Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yeninesiloyuncu.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://yeninesiloyuncu.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 05 Sep 2014 01:46:20 GMT Location: http://www.yeninesiloyuncu.com/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.35 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.yeninesiloyuncu.com/xmlrpc.php | clean |
http://www.yeninesiloyuncu.com/ | 200 OK Content-Length: 85636 Content-Type: text/html | clean |
http://www.yeninesiloyuncu.com/wp-content/plugins/jquery-updater/js/jquery-2.0.0.min.js?ver=2.0.0 | 200 OK Content-Length: 83095 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-includes/js/swfobject.js?ver=2.2-20120417 | 200 OK Content-Length: 10231 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/includes/plugins/jnewsticker/media/jnewsticker/newsticker.jquery.js?ver=3.6 | 200 OK Content-Length: 61408 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function( $ ) {
if ( $.fn.on === undefined ) { $.fn.on = function( event, fn ) { this.bind( event, fn ); } } if ( $.fn.off === undefined ) { $.fn.off = function( event, fn ) { return this.unbind( event, fn ); } } $.fn.newsticker = function( options ) { var self = this; self.methods } if ( progress.current.next().length === 0) { progress.boundary = dom.items.first().position().left; } else { progress.boundary = progress.current.next().position().left; } } } } })( jQuery ); Antivirus reports:
| ||
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/includes/sliders/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=3.6 | 200 OK Content-Length: 17128 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/includes/sliders/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.6 | 200 OK Content-Length: 56013 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/jquery.easing-1.3.min.js?ver=3.6 | 200 OK Content-Length: 3443 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/jquery.easing.compatibility.js?ver=3.6 | 200 OK Content-Length: 1783 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/jquery.lavalamp.min.js?ver=3.6 | 200 OK Content-Length: 4378 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/jcarousellite_1.0.1.pack.js?ver=3.6 | 200 OK Content-Length: 2137 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/jquery.prettyPhoto.js?ver=3.6 | 200 OK Content-Length: 36153 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/jquery.tipTip.minified.js?ver=3.6 | 200 OK Content-Length: 5269 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/scrolltopcontrol.js?ver=3.6 | 200 OK Content-Length: 3682 Content-Type: application/javascript | clean |
http://www.yeninesiloyuncu.com/wp-content/themes/Gameleon/js/superfish.js?ver=3.6 | 200 OK Content-Length: 3835 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yeninesiloyuncu.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 05 Sep 2014 01:46:20 GMT
Location: http://www.yeninesiloyuncu.com/
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.35
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.yeninesiloyuncu.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: yeninesiloyuncu.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 05 Sep 2014 01:46:20 GMT
Location: http://www.yeninesiloyuncu.com/
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.35
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.yeninesiloyuncu.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: yeninesiloyuncu.com
Referer: http://www.google.com/search?q=yeninesiloyuncu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yeninesiloyuncu.com
Referer: http://www.google.com/search?q=yeninesiloyuncu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.