Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: faiza.fr
Result:
GET / HTTP/1.1
Host: faiza.fr
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: faiza.fr
Referer: http://www.google.com/search?q=faiza.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: faiza.fr
Referer: http://www.google.com/search?q=faiza.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.faiza.fr/ | 200 OK Content-Length: 34950 Content-Type: text/html | clean |
http://www.faiza.fr/core/admin/index.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 18 Dec 2014 05:24:33 GMT Pragma: no-cache Location: auth.php Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: 60gpBAK=R1224197954; path=/; expires=Thu, 18-Dec-2014 06:41:36 GMT Set-Cookie: 60gp=R2337315551; path=/; expires=Thu, 18-Dec-2014 06:43:35 GMT Set-Cookie: PHPSESSID=26baf626ccd8addfa003412b04e0d544; path=/ X-Powered-By: PHP/5.4.34 | clean |
http://www.faiza.fr/core/admin/auth.php | 200 OK Content-Length: 1516 Content-Type: text/html | clean |
http://www.faiza.fr/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 18 Dec 2014 05:24:33 GMT Location: http:index.php?4-erreur-404 Server: Apache Vary: Accept-Encoding Content-Length: 211 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: 60gpBAK=R1224225179; path=/; expires=Thu, 18-Dec-2014 06:25:05 GMT Set-Cookie: 60gp=R477231239; path=/; expires=Thu, 18-Dec-2014 06:26:04 GMT | clean |
http:index.php?4-erreur-404/ | 500 No Host option provided Content-Length: 85 Content-Type: text/plain | clean |
http:///test404page.js | 500 No Host option provided Content-Length: 85 Content-Type: text/plain | clean |
http://www.faiza.fr/zenphoto/zp-core/index.php | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 18 Dec 2014 05:24:33 GMT Location: admin.php Server: Apache Vary: Accept-Encoding Content-Type: text/html Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Thu, 18-Dec-2014 06:41:36 GMT Set-Cookie: 60gp=R2337315551; path=/; expires=Thu, 18-Dec-2014 06:34:55 GMT X-Powered-By: PHP/5.4.34 | clean |
http://www.faiza.fr/zenphoto/zp-core/admin.php | 200 OK Content-Length: 1389 Content-Type: text/html | clean |
http://www.faiza.fr/zenphoto/zp-core/js/prototype.js | 200 OK Content-Length: 61894 Content-Type: application/javascript | clean |
http://www.faiza.fr/zenphoto/zp-core/js/prototype.tooltip.js | 200 OK Content-Length: 4073 Content-Type: application/javascript | clean |
http://www.faiza.fr/zenphoto/zp-core/js/admin.js | 200 OK Content-Length: 10269 Content-Type: application/javascript | clean |
http://www.faiza.fr/zenphoto | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 05:24:34 GMT Location: http://www.faiza.fr/zenphoto/ Server: Apache Vary: Accept-Encoding Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: 60gpBAK=R1224191420; path=/; expires=Thu, 18-Dec-2014 06:40:52 GMT Set-Cookie: 60gp=R477231239; path=/; expires=Thu, 18-Dec-2014 06:43:35 GMT | clean |
http://www.faiza.fr/zenphoto/ | 200 OK Content-Length: 4867 Content-Type: text/html | clean |
http://www.faiza.fr/zenphoto/zp-core/js/scripts-common.js | 200 OK Content-Length: 215 Content-Type: application/javascript | clean |
http://www.faiza.fr/index.php?contact=contact | 200 OK Content-Length: 6894 Content-Type: text/html | clean |
http://www.faiza.fr/core/plugins/gc_contact/js/valid_email.js | 200 OK Content-Length: 2821 Content-Type: application/javascript | clean |
http://www.faiza.fr/index.php?8-jean-daniel-guillou | 200 OK Content-Length: 10012 Content-Type: text/html | clean |
http://www.faiza.fr/?001/Reportages | 200 OK Content-Length: 35037 Content-Type: text/html | clean |
http://www.faiza.fr/?001/?001/Reportages | 200 OK Content-Length: 35025 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=faiza.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://faiza.fr/
Result: faiza.fr is not infected or malware details are not published yet.
Result: faiza.fr is not infected or malware details are not published yet.