Scanned pages/files
Request | Server response | Status |
http://www.complete-web-seo.co.uk/ | 200 OK Content-Length: 2092 Content-Type: text/html | clean |
http://www.complete-web-seo.co.uk/.ftpquota | 200 OK Content-Length: 14 Content-Type: text/plain | clean |
http://www.complete-web-seo.co.uk/test404page.js | 404 Not Found Content-Length: 402 Content-Type: text/html | clean |
http://www.complete-web-seo.co.uk/360promo.co.uk/ | 200 OK Content-Length: 39805 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 22search.chatzum.com <html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title> Hacked By VIRTUAL</title> <style type="text/css"> html,body{ min-height: 100%; } body{ padding: 0; margin: 0; ...[5082 bytes skipped]... Hidden iFrame found. size: 0x0 src: http://www.youtube.com/v/ur-kp87o5n8?autoplay=1 <iframe width="0" height="0" src="http://www.youtube.com/v/ur-kp87o5n8?autoplay=1" frameborder="0" allowfullscreen=""> Deface/Content modification. The following signature was found: Hacked By VIRTUAL <html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title> Hacked By VIRTUAL</title> <style type="text/css"> html,body{ min-height: 100%; } body{ padding: 0; margin: 0; font-size: 12px; font-family: "Trebuchet MS", Arial, Helvetica, sans-serif; color: #c2d4ea; background: #000000; ...[48267 bytes skipped]... | ||
http://dwww_objectify_ca.d.chango.com/c/1363292207859/c.js?&t=%20Hacked%20By%20VIRTUAL&p=http%3A%2F%2Fwww.uaa.aero%2Fx.htm&r=http%3A%2F%2Fwww.golgeler.net%2Fshadow!virtual-hacker!9&aid=11079&chaid=www_objectify_ca | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Pragma: no-cache Location: /c/lt.js?p=http%3A%2F%2Fwww.uaa.aero%2Fx.htm&r=http%3A%2F%2Fwww.golgeler.net%2Fshadow%21virtual-hacker%219&chaid=www_objectify_ca&t=+Hacked+By+VIRTUAL&aid=11079&is_new_user=true Server: RTB Content-Length: 0 Content-Type: text/html; charset=UTF-8 P3P: policyref="http://as.chango.com/static/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Set-Cookie: _t=36c06c76-6323-11e4-9387-00259036d0b2; Domain=chango.com; expires=Thu, 31 Oct 2024 06:32:42 GMT; Path=/ Set-Cookie: _vt=0; Domain=chango.com; expires=Wed, 03 Dec 2014 06:32:42 GMT; Path=/ | clean |
http://dwww_objectify_ca.d.chango.com/c/lt.js?p=http%3a%2f%2fwww.uaa.aero%2fx.htm&r=http%3a%2f%2fwww.golgeler.net%2fshadow%21virtual-hacker%219&chaid=www_objectify_ca&t=+hacked+by+virtual&aid=11079&is_new_user=true | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://p.chango.com/static/c.js | 200 OK Content-Length: 646 Content-Type: application/javascript | clean |
http://www.google-analytics.com/ga.js | 200 OK Content-Length: 40924 Content-Type: text/javascript | clean |
http://dwww_objectify_ca.d.chango.com/c/1359368078702/c.js?&t=%20Hacked%20By%20sirh4x0r%20and%20iskorpitx&p=http%3A%2F%2F10-etv.com%2Fh4x0rteam.htm&r=&aid=11079&chaid=www_objectify_ca | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Pragma: no-cache Location: /c/lt.js?p=http%3A%2F%2F10-etv.com%2Fh4x0rteam.htm&chaid=www_objectify_ca&t=+Hacked+By+sirh4x0r+and+iskorpitx&aid=11079&is_new_user=true Server: RTB Content-Length: 0 Content-Type: text/html; charset=UTF-8 P3P: policyref="http://as.chango.com/static/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Set-Cookie: _t=3768a648-6323-11e4-ac06-0025900e06da; Domain=chango.com; expires=Thu, 31 Oct 2024 06:32:43 GMT; Path=/ Set-Cookie: _vt=0; Domain=chango.com; expires=Wed, 03 Dec 2014 06:32:43 GMT; Path=/ | clean |
http://dwww_objectify_ca.d.chango.com/c/lt.js?p=http%3a%2f%2f10-etv.com%2fh4x0rteam.htm&chaid=www_objectify_ca&t=+hacked+by+sirh4x0r+and+iskorpitx&aid=11079&is_new_user=true | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://www.complete-web-seo.co.uk/360promo.co.uk/chrome-extension://dlnembnfbcpjnepmfjmngjenhhajpdfd/resources/LocalScript.js | 404 Not Found Content-Length: 402 Content-Type: text/html | clean |
http://www.complete-web-seo.co.uk/360promo.co.uk/chrome-extension://dlnembnfbcpjnepmfjmngjenhhajpdfd/libraries/DataExchangeScript.js | 404 Not Found Content-Length: 402 Content-Type: text/html | clean |
http://netloader.cc/run.js | 200 OK Content-Length: 300760 Content-Type: application/x-javascript | clean |
http://sg.perion.com/v1.1/js/gt.js | 403 Forbidden Content-Length: 2 Content-Type: text/html | clean |
http://lp.sweetim.com/server/GetCountryCode.asp | 200 OK Content-Length: 27 Content-Type: text/html | clean |
http://sg.perion.com/v1.1/js/update.js | 200 OK Content-Length: 13286 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: search.chatzum.com ...[984 bytes skipped]... archcompletion.com":"q","www.adoresearch.com":"q","www.searchcore.net":"q","googosearch.info":"terms","bar.searchqu.com":"q","search.speedbit.com":"q","search.toggle.com":"q","isearch.whitesmoke.com":"q","search.handycafe.com":"q","searchassist.babylon.com":"q","video.searchcompletion.com":"q","www.searchbrowsing.com":"q","search.anchorfree.net":"q","search.hotspotshield.com":"q","dts.search-results.com":"q","uk.search-results.com":"q","search.chatzum.com":"q","search.phpnuke.org":"q","www.i-mysearch.com":"q","search.smartaddressbar.com":"q","www.search-guru.com":"q","searchgby.com":"","thespecialsearch.com":"q","search.bpath.com":"q","start.funmoods.com":"s","fr.search-results.com":"q","de.search-results.com":"q","it.search-results.com":"q","es.search-results.com":"q","search.imesh.com":"q","search.swagbucks.com":"q","isearch.avg.com":"q","search.avg.com":"q","search.yippy.com":"query","cludr.com":"q","search.vmn.net":"q","www.g ...[2081 bytes skipped]... | ||
http://i.simpli.fi/dpx.js?cid=3065&m=1 | 200 OK Content-Length: 4500 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: complete-web-seo.co.uk
Result:
GET / HTTP/1.1
Host: complete-web-seo.co.uk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: complete-web-seo.co.uk
Referer: http://www.google.com/search?q=complete-web-seo.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: complete-web-seo.co.uk
Referer: http://www.google.com/search?q=complete-web-seo.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=complete-web-seo.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://complete-web-seo.co.uk/
Result: complete-web-seo.co.uk is not infected or malware details are not published yet.
Result: complete-web-seo.co.uk is not infected or malware details are not published yet.