Scanned pages/files
Request | Server response | Status |
http://comitedesfetes.org/ | 200 OK Content-Length: 33425 Content-Type: text/html | clean |
http://comitedesfetes.org/inc/hpage.js | 200 OK Content-Length: 8359 Content-Type: application/javascript | clean |
http://banniere.reussissonsensemble.fr/view.asp?ref=338431&js=1&site=9707&b=82&target=_blank&title=Carrefour+Voyages | 200 OK Content-Length: 587 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe src="http://banniere.reussissonsensemble.fr/pvdi.aspx?ref=338431&js=1&site=9707&b=82&target=_blank&title=Carrefour+Voyages" width="1" height="1" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" style="width:0px; height:0px;"></iframe>');document.write('<a href="http://clic.reussissonsensemble.fr/click.asp?type=b82&bnb=82&ref=338431&js=1&site=9707&b=82&target=_blank&title=Carrefour+Voyages" target="_blank" ><img src="http://banners.contentfeed.net/9707/ADV_Banner_82.gif" border="0" title="Carrefour Voyages" alt="Carrefour Voyages" /></a>'); Antivirus reports:
| ||
http://banniere.reussissonsensemble.fr/view.asp?ref=338431&js=1&site=4439&b=100&target=_blank&title=La+Poste | 200 OK Content-Length: 556 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe src="http://banniere.reussissonsensemble.fr/pvdi.aspx?ref=338431&js=1&site=4439&b=100&target=_blank&title=La+Poste" width="1" height="1" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" style="width:0px; height:0px;"></iframe>');document.write('<a href="http://clic.reussissonsensemble.fr/click.asp?type=b100&bnb=100&ref=338431&js=1&site=4439&b=100&target=_blank&title=La+Poste" target="_blank" ><img src="http://banners.contentfeed.net/4439/ADV_Banner_100.gif" border="0" title="La Poste" alt="La Poste" /></a>'); Antivirus reports:
| ||
http://comitedesfetes.org/index.php?lng=fr | 200 OK Content-Length: 33425 Content-Type: text/html | clean |
http://comitedesfetes.org/faq.php?lng=fr | 200 OK Content-Length: 84309 Content-Type: text/html | clean |
http://comitedesfetes.org/fortopic.php?lng=fr | 200 OK Content-Length: 21893 Content-Type: text/html | clean |
http://comitedesfetes.org/links.php?lng=fr | 200 OK Content-Length: 24814 Content-Type: text/html | clean |
http://comitedesfetes.org/news.php?lng=fr | 200 OK Content-Length: 24689 Content-Type: text/html | clean |
http://comitedesfetes.org/asso.php | 200 OK Content-Length: 3045 Content-Type: text/html | clean |
http://comitedesfetes.org/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 08:22:19 GMT Pragma: no-cache Location: http://www.comitedesfetes.org/error.php?errorId=20140601_102219_404 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1; Set-Cookie: GuppYUser=deleted; expires=Sat, 01-Jun-2013 08:22:18 GMT X-Powered-By: PHP/5.2.9-1.illimite | clean |
http://www.comitedesfetes.org/error.php?errorid=20140601_102219_404 | 404 Not Found Content-Length: 16 Content-Type: text/html | clean |
http://www.comitedesfetes.org/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 08:22:20 GMT Pragma: no-cache Location: http://www.comitedesfetes.org/error.php?errorId=20140601_102220_404 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1; Set-Cookie: GuppYUser=deleted; expires=Sat, 01-Jun-2013 08:22:19 GMT X-Powered-By: PHP/5.2.9-1.illimite | clean |
http://www.comitedesfetes.org/error.php?errorid=20140601_102220_404 | 404 Not Found Content-Length: 16 Content-Type: text/html | clean |
http://comitedesfetes.org/pages/creation.php | 200 OK Content-Length: 23617 Content-Type: text/html | clean |
http://comitedesfetes.org/pages/../inc/hpage.js | 200 OK Content-Length: 8359 Content-Type: application/javascript | clean |
http://comitedesfetes.org/pages/../index.php?lng=fr | 200 OK Content-Length: 33425 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: comitedesfetes.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Jun 2014 08:22:14 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1;
Set-Cookie: GuppYUser=deleted; expires=Sat, 01-Jun-2013 08:22:14 GMT
X-Powered-By: PHP/5.2.9-1.illimite
GET / HTTP/1.1
Host: comitedesfetes.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Jun 2014 08:22:14 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1;
Set-Cookie: GuppYUser=deleted; expires=Sat, 01-Jun-2013 08:22:14 GMT
X-Powered-By: PHP/5.2.9-1.illimite
Second query (visit from search engine):
GET / HTTP/1.1
Host: comitedesfetes.org
Referer: http://www.google.com/search?q=comitedesfetes.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: comitedesfetes.org
Referer: http://www.google.com/search?q=comitedesfetes.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=comitedesfetes.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://comitedesfetes.org/
Result: comitedesfetes.org is not infected or malware details are not published yet.
Result: comitedesfetes.org is not infected or malware details are not published yet.