200 OK Content-Length: 9891 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) menunum=0;menus=new Array();_d=document;function addmenu(){menunum++;menus[menunum]=menu;}function dumpmenus(){mt="<script language=javascript>";for(a=1;a<menus.length;a++){mt+=" menu"+a+"=menus["+a+"];"}mt+="<\/script>";_d.write(mt)} effect = "" timegap=500 followspeed=5 followrate=40 suboffset_top=10; suboffset_left=10; Frames_Top_Offset=5 Frames_Left_Offset=110 style1=[ "white", "990000", "black", Antivirus reports:
| ||
http://turquiaya.com/menu/mmenu.js | 200 OK Content-Length: 27915 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) Mtimer=setTimeout("sis()",9999);_d=document;smc=-1;MLoaded=0; ns4=(_d.layers)?true:false ns6=(navigator.userAgent.indexOf("Gecko")!=-1)?true:false mac=(navigator.appVersion.indexOf("Mac")!=-1)?true:false mac45=(navigator.appVersion.indexOf("MSIE 4.5")!=-1)?true:false if(ns6||ns4)mac=false opera=(navigator.userAgent.indexOf("Opera")!=-1)?true:false ns61=(parseInt(navigator.productSub)>=20010726)?true:false ie4=(!_d.getElementById&&_d.all)?t Antivirus reports:
| ||
http://turquiaya.com/haber/haber.js | 200 OK Content-Length: 3654 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var pause_for = 10000 var speed = 3 var scrollerwidth= 260 var scrollerheight= 220 var scrollerbackground= 'news_back.jpg' var messages=new Array() messages[0]=" <font face='Verdana, Arial' size='1'> <font color=990000>SOLO ESTANCIA……….HOTELES EN ESTAMBUL </font> <br> <font face='Verdana, Arial' size='1'> <font color=990000><BR>Hotel Arena (Casa otomana)<BR>Hotel Hali (Cate Antivirus reports:
| ||
http://turquiaya.com/haber/diff_function.js | 404 Not Found Content-Length: 463 Content-Type: text/html | clean |
http://turquiaya.com/test404page.js | 404 Not Found Content-Length: 455 Content-Type: text/html | clean |
http://sm5.sitemeter.com/js/counter.js?site=sm5siteturquiaya | HTTP/1.1 302 Redirect Date: Sun, 05 Oct 2014 00:32:33 GMT Location: http://sm5.sitemeter.com/js/counter.asp?site=sm5siteturquiaya Server: Microsoft-IIS/6.0 Content-Length: 184 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://sm5.sitemeter.com/js/counter.asp?site=sm5siteturquiaya | 200 OK Content-Length: 7567 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: turquiaya.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 00:32:30 GMT
Accept-Ranges: bytes
ETag: "3d0418-b1d2-485612130a280"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8o DAV/2 PHP/5.3.25
Vary: Accept-Encoding,User-Agent
Content-Length: 45522
Content-Type: text/html
Last-Modified: Thu, 29 Apr 2010 14:42:02 GMT
...45522 bytes of data.
GET / HTTP/1.1
Host: turquiaya.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 00:32:30 GMT
Accept-Ranges: bytes
ETag: "3d0418-b1d2-485612130a280"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8o DAV/2 PHP/5.3.25
Vary: Accept-Encoding,User-Agent
Content-Length: 45522
Content-Type: text/html
Last-Modified: Thu, 29 Apr 2010 14:42:02 GMT
...45522 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: turquiaya.com
Referer: http://www.google.com/search?q=turquiaya.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: turquiaya.com
Referer: http://www.google.com/search?q=turquiaya.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=turquiaya.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://turquiaya.com/
Result: turquiaya.com is not infected or malware details are not published yet.
Result: turquiaya.com is not infected or malware details are not published yet.