Scanned pages/files
Request | Server response | Status |
http://me2solutions.com/ | 200 OK Content-Length: 6442 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Anonymous Rabaa ...[97 bytes skipped]... /xhtml1-transitional.dtd"> <html dir=ltr> <head> <script src="config/global.js" language="Javascript"></script> <link type=text/css rel=StyleSheet href=menuENG.css> <meta name="developer" content="Simply Smart Ltd e-mail:info@simply-smart.com"><meta http-equiv=Content-Type content="text/html; charset=windows-1255"> <html dir=ltr><title>Hacked By Anonymous Rabaa</title> <meta name="Description" content="tkr"> <meta name="keywords" content="0105-4609, ktr, Simply-Smart.com, áðééú àúøéí ,÷éãåí àúøéí, ñéîôìé-ñîàøè, csme2, csme"> <style> /* -------------------------------------------------------------- [ Genral ] ------------------------------------------------------ */ body { background-color: #ffffff; /* overflow: auto;*/ font-family:Arial, Helvetica, sans-ser ...[7351 bytes skipped]... | ||
http://me2solutions.com/config/global.js | 200 OK Content-Length: 7065 Content-Type: application/javascript | clean |
http://me2solutions.com/js/flashcontent.js | 200 OK Content-Length: 2742 Content-Type: application/javascript | clean |
http://me2solutions.com/js/jquery.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://me2solutions.com/js/gallery.js | 404 Not Found Content-Length: 3671 Content-Type: text/html | clean |
http://me2solutions.com/test404page.js | 404 Not Found Content-Length: 3671 Content-Type: text/html | clean |
http://me2solutions.com/js/ContentScroller.js | 200 OK Content-Length: 3898 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: me2solutions.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 22 Dec 2015 00:05:32 GMT
Pragma: no-cache
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5
Content-Length: 6442
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: PHPSESSID=gap1mqlftbq9aq4u47qkt89a67; path=/
Set-Cookie: c_01054609lastvisit=1450742732; expires=Sun, 19-Jun-2016 00:05:32 GMT
Set-Cookie: c_01054609beenhere=1450742732; expires=Sun, 19-Jun-2016 00:05:32 GMT
...6442 bytes of data.
GET / HTTP/1.1
Host: me2solutions.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 22 Dec 2015 00:05:32 GMT
Pragma: no-cache
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5
Content-Length: 6442
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: PHPSESSID=gap1mqlftbq9aq4u47qkt89a67; path=/
Set-Cookie: c_01054609lastvisit=1450742732; expires=Sun, 19-Jun-2016 00:05:32 GMT
Set-Cookie: c_01054609beenhere=1450742732; expires=Sun, 19-Jun-2016 00:05:32 GMT
...6442 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: me2solutions.com
Referer: http://www.google.com/search?q=me2solutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: me2solutions.com
Referer: http://www.google.com/search?q=me2solutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=me2solutions.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://me2solutions.com/
Result: me2solutions.com is not infected or malware details are not published yet.
Result: me2solutions.com is not infected or malware details are not published yet.