New scan:

Malware Scanner report for hexa-repro.fr

Malicious/Suspicious/Total urls checked
1/1/14
2 pages have malicious or suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "hexa-repro.fr" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=hexa-repro.fr

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.hexa-repro.fr/
200 OK
Content-Length: 19247
Content-Type: text/html
suspicious
Page code contains blacklisted domain: hexarepro.fr

...[2773 bytes skipped]...
iv>
</div>
</div>
</div>
<footer class="art-footer">
<div class="art-footer-inner"><div class="art-footer-text">

<p><a href="http://www.hexa-repro.fr/mentions-legales">Mentions Légales</a> | <a href="http://www.hexa-repro.fr/conditions-generales">Conditions générales</a> | <a href="mailto:contact@hexarepro.fr">Contact</a></p>
<p>Copyright © 2014. Tous Droits Réservés.</p>

</div>
</div>
</footer>

</div>

<div id="wp-footer">
<script type='text/javascript' src='http://www.hexa-repro.fr/wp-includes/js/comment-reply.min.js?ver=4.0'></script>
<script type='text/javascript' src='http://www.hexa-repro.fr/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.
...[1005 bytes skipped]...

http://www.hexa-repro.fr/wp-content/themes/TEST07/jquery.js?ver=4.0
200 OK
Content-Length: 92629
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/themes/TEST07/jquery-migrate-1.1.1.js?ver=4.0
200 OK
Content-Length: 16174
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function( jQuery, window, undefined ) {
var warnedAbout = {};
jQuery.migrateWarnings = [];
jQuery.migrateMute = true;
if ( !jQuery.migrateMute && window.console && console.log ) {
console.log("JQMIGRATE: Logging is active");
}
if ( jQuery.migrateTrace === undefined ) {
jQuery.migrateTrace = true;
}
jQuery.migrateReset = function() {
warnedAbout = {};
jQuery.migrateWarnings.length = 0;
};
function migrateWarn( msg) {
... 3562 bytes are skipped ...
elem !== document ) {
jQuery.event.add( document, name + "." + jQuery.guid, function() {
jQuery.event.trigger( name, null, elem, true );
});
jQuery._data( this, name, jQuery.guid++ );
}
return false;
},
teardown: function() {
if ( this !== document ) {
jQuery.event.remove( document, name + "." + jQuery._data( this, name ) );
}
return false;
}
};
}
);
})( jQuery, window );

Antivirus reports:

Emsisoft
Gen:Trojan.Heur.KS.4 (B)

http://www.hexa-repro.fr/wp-content/themes/TEST07/script.js?ver=4.0
200 OK
Content-Length: 55041
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/themes/TEST07/script.responsive.js?ver=4.0
200 OK
Content-Length: 21633
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/plugins/slideshow-gallery/js/gallery.js?ver=1.0
200 OK
Content-Length: 6804
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/plugins/slideshow-gallery/js/colorbox.js?ver=1.3.19
200 OK
Content-Length: 28444
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/plugins/promotion-slider/js/promoslider.js?ver=4.0
200 OK
Content-Length: 6837
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-includes/js/comment-reply.min.js?ver=4.0
200 OK
Content-Length: 757
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
200 OK
Content-Length: 15248
Content-Type: application/javascript
clean
http://www.hexa-repro.fr/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3
200 OK
Content-Length: 9658
Content-Type: application/javascript
clean
http://cake-talk.co.uk/api.js
404 Not Found
Content-Length: 964
Content-Type: text/html
clean
http://cake-talk.co.uk/test404page.js
404 Not Found
Content-Length: 964
Content-Type: text/html
clean
http://www.hexa-repro.fr/wp-content/cache/js/static/9fdfb3e9ef835b28cb2a7832004384fe.js
200 OK
Content-Length: 300849
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: hexa-repro.fr

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hexa-repro.fr
Referer: http://www.google.com/search?q=hexa-repro.fr

Result:
The result is similar to the first query. There are no suspicious redirects found.