Malware Scanner report for stannswarehouse.org

Malicious/Suspicious/Total urls checked: 4/0/15

4 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/12/12

12 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://stannswarehouse.org/	200 OK Content-Length: 17947 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports: Avast HTML:Iframe-inf VIPRE Heur.HTML.MalIFrame (v) Norman Iframer.AU Sophos Mal/Iframe-V GData HTML:Iframe-inf ESET-NOD32 HTML/Iframe.B.Gen Hidden iFrame found. size: 1x1 src: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248 <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord= <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1? <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1?" width="1" height="1" frameborder="0" style="display:none">
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	200 OK Content-Length: 93868 Content-Type: text/javascript	clean
http://stannswarehouse.org/superfish/hoverIntent.js	200 OK Content-Length: 3174 Content-Type: text/javascript	clean
http://stannswarehouse.org/superfish/superfish.js	200 OK Content-Length: 3714 Content-Type: text/javascript	clean
http://stannswarehouse.org/javascript/shadowbox.js	200 OK Content-Length: 22390 Content-Type: text/javascript	clean
http://stannswarehouse.org/shared_public_items/javascript_functions.js	200 OK Content-Length: 14605 Content-Type: text/javascript	clean
http://stannswarehouse.org/javascript/CalendarPopup.js	200 OK Content-Length: 58449 Content-Type: text/javascript	clean
http://stannswarehouse.org/javascript/sta_js_functions.js	200 OK Content-Length: 2002 Content-Type: text/javascript	clean
http://stannswarehouse.org/javascript/swfobject.js	200 OK Content-Length: 10220 Content-Type: text/javascript	clean
http://stannswarehouse.org/liteAccordion/liteaccordion.jquery.min.js	200 OK Content-Length: 4655 Content-Type: text/javascript	clean
http://s7.addthis.com/js/250/addthis_widget.js	200 OK Content-Length: 6875 Content-Type: text/javascript	clean
http://www.googleadservices.com/pagead/conversion.js	200 OK Content-Length: 9447 Content-Type: text/javascript	clean
http://stannswarehouse.org/index.php	200 OK Content-Length: 17956 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports: Avast HTML:Iframe-inf VIPRE Heur.HTML.MalIFrame (v) Norman Iframer.AU Sophos Mal/Iframe-V GData HTML:Iframe-inf ESET-NOD32 HTML/Iframe.B.Gen Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1? <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord= <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 src: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248 <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'>
http://stannswarehouse.org/current_season.php	200 OK Content-Length: 18586 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports: Avast HTML:Iframe-inf VIPRE Heur.HTML.MalIFrame (v) Norman Iframer.AU Sophos Mal/Iframe-V GData HTML:Iframe-inf ESET-NOD32 HTML/Iframe.B.Gen Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1? <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord= <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 src: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248 <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'>
http://stannswarehouse.org/current_season.php?show_id=99	200 OK Content-Length: 29517 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports: Avast HTML:Iframe-inf VIPRE Heur.HTML.MalIFrame (v) Norman Iframer.AU Sophos Mal/Iframe-V GData HTML:Iframe-inf ESET-NOD32 HTML/Iframe.B.Gen Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord= <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1? <iframe src="http://4220883.fls.doubleclick.net/activityi;src=4220883;type=invmedia;cat=q0shgv8y;ord=1?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 src: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248 <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=1248' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'>

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: stannswarehouse.org

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 24 Sep 2014 17:46:57 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=q6u9v69oie69nfrusmp3uscqu7; path=/
X-Powered-By: PleskLin

Second query (visit from search engine):
GET / HTTP/1.1
Host: stannswarehouse.org
Referer: http://www.google.com/search?q=stannswarehouse.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=stannswarehouse.org

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://stannswarehouse.org/

Result: stannswarehouse.org is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for stannswarehouse.org

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools