Scanned pages/files
Request | Server response | Status |
http://askeharmony.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 22 Oct 2014 02:12:28 GMT Location: http://www.eharmony.com/ Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://www.eharmony.com/ | 200 OK Content-Length: 41593 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://fls.doubleclick.net/activityi;src=1803271;type=retar492;cat=ushom797;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.eharmony.com//static.eharmony.com/files/corp/prod/js/ehcorp.tracking.js/ | 404 Not Found Content-Length: 256 Content-Type: text/html | clean |
http://www.eharmony.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=14400 Connection: close Date: Wed, 22 Oct 2014 02:12:32 GMT Location: http://www.eharmony.com/test404page.js/ Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 22 Oct 2014 06:12:32 GMT CF-Cache-Status: MISS CF-RAY: 17d22ba73b060afc-WAW Set-Cookie: __cfduid=d6dbd7c1993a4aa158b30556990030c841413943952511; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.eharmony.com; HttpOnly | clean |
http://www.eharmony.com/test404page.js/ | 404 Not Found Content-Length: 6978 Content-Type: text/html | clean |
http://www.eharmony.com/home/ | 200 OK Content-Length: 39338 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://static.eharmony.com/files/corp/prod/js/modernizr.js | 200 OK Content-Length: 11074 Content-Type: application/javascript | clean |
http://static.eharmony.com/files/corp/js/mbox.js | 200 OK Content-Length: 26610 Content-Type: application/javascript | clean |
http://static.eharmony.com/files/corp/js/EHARMONY.registration.v5.js | 200 OK Content-Length: 54674 Content-Type: application/javascript | clean |
http://static.eharmony.com/files/corp/js/custom/df-direct.js | 200 OK Content-Length: 17663 Content-Type: application/javascript | clean |
http://www.eharmony.com/login | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Wed, 22 Oct 2014 02:12:36 GMT Location: http://www.eharmony.com/login/ Server: cloudflare-nginx Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 22 Oct 2014 02:27:35 GMT CF-RAY: 17d22bbc5de50afc-WAW Set-Cookie: __cfduid=dbfe57369c2ff7b2326b650ac7edf34a31413943955897; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.eharmony.com; HttpOnly Set-Cookie: BIGipServerFront=9iApuvaxhMsw1/P8gCpfh2STwPUrmSkT0yYjjseQPnrScjHHqAOwV7LLbV0+sIlBnsI9G5GMJNKJnPA=; path=/ | clean |
http://www.eharmony.com/login/ | 200 OK Content-Length: 15584 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js | 200 OK Content-Length: 196578 Content-Type: text/javascript | clean |
http://static.eharmony.com/static/scripts/facebook/error-messages-1.2.js | 200 OK Content-Length: 351 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 163788 Content-Type: application/x-javascript | clean |
http://static.eharmony.com/static/scripts/facebook/facebook-1.3.js | 200 OK Content-Length: 32362 Content-Type: application/javascript | clean |
http://static.eharmony.com/files/corp/js/EHARMONY.login.min.js?ver=5 | 200 OK Content-Length: 5444 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: askeharmony.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Wed, 22 Oct 2014 02:12:28 GMT
Location: http://www.eharmony.com/
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: askeharmony.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Wed, 22 Oct 2014 02:12:28 GMT
Location: http://www.eharmony.com/
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: askeharmony.com
Referer: http://www.google.com/search?q=askeharmony.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: askeharmony.com
Referer: http://www.google.com/search?q=askeharmony.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=askeharmony.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://askeharmony.com/
Result: askeharmony.com is not infected or malware details are not published yet.
Result: askeharmony.com is not infected or malware details are not published yet.