Scanned pages/files
Request | Server response | Status |
http://wbym.co.uk/ | 200 OK Content-Length: 2410 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by rooterror ...[1785 bytes skipped]... audioplay/online/alpha_buttons/negative_small&bgcolor=0xffffff&mode=playpause" quality=high wmode=transparent width="15" height="15" align="" TYPE="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer"></embed></object></div> <!-- musica fin --> <font size='7' face='Keania One'style="color: #000000; text-shadow: 0px 1px 7px #000000";>Hacked by rooterror</font> <br><br> <font size='5' face="Keania One" style="color: #000; text-shadow: 0px 1px 7px #000000";>the network security is a myth</font> <br><br> <blink><font size="2" face="Aldrich" style="color: #000000; text-shadow: 0px 1px 7px #000000";>./MX-since 2012</font></blink> <br><br> <a href="http://www.zone-h.org/archive/notifier=rooterror" target="_blank"> ...[109 bytes skipped]... | ||
http://wbym.co.uk/test404page.js | 404 Not Found Content-Length: 286 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wbym.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jul 2015 09:27:07 GMT
Server: Apache/2.4.10 (Unix)
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: wbym.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jul 2015 09:27:07 GMT
Server: Apache/2.4.10 (Unix)
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: wbym.co.uk
Referer: http://www.google.com/search?q=wbym.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wbym.co.uk
Referer: http://www.google.com/search?q=wbym.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wbym.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wbym.co.uk/
Result: wbym.co.uk is not infected or malware details are not published yet.
Result: wbym.co.uk is not infected or malware details are not published yet.