Dreamhost abuse, website not updated, hacked and defaced...

Re: http://killmalware.com/kwinter.co.uk/#
Website risk status: http://toolbar.netcraft.com/site_report?url=http://66.33.209.250
& http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fkwinter.co.uk
No malware found: http://quttera.com/detailed_report/kwinter.co.uk
Detected:
ISSUE DETECTED DEFINITION INFECTED URL
Internal Server Error 500-error?v1 -http://kwinter.co.uk/404testpage4525d2fdc
nternal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmasterATkwinter.co.uk and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
Read: https://www.surevine.com/shellshocked-a-quick-demo-of-how-easy-it-is-to-exploit/
Here a index.php_hack (css-inline etc.)

polonus (volunteer website security analyst and website error-hunter)

Some reads on Dreamhost abuse and defacements: http://www.zone-h.org/archive/domain=dreamhost.midimania.pl?zh=1
and https://discussion.dreamhost.com/thread-7576.html and also recommendations to enhance security from Sucuri’s:
https://blog.sucuri.net/2012/05/how-to-enhance-user-security-with-dreamhost.html

Why again and again we see these big non-pro-active bulk-hosters involved here?

polonus

Update with another example: http://check.gred.jp/WebscanAction.action?page_type=# (missed)
http://toolbar.netcraft.com/site_report?url=http://roundlondon.co.uk
IP badness: https://www.virustotal.com/en/ip-address/66.33.209.250/information/
See: https://oscarotero.com/embed/demo/index.php?url=http://roundlondon.co.uk/

pol