New scan:

Malware Scanner report for world-mobile.com.ua

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://bitly.com/sttmln
311 websites infected.
->http://goo.gl/0rxysb
3271 websites infected.
->http://sh.oowoo.ru/redsh.php
78 websites infected.
->http://almrus.ru/main/99-admin.html
almrus.ru is marked by Google as suspicious.

The website "world-mobile.com.ua" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://world-mobile.com.ua/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: world-mobile.com.ua
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Wed, 10 Sep 2014 16:34:22 GMT
Location: http://bitly.com/STTMlN
Server: Apache/2.2.25 (CentOS)
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
malicious
URL: http://bitly.com/STTMlN
(imitation of visitor from search engine)

GET /STTMlN HTTP/1.1
Host: bitly.com
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 301 Moved Permanently
Cache-Control: private; max-age=90
Connection: close
Date: Wed, 10 Sep 2014 16:34:22 GMT
Location: http://goo.gl/0rXySb
Server: nginx
Content-Length: 112
Content-Type: text/html; charset=utf-8
Mime-Version: 1.0
Set-Cookie: _bit=54107d8e-0031a-0537b-cd1cf10a;domain=.bitly.com;expires=Mon Mar 9 16:34:22 2015;path=/; HttpOnly
malicious
URL: http://goo.gl/0rXySb
(imitation of visitor from search engine)

GET /0rXySb HTTP/1.1
Host: goo.gl
Referer: http://www.google.com/search?q=redirect+check3
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Wed, 10 Sep 2014 16:30:47 GMT
Pragma: no-cache
Age: 215
Location: http://sh.oowoo.ru/redsh.php
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Alternate-Protocol: 80:quic
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
malicious
URL: http://sh.oowoo.ru/redsh.php
(imitation of visitor from search engine)

GET /redsh.php HTTP/1.1
Host: sh.oowoo.ru
Referer: http://www.google.com/search?q=redirect+check4
HTTP/1.1 302 Found
Connection: close
Date: Wed, 10 Sep 2014 16:33:03 GMT
Location: http://almrus.ru/main/99-admin.html
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=CP1251
X-Powered-By: PHP/5.2.17
malicious

Scanned pages/files

RequestServer responseStatus
http://world-mobile.com.ua/
200 OK
Content-Length: 66398
Content-Type: text/html
clean
http://odnaknopka.ru/ok2.js
200 OK
Content-Length: 6105
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function NewOdnaknopka2() {
this.domain=location.href+'/';
this.domain=this.domain.substr(this.domain.indexOf('://')+3);
this.domain=this.domain.substr(0,this.domain.indexOf('/'));
this.location=false;
this.selection=function() {
var sel;
if (window.getSelection) sel=window.getSelection();
else if (document.selection) sel=document.selection.createRange();
else sel='';
if (sel.text) sel=sel.text;
return encodeURIComponent(sel);
}
th
... 3486 bytes are skipped ...
dth="136" height="16" alt="&#1054;&#1076;&#1085;&#1072;&#1050;&#1085;&#1086;&#1087;&#1082;&#1072;" title="&#1054;&#1076;&#1085;&#1072;&#1050;&#1085;&#1086;&#1087;&#1082;&#1072;" style="border:0;margin:0;padding:0" onmouseover="odnaknopka2.show(this);" onmouseout="odnaknopka2.timeout=setTimeout(\'odnaknopka2.hide()\',500);"></a>');
}
}
odnaknopka2=new NewOdnaknopka2();
odnaknopka2.init();

Antivirus reports:

VIPRE
Malware.JS.Generic (JS)

http://world-mobile.com.ua/JsHttpRequest/JsHttpRequest.js
200 OK
Content-Length: 14610
Content-Type: text/javascript
clean
http://a.ava.com.ua/a/showA.js?partner=401&block=971&encoding=windows-1251&limit=8
200 OK
Content-Length: 12970
Content-Type: text/javascript
clean
http://world-mobile.com.ua/mobile-news/page-1/
200 OK
Content-Length: 49881
Content-Type: text/html
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 21347
Content-Type: text/javascript
clean
http://world-mobile.com.ua/feedback/
200 OK
Content-Length: 41547
Content-Type: text/html
clean
http://world-mobile.com.ua/glossary/
200 OK
Content-Length: 66227
Content-Type: text/html
clean
http://world-mobile.com.ua/mobile-catalog/
200 OK
Content-Length: 42993
Content-Type: text/html
clean
http://autocontext.begun.ru/autocontext.js
200 OK
Content-Length: 33519
Content-Type: application/x-javascript
clean
http://world-mobile.com.ua/compare-mobile/
200 OK
Content-Length: 51708
Content-Type: text/html
clean
http://world-mobile.com.ua/about/
200 OK
Content-Length: 41356
Content-Type: text/html
clean
http://world-mobile.com.ua/alcatel/
200 OK
Content-Length: 42993
Content-Type: text/html
clean
http://world-mobile.com.ua/all/alcatel/
200 OK
Content-Length: 42238
Content-Type: text/html
clean
http://world-mobile.com.ua/apple/
200 OK
Content-Length: 42993
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=world-mobile.com.ua

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://world-mobile.com.ua/

Result: world-mobile.com.ua is not infected or malware details are not published yet.