Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eoscsi.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.eoscsi.com/ | HTTP/1.1 200 OK Connection: close Date: Sat, 05 Jul 2014 04:20:16 GMT Server: Apache/2.2.24 (Unix) mod_hive/3.6 mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_qos/10.10 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.35 Content-Type: text/html | clean |
http://www.linkedin.com/company/eos-consulting-services-international?trk=top_nav_home | 200 OK Content-Length: 61978 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) YEvent.on( window, 'load', function() { (function () { var protocol = 'http:'; var d = new Image(1, 1); d.onerror = d.onload = function () { d.onerror = d.onload = null; }; d.src = [ protocol, "//secure-us.imrworldwide.com/cgi-bin/m?ci=us-603751h&cg=0&cc=1&si=", escape(window.location.href), "&ts=compact&rnd=", (new Date()).getTime() ].join(''); })(); }); Antivirus reports:
| ||
http://static.licdn.com:80/scds/common/u/lib/fizzy/fz-1.3.5-min.js | 200 OK Content-Length: 26523 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=lib%2Ferror-tracking%2F1.0.0%2Fshared%2Fload.min&f=lib%2Ferror-tracking%2F1.0.0%2Ferrors%2Fmodule.min&f=lib%2Ferror-tracking%2F1.0.0%2Ferrors%2Fcodes.min&f=lib%2Ferror-tracking%2F1.0.0%2Ferrors%2Fbootstrap.min&fc=2 | 200 OK Content-Length: 2744 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=lib%2Fscraper_extensions_detector%2F0.1%2Fscraper_extensions_detector.min&f=lib%2Fyui%2F2.8.1_li%2Fyahoo-dom-event%2Fyahoo-dom-event&f=lib%2Fyui%2F2.8.1%2Fdatasource%2Fdatasource-min&f=lib%2Fyui%2F2.8.1_li%2Fconnection%2Fconnection-min&f=lib%2Fyui%2F2.8.1_li%2Fautocomplete%2Fautocomplete-min&f=lib%2Fyui%2F2.8.1%2Fanimation <span>...477 symbols skipped</span> | 200 OK Content-Length: 287614 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=lib%2Ffiber%2F1.0.3%2Ffiber.min&f=lib%2Finject%2F0.4.2%2Finject.min&f=scripts%2Flib%2Finject%2Finject-plugins&f=scripts%2Flib%2Finject%2F0.4.2%2Finject-li&f=lib%2Funderscore%2F1.4.4%2Funderscore-min&f=scripts%2Fcore%2FEvents&f=scripts%2Fshared%2FBaseControl&f=lib%2Ftalkin%2F1.3.1%2Ftalkin-parent.min&f=lib%2Ftalkin%2Fplugin <span>...171 symbols skipped</span> | 200 OK Content-Length: 110743 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=ditm8xdycl29ta8gqk5tpmxf8-czstax4e6y68hymdvqxpwe5so | 200 OK Content-Length: 9200 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=js%2Futil%2FBalloonCallout&fc=2 | 200 OK Content-Length: 9165 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=js%2Frum_bootstrap&f=js%2Frum_bootstrap_fizzy_dust&f=js%2Futil%2FA11yMenu&fc=2 | 200 OK Content-Length: 9105 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=62og8s54488owngg0s7escdit-3ufb745s29q1ovtbq6htt6rwh-aujmp9r1kj9k9x4ezyk8ahfbk-62cjxbtqyt2o85tawwwz12otx-80bc71htcvb1hpj24e3weqpaf-d25t3jwqpgzv7njh2nak0ihfd-1pa3tpaab6s85oxj5wgz5m0p7-3cw9zqh27j8wo0rqo8bt3r52y-5y8i6tkbfzdyalcv8pf9k6ph1-3i7ubdukif1jevuf29ftmtvjs-dl9atqq4ehr8q76eobsd8mbm8-5cmfpe4jqrweez449s97ldikg-85irzxzbd5halvkstu9vwbyf6 | 200 OK Content-Length: 142233 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=tl%2Fshared%2Fuscp%2Ffeed%2Ftarget%2Fmain&f=tl%2Fshared%2Fuscp%2Ffeed%2F_activities&f=tl%2Fshared%2Fuscp%2Ffeed%2Factions%2F_delete&f=tl%2Fshared%2Fuscp%2Ffeed%2Factions%2Fmain&f=tl%2Fshared%2Fuscp%2Ffeed%2F_activity&f=tl%2Fshared%2Fuscp%2Ffeed%2Factor%2F_linkedin_member&f=tl%2Fshared%2Fuscp%2Ffeed%2Factor%2F_linkedin_scho <span>...1118 symbols skipped</span> | 200 OK Content-Length: 44222 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=tl%2Fshared%2Fuscp%2Ffeed%2Fsocial_activity%2Fcommenter%2F_&f=tl%2Fshared%2Fuscp%2Ffeed%2Fsocial_activity%2Fliker%2F_linkedin_member&f=tl%2Fshared%2Fuscp%2Ffeed%2Fsocial_activity%2Fliker%2F_linkedin_school&f=tl%2Fshared%2Fuscp%2Ffeed%2Fsocial_activity%2Fliker%2F_linkedin_company&f=tl%2Fshared%2Fuscp%2Ffeed%2Fsocial_activit <span>...1799 symbols skipped</span> | 200 OK Content-Length: 38538 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=tl%2Fshared%2Fuscp%2Ffeed%2Fobject%2Ftype%2F_&f=tl%2Fshared%2Fuscp%2Ffeed%2Fobject%2Ftype%2F_linkedin_article&f=tl%2Fshared%2Fuscp%2Ffeed%2Fobject%2Ftype%2F_linkedin_content&f=tl%2Fshared%2Fuscp%2Ffeed%2Fobject%2Ftype%2F_linkedin_job&f=tl%2Fshared%2Fuscp%2Ffeed%2Fobject%2Ftype%2F_linkedin_product&f=tl%2Fshared%2Fuscp%2Ffeed%2Fobject%2Ftype%2F_linkedin_school&fc=2 | 200 OK Content-Length: 2864 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_%2F_actions&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_%2F_comment&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_%2F_like&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_%2F_redirect&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_%2F_share&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_%2F_post&f=tl%2Fsh <span>...1120 symbols skipped</span> | 200 OK Content-Length: 6257 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_ranking%2F_comment&fc=2 | 200 OK Content-Length: 224 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?v=build-2000_8_36822-prod&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_company%2F_actions&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_company%2F_comment&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_company%2F_like&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_company%2F_redirect&f=tl%2Fshared%2Fuscp%2Ffeed%2Fcontexts%2F_company%2F_share&f=tl%2Fshared%2Fuscp%2Ffe <span>...402 symbols skipped</span> | 200 OK Content-Length: 4272 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eoscsi.com
Result:
GET / HTTP/1.1
Host: eoscsi.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: eoscsi.com
Referer: http://www.google.com/search?q=eoscsi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eoscsi.com
Referer: http://www.google.com/search?q=eoscsi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.