Scanned pages/files
| Request | Server response | Status |
http://universityinlondon.co.uk/ | 200 OK Content-Length: 1913 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By PaYwand Abdulla <!DOCTYPE html> <!-- saved from url=(0025)http://www.ogim.tn/sites/ --> <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <title>Hacked By PaYwand Abdulla</title> <link href="http://ge.tt/api/1/files/7FjPS5M2/0/blob?download" rel="stylesheet" type="text/css"> <style> html, body { font-family: "Lato", arial, sans-serif; height: 100%; width: 100%; margin: 0; padding: 0; background-color: #000; } body{text-shadow:0px 0px 10px #f30000;font-family: Papyru ...[1605 bytes skipped]... | ||
http://universityinlondon.co.uk/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 16 Dec 2015 00:32:32 GMT Pragma: no-cache Location: http://universityinlondon.co.uk/test404page.js/ Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=bd1p3nptqbba39atlrl3if0q17; path=/ X-Pingback: http://universityinlondon.co.uk/xmlrpc.php X-Powered-By: PHP/5.3.29 | clean |
http://universityinlondon.co.uk/test404page.js/ | 200 OK Content-Length: 5007 Content-Type: text/html | clean |
http://universityinlondon.co.uk/wp-includes/js/jquery/jquery.js?ver=1.11.2 | 200 OK Content-Length: 95952 Content-Type: application/javascript | clean |
http://universityinlondon.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://universityinlondon.co.uk/wp-content/themes/marketing-expert/js/ajax-like.js?ver=4.2.5 | 200 OK Content-Length: 742 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: universityinlondon.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 16 Dec 2015 00:32:31 GMT
Accept-Ranges: bytes
ETag: "42965183-779-524c18735e21b"
Server: nginx
Vary: Accept-Encoding
Content-Length: 1913
Content-Type: text/html
Last-Modified: Tue, 17 Nov 2015 19:28:19 GMT
...1913 bytes of data.
GET / HTTP/1.1
Host: universityinlondon.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 16 Dec 2015 00:32:31 GMT
Accept-Ranges: bytes
ETag: "42965183-779-524c18735e21b"
Server: nginx
Vary: Accept-Encoding
Content-Length: 1913
Content-Type: text/html
Last-Modified: Tue, 17 Nov 2015 19:28:19 GMT
...1913 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: universityinlondon.co.uk
Referer: http://www.google.com/search?q=universityinlondon.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: universityinlondon.co.uk
Referer: http://www.google.com/search?q=universityinlondon.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=universityinlondon.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://universityinlondon.co.uk/
Result: universityinlondon.co.uk is not infected or malware details are not published yet.
Result: universityinlondon.co.uk is not infected or malware details are not published yet.