Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=observer.france24.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://observer.france24.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gtomotorpart.yellowpages.co.th
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 May 2014 08:44:37 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: gtomotorpart.yellowpages.co.th
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 May 2014 08:44:37 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: gtomotorpart.yellowpages.co.th
Referer: http://www.google.com/search?q=gtomotorpart.yellowpages.co.th
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gtomotorpart.yellowpages.co.th
Referer: http://www.google.com/search?q=gtomotorpart.yellowpages.co.th
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://observer.france24.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache, no-store Connection: close Date: Mon, 25 Aug 2014 22:31:23 GMT Pragma: no-cache Location: http://observers.france24.com/fr Server: AkamaiGHost Content-Length: 0 Expires: Mon, 25 Aug 2014 22:31:23 GMT | malicious |
http://observers.france24.com/fr | 200 OK Content-Length: 91716 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.france24.com ...[1139 bytes skipped]... eta name="twitter:app:name:iphone" content="Les observateurs de France 24" /> <meta name="twitter:app:name:ipad" content="Les observateurs de France 24" /> <meta name="twitter:app:name:googleplay" content="Les observateurs de France 24" /> <meta name="twitter:creator" content="@observateurs" /> <meta name="twitter:site" content="@observateurs" /> <meta name="twitter:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_fr.png" /> <meta property="og:site_name" content="Les Observateurs" /> <meta property="og:url" content="http://observers.france24.com/fr" /> <meta property="og:type" content="website" /> <meta property="og:locale" content="fr_FR" /> <meta property="og:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_fr.png" /> <meta name="apple-itunes-app" cont ...[2627 bytes skipped]... | ||
http://observers.france24.com/files/js/js_26205d3307c5e5e3f85b3e9ad2c00595.js | 200 OK Content-Length: 298644 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: projects.france24.com ...[3442 bytes skipped]... id).val($(this_id).val()); $(this_id).val(next_node_val); if (field_name!='image-noderef-noderef') { var current_id = $(this_id); var next_id = $(next_id); current_id.attr('readonly', true); next_id.attr('readonly', true); } } // We will check if the france24_em_add_arrows function is available. // See Task #4056 (http://projects.france24.com/issues/4056) if (typeof france24_em_add_arrows != 'undefined') { // The module france24_multimedia_element is enabled. // It means that we are on a France24 website. france24_em_add_arrows(); } else { // Default to the normal function (originaly built for RFI). aef_em_add_arrows(); } }; ; | ||
http://cetrk.com/pages/scripts/0008/5595.js | 200 OK Content-Length: 3 Content-Type: text/javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.france24.com/static/infographies/obs_mobile/obs_fix_mobile.js | 200 OK Content-Length: 1613 Content-Type: application/x-javascript | clean |
http://observers.france24.com/files/js/js_976f97295625d0e973fa15a25b12e088.js | 200 OK Content-Length: 744 Content-Type: application/javascript | clean |
http://observer.france24.com/fr | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache, no-store Connection: close Date: Mon, 25 Aug 2014 22:31:27 GMT Pragma: no-cache Location: http://observers.france24.com/fr Server: AkamaiGHost Content-Length: 0 Expires: Mon, 25 Aug 2014 22:31:27 GMT | malicious |
http://observers.france24.com/test404page.js | 404 Not Found Content-Length: 28070 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.france24.com ...[1005 bytes skipped]... servers" /> <meta name="twitter:app:name:iphone" content="The FRANCE 24 Observers" /> <meta name="twitter:app:name:ipad" content="The FRANCE 24 Observers" /> <meta name="twitter:app:name:googleplay" content="The FRANCE 24 Observers" /> <meta name="twitter:creator" content="@observers" /> <meta name="twitter:site" content="@observers" /> <meta name="twitter:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_en.png" /> <meta property="og:site_name" content="The Observers" /> <meta property="og:url" content="http://observers.france24.com/test404page.js" /> <meta property="og:type" content="article" /> <meta property="og:locale" content="en_US" /> <meta property="og:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_en.png" /> <meta name="apple-itunes- ...[2761 bytes skipped]... | ||
http://observers.france24.com/files/js/js_2e0a8beee016b5af6d0f9f8251b0e822.js | 200 OK Content-Length: 287748 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: projects.france24.com ...[3442 bytes skipped]... id).val($(this_id).val()); $(this_id).val(next_node_val); if (field_name!='image-noderef-noderef') { var current_id = $(this_id); var next_id = $(next_id); current_id.attr('readonly', true); next_id.attr('readonly', true); } } // We will check if the france24_em_add_arrows function is available. // See Task #4056 (http://projects.france24.com/issues/4056) if (typeof france24_em_add_arrows != 'undefined') { // The module france24_multimedia_element is enabled. // It means that we are on a France24 website. france24_em_add_arrows(); } else { // Default to the normal function (originaly built for RFI). aef_em_add_arrows(); } }; ; | ||
http://observers.france24.com/ | 200 OK Content-Length: 91060 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.france24.com ...[1109 bytes skipped]... servers" /> <meta name="twitter:app:name:iphone" content="The FRANCE 24 Observers" /> <meta name="twitter:app:name:ipad" content="The FRANCE 24 Observers" /> <meta name="twitter:app:name:googleplay" content="The FRANCE 24 Observers" /> <meta name="twitter:creator" content="@observers" /> <meta name="twitter:site" content="@observers" /> <meta name="twitter:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_en.png" /> <meta property="og:site_name" content="The Observers" /> <meta property="og:url" content="http://observers.france24.com/" /> <meta property="og:type" content="website" /> <meta property="og:locale" content="en_US" /> <meta property="og:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_en.png" /> <meta name="apple-itunes-app" content=" ...[2661 bytes skipped]... | ||
http://observers.france24.com/files/js/js_d20d9aa73895743599c539ba6621d6ef.js | 200 OK Content-Length: 297564 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: projects.france24.com ...[3442 bytes skipped]... id).val($(this_id).val()); $(this_id).val(next_node_val); if (field_name!='image-noderef-noderef') { var current_id = $(this_id); var next_id = $(next_id); current_id.attr('readonly', true); next_id.attr('readonly', true); } } // We will check if the france24_em_add_arrows function is available. // See Task #4056 (http://projects.france24.com/issues/4056) if (typeof france24_em_add_arrows != 'undefined') { // The module france24_multimedia_element is enabled. // It means that we are on a France24 website. france24_em_add_arrows(); } else { // Default to the normal function (originaly built for RFI). aef_em_add_arrows(); } }; ; | ||
http://observers.france24.com/en | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 25 Aug 2014 22:31:31 GMT ETag: "1409005891" Location: http://observers.france24.com/ Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 20 Content-Type: text/html; charset=utf-8 Last-Modified: Mon, 25 Aug 2014 22:31:31 +0000 X-Drupal-Cache: MISS | clean |
http://observers.france24.com/rss.xml | 200 OK Content-Length: 22899 Content-Type: application/rss+xml | clean |
http://observers.france24.com/%2523 | 404 Not Found Content-Length: 27987 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.france24.com ...[996 bytes skipped]... servers" /> <meta name="twitter:app:name:iphone" content="The FRANCE 24 Observers" /> <meta name="twitter:app:name:ipad" content="The FRANCE 24 Observers" /> <meta name="twitter:app:name:googleplay" content="The FRANCE 24 Observers" /> <meta name="twitter:creator" content="@observers" /> <meta name="twitter:site" content="@observers" /> <meta name="twitter:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_en.png" /> <meta property="og:site_name" content="The Observers" /> <meta property="og:url" content="http://observers.france24.com/%2523" /> <meta property="og:type" content="article" /> <meta property="og:locale" content="en_US" /> <meta property="og:image" content="http://www.france24.com/static/infographies/meta_og_twcards/F24_obs_en.png" /> <meta name="apple-itunes-app" con ...[2771 bytes skipped]... | ||
http://observers.france24.com/fa | 200 OK Content-Length: 85534 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.france24.com ...[1073 bytes skipped]... 24.observers" /> <meta name="twitter:app:name:iphone" content="RFI - ÙاظراÙ" /> <meta name="twitter:app:name:ipad" content="RFI - ÙاظراÙ" /> <meta name="twitter:app:name:googleplay" content="RFI - ÙاظراÙ" /> <meta name="twitter:creator" content="@observersfarsi" /> <meta name="twitter:site" content="@observersfarsi" /> <meta name="twitter:image" content="http://www.france24.com/static/infographies/meta_og_twcards/RFI_obs_fa.png" /> <meta property="og:site_name" content="RFI - ÙاظراÙ" /> <meta property="og:url" content="http://observers.france24.com/fa" /> <meta property="og:type" content="website" /> <meta property="og:locale" content="fa_IR" /> <meta property="og:image" content="http://www.france24.com/static/infographies/meta_og_twcards/RFI_obs_fa.png" /> <meta name="apple-itunes-app" co ...[2688 bytes skipped]... | ||
http://observers.france24.com/files/js/js_bcbf8c30661500b4897c30317bdcf2fe.js | 200 OK Content-Length: 298143 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: projects.france24.com ...[3442 bytes skipped]... id).val($(this_id).val()); $(this_id).val(next_node_val); if (field_name!='image-noderef-noderef') { var current_id = $(this_id); var next_id = $(next_id); current_id.attr('readonly', true); next_id.attr('readonly', true); } } // We will check if the france24_em_add_arrows function is available. // See Task #4056 (http://projects.france24.com/issues/4056) if (typeof france24_em_add_arrows != 'undefined') { // The module france24_multimedia_element is enabled. // It means that we are on a France24 website. france24_em_add_arrows(); } else { // Default to the normal function (originaly built for RFI). aef_em_add_arrows(); } }; ; | ||
http://observers.france24.com/fa/rss.xml | 200 OK Content-Length: 24618 Content-Type: application/rss+xml | clean |