Scanned pages/files
Request | Server response | Status |
http://spssirsa.com/ | 200 OK Content-Length: 12207 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked By Faisal 1337 ...[11622 bytes skipped]... ript:news.stop() onmouseout=javascript:news.start(); scrolldelay=5 behavior=scroll direction=up height="150px" width="190px;"> <ul type='square' style='margin-left:20px;padding-left:10px;'><a href='newsDetails.php?c=1&ID=5' ><li style='padding-bottom:10px;'>DIWALI BREAK</li></a><a href='newsDetails.php?c=1&ID=4' ><li style='padding-bottom:10px;'>HaCked By Faisal 1337</li></a></ul> </marquee> </div> </td> <td align="center" valign="top" style="padding-top:10px;"><div style="border-right:1px solid #d3d3d3;padding-top:10px;height:170px;"> </div></td> <td align="left" valign="top" style="padding:10px 10px 10px 30px;"> <div style="font-family:Times New Roman;font-s ...[2356 bytes skipped]... | ||
http://spssirsa.com/basiccalendar.js | 200 OK Content-Length: 1272 Content-Type: application/javascript | clean |
http://spssirsa.com/index.php | 200 OK Content-Length: 12207 Content-Type: text/html | clean |
http://spssirsa.com/contact-us.php | 200 OK Content-Length: 10349 Content-Type: text/html | clean |
http://spssirsa.com/about.php | 200 OK Content-Length: 8236 Content-Type: text/html | clean |
http://spssirsa.com/academics.php | 200 OK Content-Length: 7332 Content-Type: text/html | clean |
http://spssirsa.com/admission.php | 200 OK Content-Length: 6641 Content-Type: text/html | clean |
http://spssirsa.com/activities.php | 200 OK Content-Length: 5902 Content-Type: text/html | clean |
http://spssirsa.com/class-room.php | 200 OK Content-Length: 7275 Content-Type: text/html | clean |
http://spssirsa.com/photogallery.php | 200 OK Content-Length: 7289 Content-Type: text/html | clean |
http://spssirsa.com/admin/scripts/jquery.js | 200 OK Content-Length: 163855 Content-Type: application/javascript | clean |
http://spssirsa.com/admin/scripts/gallery1/jquery.colorbox.js | 200 OK Content-Length: 24560 Content-Type: application/javascript | clean |
http://spssirsa.com/downloads.php | 200 OK Content-Length: 6298 Content-Type: text/html | clean |
http://spssirsa.com/faculty.php | 200 OK Content-Length: 20025 Content-Type: text/html | clean |
http://spssirsa.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: spssirsa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 21 Dec 2015 19:57:50 GMT
Pragma: no-cache
Server: Apache Phusion_Passenger/4.0.10 mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=olrjbhhplqu26pktpp065mfls4; path=/
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: spssirsa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 21 Dec 2015 19:57:50 GMT
Pragma: no-cache
Server: Apache Phusion_Passenger/4.0.10 mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=olrjbhhplqu26pktpp065mfls4; path=/
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: spssirsa.com
Referer: http://www.google.com/search?q=spssirsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: spssirsa.com
Referer: http://www.google.com/search?q=spssirsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=spssirsa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://spssirsa.com/
Result: spssirsa.com is not infected or malware details are not published yet.
Result: spssirsa.com is not infected or malware details are not published yet.