Scanned pages/files
Request | Server response | Status |
http://engineerphone.co.uk/ | 200 OK Content-Length: 8333 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by : r00t@al3x.k4pr4n0s ~ INDO-PENDENT HACKER ...[7019 bytes skipped]... ITC; font-size: 12pt; color: red} </style> <center> <img src="http://thecrowscrew.org/images/banner1.png" width="500" height="200"> <div id="example1"> <p id="example2"> <font size="7" face="Orbitron" color='#ff0000'>-=[ The Crows Crew ]=-</font> <br> <font size="5" face="Orbitron" color='silver'>Hacked by : r00t@al3x.k4pr4n0s ~ INDO-PENDENT HACKER </font> <br> <font size="4" face="Orbitron" color='#ff0000'><font color='red'>[</font> WE COME IN PEACE <font color='red'>]</font> <hr size=3 width= 25% color="#424242" align=center> <font size='7' face="Orbitron" color='red'>Your network security is 0% </font> <br><br> <font size='4' face="Orbitron" color=silver>Greets to: All Indonesian and Algeri ...[1751 bytes skipped]... | ||
http://engineerphone.co.uk/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: engineerphone.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 17:39:24 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: engineerphone.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 17:39:24 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: engineerphone.co.uk
Referer: http://www.google.com/search?q=engineerphone.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: engineerphone.co.uk
Referer: http://www.google.com/search?q=engineerphone.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=engineerphone.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://engineerphone.co.uk/
Result: engineerphone.co.uk is not infected or malware details are not published yet.
Result: engineerphone.co.uk is not infected or malware details are not published yet.