See: https://www.virustotal.com/nl/url/49b9554165d18b62b0eff6cd4a96bce167dd4efbc5b2c6ce07b8e1c325d0489c/analysis/1398112075/
only Viruswatch to flag as unknown_html
Completely missed here: http://quttera.com/detailed_report/mobillist.com & http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fmobillist.com
& http://urlquery.net/report.php?id=1398114193033
kraken’s Virus Tracker also missed as mobillist dot com,188.132.153.90,ns2 dot annerehberi dot net,Parked/expired,
But site has iFrame check: Suspicious

<iframe width="'+osize[0]+'" scrolling="no" height="'+osize[1]+'" frameborder="0" src="'+osrc[i]+'" style="margin:0;padd Javascript check: Suspicious var adv_iframe = document.createelement('iframe'); adv_iframe.classname = "adv_iframe"; adv_iframe.scrolling = "no"; adv_iframe.border = "0"... Included scripts: Suspect - please check list for unknown includes

Suspicious Script:
-mobillist.com/ana_dosyalar/loader_v2.js
document.createelement(‘iframe’); s.iframe.setattribute(‘frameborder’,‘0’); s.iframe.setattribute(‘marginheight’,‘0’); s.iframe.set
Suspicious Script:
-mobillist.com/ana_dosyalar/loader_v2.js
document.createelement(‘iframe’); s.iframe.setattribute(‘frameborder’,‘0’); s.iframe.setattribute(‘marginheight’,‘0’); s.iframe.set
Suspicious Script:
-mobillist.com/ana_dosyalar/loader_v2.js
document.createelement(‘iframe’); s.iframe.setattribute(‘frameborder’,‘0’); s.iframe.setattribute(‘marginheight’,‘0’); s.iframe.set
Suspicious Script:
-mobillist.com/ana_dosyalar/loader_v2.js
document.createelement(‘iframe’); s.iframe.setattribute(‘frameborder’,‘0’); s.iframe.setattribute(‘marginheight’,‘0’); s.iframe.set

Moreover various dns issues → http://dnscheck.pingdom.com/?domain=mobillist.com&timestamp=1398114359&view=1

Why site is not being alerted? There are various insecurities found up here: https://asafaweb.com/Scan?Url=mobillist.com
as custom errors fail and excessive headers warning and clickjacking warning

Of the major website scanners only zuluZscaler did not let me down here: http://zulu.zscaler.com/submission/show/4cbd94aeb7eb9d03a0aaa6b4390b501d-1398114791
external links like this flagged, confirmed here: http://urlquery.net/report.php?id=1396304407029

Verdict: site is 100/100% malicious!

polonus

VirusTotal
https://www.virustotal.com/en/file/784ccbf90447da450191b6d47c102ab794e540a313569e4fff1021302969b0e6/analysis/1398116492/

the first red link from Zulu
https://www.virustotal.com/en/file/137d7f3878caea39f25265d0eeeee79b0898eda0c1f7548e8d8e990aed5ce1b1/analysis/1398116672/

second
https://www.virustotal.com/en/file/301e97d8ffa4891c70c9958a9f294ad708f1b0fc479f02ad80657acdbe824a84/analysis/1398116796/

Thank you Pondus. I mailed the above sitre report to virus@avast.com for adding to detection.

Also this javascript was found on above analyzed site: http://adserver.reklamstore.com/reklamstore.js

Read about the unphp results here: http://www.unphp.net/decode/21601afbf73791ea20f6f2f2a789cc85/

These scan results here aren’t encouraging: https://asafaweb.com/Scan?Url=adserver.reklamstore.com%2Freklamstore.js
Custom errors: Fail - Stack trace: Fail - Excessive Headers warning and Clickjacking warning flagged!
Stack traces are used during the development process to provide verbose information when a server error occurs. This information can be leveraged to exploit the application as it discloses potentially sensitive information about the internal implementation of the website. Custom errors should be used to keep this information from view. Site Potentially Harmful. Site Likely Compromised. Blacklisted by Sucuri’s/
for source → http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fadserver.reklamstore.com%2Freklamstore.js&useragent=Fetch+useragent&accept_encoding=
given as benign here: http://urlquery.net/report.php?id=1398118318665

polonus