Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ecoledelongle.fr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ecoledelongle.fr/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Dec 2014 04:47:22 GMT Location: http://www.ecoledelongle.fr/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Set-Cookie: 60gpBAK=R1224196865; path=/; expires=Mon, 29-Dec-2014 05:46:57 GMT Set-Cookie: 60gpD=R637364186; path=/; Max-Age=900 X-Pingback: http://www.ecoledelongle.fr/xmlrpc.php X-Powered-By: PHP/5.4.34 | clean |
http://www.ecoledelongle.fr/ | 200 OK Content-Length: 22713 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://google.com <iframe src="http://google.com" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> | ||
https://ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js?ver=1.6.0 | 200 OK Content-Length: 90518 Content-Type: text/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/dmslider/js/jquery.easing.1.3.js?ver=1.3 | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/scripts/jquery.prettyPhoto.js?ver=3.1.2 | 200 OK Content-Length: 23653 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/scripts/gallery.js?ver=1.0.0 | 200 OK Content-Length: 4797 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/scripts/superfish.js?ver=1.4.8 | 200 OK Content-Length: 3713 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/scripts/effects.js?ver=1.0 | 200 OK Content-Length: 4105 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/scripts/twitter-rss-with-rt.js?ver=1.0 | 200 OK Content-Length: 3333 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/dmslider/jquery.dmslider.min.js?ver=1.0 | 200 OK Content-Length: 6354 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/dmslider/js/jquery.backgroundposition.js?ver=1.2.2 | 200 OK Content-Length: 2058 Content-Type: application/javascript | clean |
http://www.ecoledelongle.fr/wp-content/themes/touchsense/scripts/jquery.nivo.slider.pack.js?ver=2.5.2 | 200 OK Content-Length: 17627 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){var NivoSlider=function(element,options){var settings=$.extend({},$.fn.nivoSlider.defaults,options);var vars={currentSlide:0,currentImage:'',totalSlides:0,randAnim:'',running:false,paused:false,stop:false};var slider=$(element);slider.data('nivo:vars',vars);slider.css('position','relative');slider.addClass('nivoSlider');var kids=slider.children();kids.each(function(){var child=$(this);var link='';if(!child.is('img')){if(child.is('a')){child.addClass('nivo-imageLink Antivirus reports:
| ||
http://ecoledelongle.uht.net/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.44.0-2013.09.15 | 200 OK Content-Length: 14701 Content-Type: application/javascript | clean |
http://ecoledelongle.uht.net/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.5.3 | 200 OK Content-Length: 8326 Content-Type: application/javascript | clean |
http://ecoledelongle.fr/formations | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Dec 2014 04:47:26 GMT Location: http://www.ecoledelongle.fr/formations/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Set-Cookie: 60gpBAK=R1224225179; path=/; expires=Mon, 29-Dec-2014 06:02:23 GMT Set-Cookie: 60gpD=R637364186; path=/; Max-Age=900 X-Pingback: http://www.ecoledelongle.fr/xmlrpc.php X-Powered-By: PHP/5.4.34 | clean |
http://www.ecoledelongle.fr/formations/ | 200 OK Content-Length: 24655 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://google.com <iframe src="http://google.com" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> | ||
http://www.ecoledelongle.fr/formations/integrale-pack-100-poses/ | 200 OK Content-Length: 25755 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://google.com <iframe src="http://google.com" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ecoledelongle.fr
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 29 Dec 2014 04:47:22 GMT
Location: http://www.ecoledelongle.fr/
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: 60gpBAK=R1224196865; path=/; expires=Mon, 29-Dec-2014 05:46:57 GMT
Set-Cookie: 60gpD=R637364186; path=/; Max-Age=900
X-Pingback: http://www.ecoledelongle.fr/xmlrpc.php
X-Powered-By: PHP/5.4.34
GET / HTTP/1.1
Host: ecoledelongle.fr
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 29 Dec 2014 04:47:22 GMT
Location: http://www.ecoledelongle.fr/
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: 60gpBAK=R1224196865; path=/; expires=Mon, 29-Dec-2014 05:46:57 GMT
Set-Cookie: 60gpD=R637364186; path=/; Max-Age=900
X-Pingback: http://www.ecoledelongle.fr/xmlrpc.php
X-Powered-By: PHP/5.4.34
Second query (visit from search engine):
GET / HTTP/1.1
Host: ecoledelongle.fr
Referer: http://www.google.com/search?q=ecoledelongle.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ecoledelongle.fr
Referer: http://www.google.com/search?q=ecoledelongle.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.