See: http://safeweb.norton.com/report/show?url=http%3A%2F%2Fwww.arcor.de
and also nothing on VT
Sucuri has: Hidden Iframes.
Details: http://sucuri.net/malware/entry/MW:IFRAME:HD202 in -www.arcor.de/dsl
-dslshop.vodafone.de/eshop/consumer/97494464/0/1/asb.html suspicious
[suspicious:2] (ipaddr:145.253.32.90) (iframe) -dslshop.vodafone.de/eshop/consumer/97494464/0/1/asb.html
status: (referer=-www.arcor.de/dsl)saved 44986 bytes c47319e7ce6628a4d62965eea9050a1fc11403ed
zombie activity there?
Also given here: http://siteinspector.comodo.com/public/recent_detections/38157?type=1
status high risk page

polonus

Not sure how this Norton scan works…

but i think i will trust Sucuri, and the vodafone redirect can also be seen at wepawet

Wepawet
http://wepawet.iseclab.org/view.php?hash=a63f89301a0db940134663063ea207db&t=1323210672&type=js

I would also go for the sucuri verdict, allthough urlquery gives it as safe:
http://urlquery.net/report.php?id=10805
I have attached what I detected via a bad iFrame detektor scan,

polonus

I think the URL must have been infected for some time before you see it at urlQuery ?

I do not know what resources they use in their scans, but unmasked parasites flags it:
This page seems to be
1 hidden external link found.

I have SafeWeb on my XP installation that has NIS 2011 installed. Was not impressed at all with it. Most of its rating data is either incomplete or not accurate.

I have found W.O.T. to be the best. However on my WIN 7 installation, it kept crashing IE8. I suspected Avast’s web shield or MBAM Pro was interfering with it. Also I never fully trusted it since I know it dials home with usage data. So I unistalled it.

Hi DonZ63,

WOT as a web rep is as good as the user database given in. They have a large participation.
I also like M86Security Secure Browsing and BitDefender Trafficlight as web rep link checkers.
DrWeb URL checker is as good as its database, but is going to improve when the new engine, now being beta tested comes in. Sucuri free scan is a great way to scan websites especially for malcode infectations, Comodo’s Siteinspector is also as good as the database, also misses out detections.
URLVoid scans, do not have all PUP and riskware detections. So you have to know what scanners to mix to come to the right final conslusion on a suspicious page. MD5 hashes may help, ip and url searches for malware domain resources and viruswatch and migration info may also help.
As I do this now for quite some time, together with user friends like Pondus, Asyn, Dim@rik, spg SCOTT etc etc. URL malware scanning is a rather complicated business.
And our forum member spg SCOTT has often said that you can only really verify if you analyze the code on a site yourself via Malzilla malcode browser or at jsunpack for instance. But doing that you have to be security savvy enough not to get infected (leave the avast shields on under all circumstances), use a VM or sandboxed environment and use script blocking like NotScripts or NoScript and know where to open up a link or just when not to click it). Then always present what you find as a worked over image file (this cannot infect) or make links non-click-through like hxtp -http wxw or -www and feel safer,

polonus

Thanks for the info. I’ll check them out.

I agree, Norton Safe Web is not very accurate, and it cannot be relied on most of the time.