Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=loirobien-rhonealpes.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://loirobien-rhonealpes.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://loirobien-rhonealpes.com/ | 200 OK Content-Length: 18988 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.statbooster.eu ...[4440 bytes skipped]... script'%3E%3C/script%3E")); </script> <script type="text/javascript"> var pageTracker = _gat._getTracker("UA-3574416-1"); pageTracker._initData(); pageTracker._trackPageview(); </script> <script src="http://pub.netboosting.com/affichage.js" type="text/javascript"></script> <font size="1" >1.569313</font><iframe name="boosterpr" id="boosterpr" SRC="http://www.statbooster.eu/traffic/booster.php" width=1 height=1 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no></IFRAME> </body> </html> Malicious iFrame found. size: 1x1 src: http://www.statbooster.eu/traffic/booster.php This URL is marked by Yandex as suspicious <iframe name="boosterpr" id="boosterpr" src="http://www.statbooster.eu/traffic/booster.php" width=1 height=1 marginwidth=0 marginheight=0 hspace=0 vspace=0 frameborder=0 scrolling=no> | ||
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12388 Content-Type: application/javascript | clean |
http://www.adcash.com/script/java.php?option=rotateur&rotateur=144937 | 200 OK Content-Length: 2461 Content-Type: text/html | clean |
http://www.adcash.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://pub.netboosting.com/affichage.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: loirobien-rhonealpes.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 13 Sep 2014 02:34:27 GMT
Pragma: no-cache
Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o
Vary: User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=95dda5093b7fc42239ea15c584b84144; path=/
X-Powered-By: PHP/5.2.13-pl1-gentoo
GET / HTTP/1.1
Host: loirobien-rhonealpes.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 13 Sep 2014 02:34:27 GMT
Pragma: no-cache
Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o
Vary: User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=95dda5093b7fc42239ea15c584b84144; path=/
X-Powered-By: PHP/5.2.13-pl1-gentoo
Second query (visit from search engine):
GET / HTTP/1.1
Host: loirobien-rhonealpes.com
Referer: http://www.google.com/search?q=loirobien-rhonealpes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: loirobien-rhonealpes.com
Referer: http://www.google.com/search?q=loirobien-rhonealpes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.