Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rencontres-passions.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rencontres-passions.org/ | 200 OK Content-Length: 70970 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var loadingTag = "Chargement..";var modeRewrite = "Y";var docRoot = "/";var alphanumeric_chars = "0123456789.+-_#,/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzàçéèôùêâî ()";var alphanum_chars = "0123456789_- ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzàçéèôùêâî ";var text_chars = "-_@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzàçéèôùêâî ";var full_chars = "0123456789.+-_#,/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzàçéèôùêâî() $;:?'";var use_popups = true;var use_profilepopups = false; Antivirus reports:
| ||
http://rencontres-passions.org/javascript/functions.js | 200 OK Content-Length: 17004 Content-Type: application/x-javascript | clean |
http://rencontres-passions.org/javascript/check.js | 200 OK Content-Length: 3619 Content-Type: application/x-javascript | clean |
http://rencontres-passions.org/javascript/validate.js | 200 OK Content-Length: 2992 Content-Type: application/x-javascript | clean |
http://rencontres-passions.org/javascript/shoutbox.js | 200 OK Content-Length: 908 Content-Type: application/x-javascript | clean |
http://rencontres-passions.org/templates/my_templates/img/tabcontent2.js | 200 OK Content-Length: 23411 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function ddtabcontent(tabinterfaceid){ this.tabinterfaceid=tabinterfaceid this.tabs=document.getElementById(tabinterfaceid).getElementsByTagName("a") this.enabletabpersistence=true this.hottabspositions=[] this.subcontentids=[] this.revcontentids=[] this.selectedClassTarget="link" } ddtabcontent.getCookie=function(Name){ var re=new RegExp(Name+"=[^;]+", "i"); if (document.cookie.match(re)) return document.cookie.match(re)[0].split("=")[1] return Antivirus reports:
| ||
http://RNP.ourtoolbar.com/ControlsLibrary/Javascript/Generic/Site.js | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 20:32:46 GMT Location: http://RNP.ourtoolbar.com/JavascriptLibrary/Generic/Site.js Server: Microsoft-IIS/7.5 Content-Length: 245 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://rnp.ourtoolbar.com/javascriptlibrary/generic/site.js | 200 OK Content-Length: 4962 Content-Type: application/x-javascript | clean |
http://www.conduit.com/Api/ToolbarApi.aspx | 404 Not Found Content-Length: 115 Content-Type: application/json | clean |
http://www.conduit.com/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=2592000 Connection: close Date: Thu, 04 Sep 2014 20:34:27 GMT Location: /Error/NotFound?aspxerrorpath=/test404page.js Server: Microsoft-IIS/8.5 Content-Length: 162 Expires: Sat, 04 Oct 2014 20:34:27 GMT P3p: CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-AspNetMvc-Version: 4.0 X-Powered-By: ASP.NET X-UA-Compatible: IE=Edge | clean |
http://www.conduit.com/error/notfound?aspxerrorpath=/test404page.js | 404 Not Found Content-Length: 23719 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://www.googletagmanager.com/ns.html?id=gtm-cmxk <iframe src="http://www.googletagmanager.com/ns.html?id=gtm-cmxk" height="0" width="0" style="display:none;visibility:hidden"> | ||
http://www.conduit.com/Scripts/Master/getnortonsealimaget.js | 200 OK Content-Length: 2814 Content-Type: application/javascript | clean |
http://www.conduit.com/bundle/script/innerpage?v=TrNAMJ6ecHAnz_4cmDYjE6xEMwZveuMfNDKrgzUmjiU1 | 200 OK Content-Length: 117848 Content-Type: text/javascript | clean |
http://www.googleadservices.com/pagead/conversion.js | 200 OK Content-Length: 9448 Content-Type: text/javascript | clean |
http://www.conduit.com/ | 200 OK Content-Length: 30274 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://www.googletagmanager.com/ns.html?id=gtm-cmxk <iframe src="http://www.googletagmanager.com/ns.html?id=gtm-cmxk" height="0" width="0" style="display:none;visibility:hidden"> | ||
http://www.conduit.com/bundle/script/homepage?v=hJJCAYD76HF7bM8yV2badTdcvDTcDuDWACQd1bMkkjw1 | 200 OK Content-Length: 118906 Content-Type: text/javascript | clean |
http://www.conduit.com/aboutus/contactus | 200 OK Content-Length: 38704 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://www.googletagmanager.com/ns.html?id=gtm-cmxk <iframe src="http://www.googletagmanager.com/ns.html?id=gtm-cmxk" height="0" width="0" style="display:none;visibility:hidden"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rencontres-passions.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 04 Sep 2014 20:34:21 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=01f851e9858613bb7c7076799958c02a; path=/
Set-Cookie: osdateopt_lang=french; expires=Fri, 04-Sep-2015 20:34:21 GMT
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: rencontres-passions.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 04 Sep 2014 20:34:21 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=01f851e9858613bb7c7076799958c02a; path=/
Set-Cookie: osdateopt_lang=french; expires=Fri, 04-Sep-2015 20:34:21 GMT
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: rencontres-passions.org
Referer: http://www.google.com/search?q=rencontres-passions.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rencontres-passions.org
Referer: http://www.google.com/search?q=rencontres-passions.org
Result:
The result is similar to the first query. There are no suspicious redirects found.