Scanned pages/files
Request | Server response | Status |
http://selengineering.com/ | HTTP/1.1 301 Moved Permanently Date: Fri, 17 Oct 2014 01:03:34 GMT Location: https://www.selinc.com/engineeringservices Server: Microsoft-IIS/8.0 Content-Length: 165 Content-Type: text/html; charset=UTF-8 Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111a45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly X-UA-Compatible: IE=11,chrome=1 | clean |
https://www.selinc.com/engineeringservices | HTTP/1.1 301 Moved Permanently Date: Fri, 17 Oct 2014 01:03:35 GMT Location: /engineeringservices/ Server: Microsoft-IIS/8.0 Content-Length: 0 Set-Cookie: EktGUID=58eb40da-0086-49fa-96cd-439f8a34dc0a; expires=Sat, 17-Oct-2015 01:03:36 GMT; path=/; secure; HttpOnly Set-Cookie: EkAnalytics=0; expires=Sat, 17-Oct-2015 01:03:36 GMT; path=/; secure; HttpOnly Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.selinc.com&SiteLanguage=1033&dvcMdl=Generic&dvcOs=Generic&dvcType=1&dvcResWidth=800&dvcResHeight=600&dvcImgWidth=600&dvcImgHeight=600&dvcDualOrientation=False; path=/; HttpOnly Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQT=ffffffff093d111a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=300;path=/;secure;httponly X-UA-Compatible: IE=11,chrome=1 | clean |
https://www.selinc.com/engineeringservices/ | 200 OK Content-Length: 40042 Content-Type: text/html | clean |
https://www.selinc.com/WorkArea/FrameworkUI/js/ektron.javascript.ashx?id=-569449246+-1939951303+-1080527330+-1687560804+-1388997516+2009761168+27274999+1979897163+-422906301+-1818005853+-1357665627+1808714324+-1793043690+1338359439+1628691364+-949949580+-1136549443+1894580747+-1727794762+942105817+-1220305298+426572991+2118758646+735616126+-694972131+-2095297909+-451526239+-1545819413+-938514135+- <span>...55 symbols skipped</span> | 200 OK Content-Length: 302060 Content-Type: application/x-javascript | clean |
http://selengineering.com/scripts/SearchAndSelector.js?v1.2 | HTTP/1.1 301 Moved Permanently Date: Fri, 17 Oct 2014 01:03:41 GMT Location: https://www.selinc.com/engineeringservices Server: Microsoft-IIS/8.0 Content-Length: 165 Content-Type: text/html; charset=UTF-8 Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111b45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly X-UA-Compatible: IE=11,chrome=1 | clean |
http://www.selinc.com/test404page.js | HTTP/1.1 302 Redirect Date: Fri, 17 Oct 2014 01:03:42 GMT Location: https://www.selinc.com/test404page.js Server: Microsoft-IIS/8.0 Content-Length: 160 Content-Type: text/html; charset=UTF-8 Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111b45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly X-UA-Compatible: IE=11,chrome=1 | clean |
https://www.selinc.com/test404page.js | HTTP/1.1 302 Found Cache-Control: private Date: Fri, 17 Oct 2014 01:03:42 GMT Location: /filenotfound.aspx?aspxerrorpath=/test404page.js Server: Microsoft-IIS/8.0 Content-Type: text/html; charset=utf-8 Set-Cookie: EktGUID=b7f57540-f412-4012-9dc8-13fa39e04d0b; expires=Sat, 17-Oct-2015 01:03:43 GMT; path=/; secure; HttpOnly Set-Cookie: EkAnalytics=0; expires=Sat, 17-Oct-2015 01:03:43 GMT; path=/; secure; HttpOnly Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.selinc.com&SiteLanguage=1033&dvcMdl=Generic&dvcOs=Generic&dvcType=1&dvcResWidth=800&dvcResHeight=600&dvcImgWidth=600&dvcImgHeight=600&dvcDualOrientation=False; path=/; HttpOnly Set-Cookie: ASP.NET_SessionId=1j01gosrkh5zemysbtoesxpx; path=/; secure; HttpOnly Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQT=ffffffff093d111a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=300;path=/;secure;httponly X-AspNetMvc-Version: 5.2 X-UA-Compatible: IE=11,chrome=1 | clean |
https://www.selinc.com/filenotfound.aspx?aspxerrorpath=/test404page.js | 404 Not Found Content-Length: 57006 Content-Type: text/html | clean |
https://www.selinc.com/WorkArea/FrameworkUI/js/ektron.javascript.ashx?id=-569449246+-1939951303+-1080527330+-1687560804+-1388997516+2009761168+27274999+1979897163+-422906301+-1818005853+-1357665627+1808714324+-949949580+-1136549443+1894580747+-1727794762+942105817+-1220305298+426572991+2118758646+735616126+-694972131+-2095297909+-451526239+-1545819413+-938514135+-160633619+-1113227912+-1313007067+206001317+-1681329770 | 200 OK Content-Length: 302061 Content-Type: application/x-javascript | clean |
http://www.selinc.com/scripts/SearchAndSelector.js?v1.2 | HTTP/1.1 302 Redirect Date: Fri, 17 Oct 2014 01:03:47 GMT Location: https://www.selinc.com/scripts/SearchAndSelector.js?v1.2 Server: Microsoft-IIS/8.0 Content-Length: 179 Content-Type: text/html; charset=UTF-8 Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111a45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly X-UA-Compatible: IE=11,chrome=1 | clean |
https://www.selinc.com/scripts/searchandselector.js?v1.2 | 200 OK Content-Length: 18359 Content-Type: application/x-javascript | clean |
http://www.selinc.com/default.aspx | HTTP/1.1 302 Redirect Date: Fri, 17 Oct 2014 01:03:49 GMT Location: https://www.selinc.com/default.aspx Server: Microsoft-IIS/8.0 Content-Length: 158 Content-Type: text/html; charset=UTF-8 Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111b45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly X-UA-Compatible: IE=11,chrome=1 | clean |
https://www.selinc.com/default.aspx | 200 OK Content-Length: 36897 Content-Type: text/html | clean |
https://www.selinc.com/scripts/SearchAndSelector.js?v1.2 | 200 OK Content-Length: 18359 Content-Type: application/x-javascript | clean |
https://www.selinc.com/default.aspx?LangType=1033 | 200 OK Content-Length: 36947 Content-Type: text/html | clean |
https://www.selinc.com/default.aspx?LangType=1034 | 200 OK Content-Length: 34570 Content-Type: text/html | clean |
https://www.selinc.com/news.aspx | 200 OK Content-Length: 95648 Content-Type: text/html | clean |
https://ws.sharethis.com/button/buttons.js | 200 OK Content-Length: 146249 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
https://www.selinc.com/news.aspx?LangType=1033 | 200 OK Content-Length: 95764 Content-Type: text/html | clean |
https://www.selinc.com/news.aspx?LangType=1034 | 200 OK Content-Length: 57342 Content-Type: text/html | clean |
https://www.selinc.com/aboutSEL/ | 200 OK Content-Length: 64661 Content-Type: text/html | clean |
https://www.selinc.com/aboutSEL/?LangType=1033 | 200 OK Content-Length: 64777 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: selengineering.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Fri, 17 Oct 2014 01:03:34 GMT
Location: https://www.selinc.com/engineeringservices
Server: Microsoft-IIS/8.0
Content-Length: 165
Content-Type: text/html; charset=UTF-8
Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111a45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly
X-UA-Compatible: IE=11,chrome=1
...165 bytes of data.
GET / HTTP/1.1
Host: selengineering.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Fri, 17 Oct 2014 01:03:34 GMT
Location: https://www.selinc.com/engineeringservices
Server: Microsoft-IIS/8.0
Content-Length: 165
Content-Type: text/html; charset=UTF-8
Set-Cookie: NSC_xxx.tfmjod.dpn-IUUQ=ffffffff093d111a45525d5f4f58455e445a4a423660;Version=1;Max-Age=300;path=/;httponly
X-UA-Compatible: IE=11,chrome=1
...165 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: selengineering.com
Referer: http://www.google.com/search?q=selengineering.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: selengineering.com
Referer: http://www.google.com/search?q=selengineering.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=selengineering.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://selengineering.com/
Result: selengineering.com is not infected or malware details are not published yet.
Result: selengineering.com is not infected or malware details are not published yet.