Scanned pages/files
| Request | Server response | Status |
http://espace-voyage.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 06 May 2014 08:11:23 GMT Location: http://www.espace-voyage.com/ Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.13 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.espace-voyage.com/xmlrpc.php X-Powered-By: PHP/5.2.13 | clean |
http://www.espace-voyage.com/ | 200 OK Content-Length: 19833 Content-Type: text/html | clean |
http://www.espace-voyage.com/wp-content/themes/traveller/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://www.espace-voyage.com/wp-content/themes/traveller/js/easySlider1.5.js | 200 OK Content-Length: 4410 Content-Type: application/javascript | clean |
http://www.espace-voyage.com/wp-content/themes/traveller/js/hoverintent.js | 200 OK Content-Length: 1609 Content-Type: application/javascript | clean |
http://www.espace-voyage.com/wp-content/themes/traveller/js/superfish.js | 200 OK Content-Length: 3707 Content-Type: application/javascript | clean |
http://www.espace-voyage.com/wp-content/themes/traveller/js/script.js | 200 OK Content-Length: 1485 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $("#slider").easySlider({ controlsBefore: '<p id="controls">', controlsAfter: '</p>', auto: true, continuous: true }); $("ul.sf-menu").superfish({ autoArrows: false, delay: 400, animation: {opacity:'show',height:'show'}, speed: 'fast', autoArrows: false, dropShadows: false var a = $(this).children('a'); var aClass = a.attr('rel'); if (thisaClass == aClass) { $('.'+aClass).show(); a.attr('class','active'); } else { $('.'+aClass).hide(); a.attr('class',''); } }); return false; }); $('.topnav ul').children('li').each(function() { $(this).children('a').html('<span>'+$(this).children('a').text()+'</span>'); }); }); Antivirus reports:
| ||
http://espace-voyage.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 06 May 2014 08:11:29 GMT Pragma: no-cache Location: http://www.espace-voyage.com/test404page.js Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.13 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.espace-voyage.com/xmlrpc.php X-Powered-By: PHP/5.2.13 | clean |
http://www.espace-voyage.com/test404page.js | 404 Not Found Content-Length: 11476 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/annonces | 200 OK Content-Length: 19934 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/promotions | 200 OK Content-Length: 20231 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/tourisme | 200 OK Content-Length: 20825 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/tourisme/tourisme-au-canada | 200 OK Content-Length: 16116 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/tourisme/tourisme-aux-usa | 200 OK Content-Length: 13670 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/tourisme/tourisme-dans-les-iles | 200 OK Content-Length: 20574 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/tourisme/tourisme-en-afrique | 200 OK Content-Length: 20548 Content-Type: text/html | clean |
http://www.espace-voyage.com/category/tourisme/tourisme-en-amerique-du-sud | 200 OK Content-Length: 20258 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: espace-voyage.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 06 May 2014 08:11:23 GMT
Location: http://www.espace-voyage.com/
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.13
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.espace-voyage.com/xmlrpc.php
X-Powered-By: PHP/5.2.13
...0 bytes of data.
GET / HTTP/1.1
Host: espace-voyage.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 06 May 2014 08:11:23 GMT
Location: http://www.espace-voyage.com/
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.13
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.espace-voyage.com/xmlrpc.php
X-Powered-By: PHP/5.2.13
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: espace-voyage.com
Referer: http://www.google.com/search?q=espace-voyage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: espace-voyage.com
Referer: http://www.google.com/search?q=espace-voyage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=espace-voyage.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://espace-voyage.com/
Result: espace-voyage.com is not infected or malware details are not published yet.
Result: espace-voyage.com is not infected or malware details are not published yet.