See: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=yatagandh.saglik.gov.tr&ref_sel=GSP2&ua_sel=ff&fs=1
subdomain-defacement - 2017-10-15 08:25:10 Turkey AS42926 Radore Veri Merkezi Hizmetleri A.S. 46.45.136.115 htxp://www.yatagandh.gov.tr ifactoryx
iFrame:

-> http://toolbar.netcraft.com/site_report?url=http://212.175.172.213 Fail and two warnings: https://asafaweb.com/Scan?Url=212.175.172.213 See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fyatagandh.saglik.gov.tr%2F error

[iframe] -widget.sndcdn.com/javascript:0 info: [iframe] -widget.sndcdn.com/{src} info: [decodingLevel=0] found JavaScript suspicious: maxruntime exceeded 10 seconds

and

info: [iframe] -w.soundcloud.com/player/?url=htxps%3A/api.soundcloud.com/tracks/346326656&color=%23ff5500&play=true&related=false&comments=true&user=true&reposts=false&teaser=true&visual=true info: [decodingLevel=0] found JavaScript error: ./pre.js:249: InternalError: too much recursion *

* an indication of suspicious code...

Also consider info here: https://developers.soundcloud.com/docs/api/html5-widget

F-grade status on the defaced website

Update: defacement is now being cleansed…getting a 403 now.

polonus (volunteer website security analyst and website error-hunter)

Interesting background link for that code - with that iFrame insertion mentioned :
Re: -hxtps://code.sololearn.com/WZe4sWTl19rg/#html
Suspicious

-code.sololearn.com/bundles/jquery?v=yMmPM1TxecYcoWtCWW3jYgH0fr9kiAasOfb-W5I001A1 benign
[nothing detected] (script) -code.sololearn.com/bundles/jquery?v=yMmPM1TxecYcoWtCWW3jYgH0fr9kiAasOfb-W5I001A1
status: (referer=-code.sololearn.com/WZe4sWTl19rg/#html)saved 84194 bytes 8e9e0c2c1257f6691a79cacc0b8936e0976dc2b8
file: 8e9e0c2c1257f6691a79cacc0b8936e0976dc2b8: 84194 bytes (script) -cdnjs.cloudflare.com/ajax/libs/ace/1.2.2/ace.js
status: (referer=code.sololearn.com/WZe4sWTl19rg/#html)saved 347010 bytes e4a57a2ddcb1325b600b23c6b7fccdeadd0d4a98
-s7.addthis.com/js/300/widget.js#pubid=ra-5720d15c98e6f544
info: [decodingLevel=0] found JavaScript
error: undefined variable m - from -ajaxorg.github.io/ace-builds/src/ext-tools.js
(referer=-code.sololearn.com/WZe4sWTl19rg/#html)saved 356563 bytes 12fb3b97a3308b429c6ef44cb8e6a52875e7d85f
info: [iframe] -s7.addthis.com/js/300/javascript:
info: [img] -ssl.gstatic.com/images/icons/gplus-
info: [iframe] http
info: [decodingLevel=0] found JavaScript
suspicious: maxruntime exceeded 10 seconds

Above were 3rd party check results performed against a generic javascript unpacker (pol)

polonus (volunteer website security analyst and website error-hunter)