Scanned pages/files
| Request | Server response | Status |
http://constructionmontreal.ca/ | 200 OK Content-Length: 13646 Content-Type: text/html | clean |
http://constructionmontreal.ca/js/jquery1.7.js | 200 OK Content-Length: 94842 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/js/highlight.js | 200 OK Content-Length: 2023 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/plugins/nivo-slider/jquery.nivo.slider.js | 200 OK Content-Length: 30206 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($) { var NivoSlider = function(element, options){ var settings = $.extend({}, $.fn.nivoSlider.defaults, options); var vars = { currentSlide: 0, currentImage: '', totalSlides: 0, running: false, paused: false, stop: false, controlNavEl: false }; var slider = $(el controlNavThumbs: false, pauseOnHover: false, manualAdvance: false, prevText: 'Prev', nextText: 'Next', randomStart: true, beforeChange: function(){}, afterChange: function(){}, slideshowEnd: function(){}, lastSlide: function(){}, afterLoad: function(){} }; $.fn._reverse = [].reverse; })(jQuery); Antivirus reports:
| ||
http://constructionmontreal.ca/js/jquery.colorbox.js | 200 OK Content-Length: 25509 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/js/validationEmployment.js | 200 OK Content-Length: 7888 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/js/validateContact.js | 200 OK Content-Length: 2291 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/plugins/lightbox/js/jquery.lightbox-0.5.js | 200 OK Content-Length: 19616 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/js/jquery.featureList-1.0.0.js | 200 OK Content-Length: 1803 Content-Type: application/javascript | clean |
http://constructionmontreal.ca/index.php | 200 OK Content-Length: 13646 Content-Type: text/html | clean |
http://constructionmontreal.ca/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: constructionmontreal.ca
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Sep 2014 13:34:27 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.4.26
GET / HTTP/1.1
Host: constructionmontreal.ca
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Sep 2014 13:34:27 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.4.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: constructionmontreal.ca
Referer: http://www.google.com/search?q=constructionmontreal.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: constructionmontreal.ca
Referer: http://www.google.com/search?q=constructionmontreal.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=constructionmontreal.ca
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://constructionmontreal.ca/
Result: constructionmontreal.ca is not infected or malware details are not published yet.
Result: constructionmontreal.ca is not infected or malware details are not published yet.