Scanned pages/files
| Request | Server response | Status |
http://birminghamseo.co/ | 200 OK Content-Length: 17391 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY +AD4-tmp9dEplN +AHw ant07alya +ADw TURKHACKTEAM// +ADw TURKHACKTEAM//+ADw-DIV style+AD <!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-7" /> <title>+ADw-/title+AD4 HACKED BY +AD4-tmp9dEplN +AHw ant07alya +ADw TURKHACKTEAM// +ADw TURKHACKTEAM//+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- â We Dominate Competition</title> <meta name="description" content="We Dominate Competition" /> <meta name="robots" content="noodp,noydir" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link rel="alternate" type="application/rss+xml" title="+ADw-/title+AD4 HACKED BY +AD4-tmp9d ...[18923 bytes skipped]... | ||
http://birminghamseo.co/wp-includes/js/jquery/jquery.js?ver=1.11.3 | 200 OK Content-Length: 95977 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/plugins/p1-local-magnet/assets/js/bootstrap.modal.min.js?ver=4.3.1 | 200 OK Content-Length: 5901 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/plugins/wp-seo-player/assets/js/jquery.mCustomScrollbar.js?ver=4.3.1 | 200 OK Content-Length: 46224 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/plugins/wp-seo-player/assets/js/respond.js?ver=4.3.1 | 200 OK Content-Length: 10164 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/plugins/wp-seo-player/assets/js/seo-player.js?ver=4.3.1 | 200 OK Content-Length: 1044 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/plugins/amzn/amzniframe.js | 200 OK Content-Length: 220 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.4 | 200 OK Content-Length: 4207 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.0.2 | 200 OK Content-Length: 133 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-content/themes/dynamik-gen/lib/js/dynamik-responsive.js?ver=1.4.2 | 200 OK Content-Length: 1412 Content-Type: application/javascript | clean |
http://birminghamseo.co/wp-admin/widgets.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 16 Dec 2015 10:20:43 GMT Pragma: no-cache Location: http://birminghamseo.co/wp-login.php?redirect_to=http%3A%2F%2Fbirminghamseo.co%2Fwp-admin%2Fwidgets.php&reauth=1 Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=aaf33ce494cb4d71d2f46f8d5069c1ee; path=/ X-Powered-By: PHP/5.3.27 | clean |
http://birminghamseo.co/wp-login.php?redirect_to=http%3a%2f%2fbirminghamseo.co%2fwp-admin%2fwidgets.php&reauth=1 | 200 OK Content-Length: 3328 Content-Type: text/html | clean |
http://birminghamseo.co/wp-login.php?action=lostpassword | 200 OK Content-Length: 2965 Content-Type: text/html | clean |
http://birminghamseo.co/wp-login.php | 200 OK Content-Length: 3317 Content-Type: text/html | clean |
http://birminghamseo.co/test404page.js | 404 Not Found Content-Length: 7725 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: birminghamseo.co
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Dec 2015 10:20:37 GMT
Pragma: no-cache
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://birminghamseo.co/>; rel=shortlink
Set-Cookie: PHPSESSID=4e8c900686165d641852db34e19698cd; path=/
X-Pingback: http://birminghamseo.co/xmlrpc.php
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: birminghamseo.co
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Dec 2015 10:20:37 GMT
Pragma: no-cache
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://birminghamseo.co/>; rel=shortlink
Set-Cookie: PHPSESSID=4e8c900686165d641852db34e19698cd; path=/
X-Pingback: http://birminghamseo.co/xmlrpc.php
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: birminghamseo.co
Referer: http://www.google.com/search?q=birminghamseo.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: birminghamseo.co
Referer: http://www.google.com/search?q=birminghamseo.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=birminghamseo.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://birminghamseo.co/
Result: birminghamseo.co is not infected or malware details are not published yet.
Result: birminghamseo.co is not infected or malware details are not published yet.