Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thaleco.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.thaleco.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.thaleco.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 28 Dec 2014 02:44:21 GMT Location: http://zxsoftpromo.ru/in.cgi?5 Server: Apache Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.thaleco.com/ | 200 OK Content-Length: 19294 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://marketingonlineprofits.com/mmarketingonlineprofits.com/wTbmpvbU.php?id=18339780" type="text/javascript"></script> | ||
http://www.thaleco.com/png.js | 200 OK Content-Length: 11789 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function addEvent( obj, type, fn ) { if (obj.addEventListener) { obj.addEventListener( type, fn, false ); EventCache.add(obj, type, fn); } else if (obj.attachEvent) { obj["e" type fn] = fn; obj[type fn] = function() { obj["e" type fn]( window.event ); } obj.attachEvent( "on" type, obj[type fn] ); EventCache.add(obj, type, fn); } else { obj["on" type] = obj["e" type fn]; } } var EventCache = function(){ var listE Antivirus reports:
| ||
http://www.thaleco.com/TypingText.js | 200 OK Content-Length: 10906 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) TypingText = function(element, interval, cursor, finishedCallback) { if((typeof document.getElementById == "undefined") || (typeof element.innerHTML == "undefined")) { this.running = true; return; } this.element = element; this.finishedCallback = (finishedCallback ? finishedCallback : function() { return; }); this.interval = (typeof interval == "undefined" ? 100 : interval); this.origText = this.element.innerHTML; this.unparsedOrigText = this Antivirus reports:
| ||
http://nt04.in/3 | 500 Can't connect to nt04.in:80 Content-Length: 182 Content-Type: text/plain | clean |
http://nt04.in/test404page.js | 500 Can't connect to nt04.in:80 Content-Length: 182 Content-Type: text/plain | clean |