Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=connect-portal.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://connect-portal.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 23 Dec 2014 01:25:41 GMT Location: http://www.connect-portal.com/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=connect-portal.com X-Pingback: http://www.connect-portal.com/xmlrpc.php | clean |
http://www.connect-portal.com/ | 200 OK Content-Length: 26488 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var lc = document.getElementById('qtranslate-2-chooser'); var s = document.createElement('select'); s.id = 'qtrans_select_qtranslate-2-chooser'; lc.parentNode.insertBefore(s,lc); var sb = document.getElementById('qtrans_select_qtranslate-2-chooser'); var o = document.createElement('option'); var l = document.createTextNode('Português'); o.selected = 'selected'; o.value = 'http://www.connect-portal.com/'; o.appen sb.appendChild(o); var sb = document.getElementById('qtrans_select_qtranslate-2-chooser'); var o = document.createElement('option'); var l = document.createTextNode('Español'); o.value = 'http://www.connect-portal.com/es/'; o.appendChild(l); sb.appendChild(o); s.onchange = function() { document.location.href = this.value;} lc.style.display='none'; Antivirus reports:
| ||
http://www.connect-portal.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=3.5.2 | 200 OK Content-Length: 17331 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2 | 200 OK Content-Length: 56235 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-includes/js/json2.min.js?ver=2011-02-23 | 200 OK Content-Length: 20342 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201452 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Decaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://www.connect-portal.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.5.2 | 200 OK Content-Length: 930 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.5 | 200 OK Content-Length: 22060 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.5 | 200 OK Content-Length: 8210 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-content/themes/u-design/scripts/superfish-1.4.8/js/superfish.combined.js?ver=1.0.0 | 200 OK Content-Length: 5387 Content-Type: application/javascript | clean |
http://www.connect-portal.com/wp-content/themes/u-design/scripts/script.js?ver=1.0 | 200 OK Content-Length: 7510 Content-Type: application/javascript | clean |
http://stats.wordpress.com/e-201452.js | 200 OK Content-Length: 2332 Content-Type: application/x-javascript | clean |
http://connect-portal.com/consultoria-em-comercio-exterior/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 23 Dec 2014 01:25:56 GMT Location: http://www.connect-portal.com/consultoria-em-comercio-exterior/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=connect-portal.com X-Pingback: http://www.connect-portal.com/xmlrpc.php | clean |
http://www.connect-portal.com/consultoria-em-comercio-exterior/ | 200 OK Content-Length: 26199 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var lc = document.getElementById('qtranslate-2-chooser'); var s = document.createElement('select'); s.id = 'qtrans_select_qtranslate-2-chooser'; lc.parentNode.insertBefore(s,lc); var sb = document.getElementById('qtrans_select_qtranslate-2-chooser'); var o = document.createElement('option'); var l = document.createTextNode('Português'); o.selected = 'selected'; o.value = 'http://www.connect-portal.com/consultoria-em-comerci var sb = document.getElementById('qtrans_select_qtranslate-2-chooser'); var o = document.createElement('option'); var l = document.createTextNode('Español'); o.value = 'http://www.connect-portal.com/es/consultoria-em-comercio-exterior/'; o.appendChild(l); sb.appendChild(o); s.onchange = function() { document.location.href = this.value;} lc.style.display='none'; Antivirus reports:
| ||
http://www.connect-portal.com/wp-includes/js/comment-reply.min.js?ver=3.5.2 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: connect-portal.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 23 Dec 2014 01:25:41 GMT
Location: http://www.connect-portal.com/
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=connect-portal.com
X-Pingback: http://www.connect-portal.com/xmlrpc.php
GET / HTTP/1.1
Host: connect-portal.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 23 Dec 2014 01:25:41 GMT
Location: http://www.connect-portal.com/
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=connect-portal.com
X-Pingback: http://www.connect-portal.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: connect-portal.com
Referer: http://www.google.com/search?q=connect-portal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: connect-portal.com
Referer: http://www.google.com/search?q=connect-portal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.