Scanned pages/files
Request | Server response | Status |
http://paradisegarments.com/ | 200 OK Content-Length: 114594 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by Paydar ...[93127 bytes skipped]... var marqueeheight="120px" //Specify the marquee's marquee speed (larger is faster 1-10) var marqueespeed=1 //Pause marquee onMousever (0=no. 1=yes)? var pauseit=1 //Specify the marquee's content //Keep all content on ONE line, and backslash any single quotations (ie: that\'s great): var marqueecontent='<div align=left><a href=news.php?nid=6 class=news_head>hacked by Paydar</a><br><strong class=news_head> 00-00-0000 </strong><br><br>hacked by Paydar<br><br><br>Ashiyane Digital Security Team...<br><div align=right><strong><a href=news.php?nid=6 class=news_more><u>more »</u></a></strong> </div><br><img src=img/bg1.jpg width=190 height=2><br></div>' //// ...[40790 bytes skipped]... | ||
http://paradisegarments.com/js/mis.js | 200 OK Content-Length: 35090 Content-Type: application/javascript | clean |
http://paradisegarments.com/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://paradisegarments.com/index.php | 200 OK Content-Length: 114594 Content-Type: text/html | clean |
http://paradisegarments.com/profile.php | 200 OK Content-Length: 88480 Content-Type: text/html | clean |
http://paradisegarments.com/contact.php | 200 OK Content-Length: 99522 Content-Type: text/html | clean |
http://paradisegarments.com/basket.php | 200 OK Content-Length: 87146 Content-Type: text/html | clean |
http://paradisegarments.com/nproducts.php | 200 OK Content-Length: 87719 Content-Type: text/html | clean |
http://paradisegarments.com/tell.php | 200 OK Content-Length: 90100 Content-Type: text/html | clean |
http://paradisegarments.com/cata.php | 200 OK Content-Length: 96329 Content-Type: text/html | clean |
http://paradisegarments.com/products.php?IDZ=0-0-0-154-5 | 200 OK Content-Length: 218085 Content-Type: text/html | clean |
http://paradisegarments.com/products.php?IDZ=0-0-0-155-5 | 200 OK Content-Length: 165810 Content-Type: text/html | clean |
http://paradisegarments.com/products.php?IDZ=0-0-0-156-5 | 200 OK Content-Length: 157368 Content-Type: text/html | clean |
http://paradisegarments.com/products.php?IDZ=0-0-0-157-5 | 200 OK Content-Length: 165810 Content-Type: text/html | clean |
http://paradisegarments.com/products.php?IDZ=0-0-0-158-5 | 200 OK Content-Length: 165812 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: paradisegarments.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 04 Mar 2015 10:17:11 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c3e359628dcc974ee21d7df328faf6ec; path=/
X-Powered-By: PHP/5.4.37
GET / HTTP/1.1
Host: paradisegarments.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 04 Mar 2015 10:17:11 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c3e359628dcc974ee21d7df328faf6ec; path=/
X-Powered-By: PHP/5.4.37
Second query (visit from search engine):
GET / HTTP/1.1
Host: paradisegarments.com
Referer: http://www.google.com/search?q=paradisegarments.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: paradisegarments.com
Referer: http://www.google.com/search?q=paradisegarments.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=paradisegarments.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://paradisegarments.com/
Result: paradisegarments.com is not infected or malware details are not published yet.
Result: paradisegarments.com is not infected or malware details are not published yet.