Scanned pages/files
| Request | Server response | Status |
http://msl.co.il/ | 200 OK Content-Length: 53195 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by AnonGhost ...[23410 bytes skipped]... n class="jm-rss" style="margin: 3px;"> </span></a> </p></div> </div> </div> </div> </div> <div id="jm-djmenu" class="clearfix"> <ul id="dj-main87" class="dj-main"><li class="dj-up itemid468 first active"><a href="/" class="dj-up_a active" ><span >Hacked by AnonGhost</span></a></li> <li class="dj-up itemid475"><a href="/index.php/msl-catalog" class="dj-up_a" ><span class="dj-drop" >Hacked by AnonGhost</span></a> <ul class="dj-submenu"> <li class="submenu_top" style="display: none"> </li> <li class="itemid476 first"><a href="/index.php/msl-catalog/single-product-view" class="dj-more" >×××××¨× ×××××ת ××ר××× ×¡×××ר××</a ...[40409 bytes skipped]... | ||
http://msl.co.il/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://msl.co.il/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://msl.co.il/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://msl.co.il/media/system/js/modal.js | 200 OK Content-Length: 9732 Content-Type: application/javascript | clean |
http://msl.co.il/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://msl.co.il/modules/mod_djimageslider/assets/powertools-1.2.0.js | 200 OK Content-Length: 4603 Content-Type: application/javascript | clean |
http://msl.co.il/modules/mod_djimageslider/assets/slider.js | 404 Not Found Content-Length: 1000 Content-Type: text/html | clean |
http://msl.co.il//index.php/ | 404 Not Found Content-Length: 992 Content-Type: text/html | clean |
http://msl.co.il/test404page.js | 404 Not Found Content-Length: 992 Content-Type: text/html | clean |
http://msl.co.il/components/com_djcatalog2/themes/jm-renewable-energy/js/theme.js | 200 OK Content-Length: 3470 Content-Type: application/javascript | clean |
http://msl.co.il/modules/mod_djmenu/assets/js/dropline-helper.js | 200 OK Content-Length: 506 Content-Type: application/javascript | clean |
http://msl.co.il/modules/mod_djmenu/assets/js/djselect.js | 404 Not Found Content-Length: 1000 Content-Type: text/html | clean |
http://msl.co.il/modules/mod_djmenu/assets/js/djmenu.js | 404 Not Found Content-Length: 1000 Content-Type: text/html | clean |
http://msl.co.il//templates/jm-renewable-energy//lib/js/doctextsizer.js/ | 404 Not Found Content-Length: 1000 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: msl.co.il
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 07 Nov 2014 20:35:33 GMT
Pragma: no-cache
Server: Apache
Content-Length: 53195
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 68e82d0c03b6fb53214badea3b5219ca=3dmtu61tln68dfjs4quet86f43; path=/
...53195 bytes of data.
GET / HTTP/1.1
Host: msl.co.il
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 07 Nov 2014 20:35:33 GMT
Pragma: no-cache
Server: Apache
Content-Length: 53195
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 68e82d0c03b6fb53214badea3b5219ca=3dmtu61tln68dfjs4quet86f43; path=/
...53195 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: msl.co.il
Referer: http://www.google.com/search?q=msl.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: msl.co.il
Referer: http://www.google.com/search?q=msl.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=msl.co.il
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://msl.co.il/
Result: msl.co.il is not infected or malware details are not published yet.
Result: msl.co.il is not infected or malware details are not published yet.