Scanned pages/files
| Request | Server response | Status |
http://producingpeak.com/ | 200 OK Content-Length: 88005 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by Paydar ...[96922 bytes skipped]... var marqueeheight="120px" //Specify the marquee's marquee speed (larger is faster 1-10) var marqueespeed=1 //Pause marquee onMousever (0=no. 1=yes)? var pauseit=1 //Specify the marquee's content //Keep all content on ONE line, and backslash any single quotations (ie: that\'s great): var marqueecontent='<div align=left><a href=news.php?nid=4 class=news_head>hacked by Paydar</a><br><strong class=news_head> 21-11-2014 </strong><br><br>hacked by Paydar<br><br><br>ashiyane Digital Security Team...<br><br><div align=right><strong><a href=news.php?nid=4 class=news_more><u>more »</u></a></strong> </div><br><img src=images/iconbg.jpg width=201 height=1><br><br></div& ...[7918 bytes skipped]... | ||
http://producingpeak.com/js/mis.js | 200 OK Content-Length: 33324 Content-Type: application/javascript | clean |
http://producingpeak.com/js/prototype.js | 200 OK Content-Length: 47603 Content-Type: application/javascript | clean |
http://producingpeak.com/js/scriptaculous.js?load=effects | 200 OK Content-Length: 2152 Content-Type: application/javascript | clean |
http://producingpeak.com/js/lightbox.js | 200 OK Content-Length: 23381 Content-Type: application/javascript | clean |
http://producingpeak.com/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://producingpeak.com/js/myjs.js | 200 OK Content-Length: 34450 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 10816 Content-Type: text/javascript | clean |
http://producingpeak.com/index.php | 200 OK Content-Length: 88005 Content-Type: text/html | clean |
http://producingpeak.com/aboutus.php | 200 OK Content-Length: 76916 Content-Type: text/html | clean |
http://producingpeak.com/contact.php | 200 OK Content-Length: 87270 Content-Type: text/html | clean |
http://producingpeak.com/nproducts.php | 200 OK Content-Length: 95746 Content-Type: text/html | clean |
http://producingpeak.com/admincp/sdata/itmimgs/itm_l_749.jpg | 200 OK Content-Length: 87721 Content-Type: image/jpeg | clean |
http://producingpeak.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://producingpeak.com/admincp/sdata/itmimgs/itm_l_748.jpg | 200 OK Content-Length: 47751 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: producingpeak.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 06 Mar 2015 03:10:19 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e1a5089af47d855f71c72e4de7a46a50; path=/
X-Powered-By: PHP/5.4.37
GET / HTTP/1.1
Host: producingpeak.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 06 Mar 2015 03:10:19 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e1a5089af47d855f71c72e4de7a46a50; path=/
X-Powered-By: PHP/5.4.37
Second query (visit from search engine):
GET / HTTP/1.1
Host: producingpeak.com
Referer: http://www.google.com/search?q=producingpeak.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: producingpeak.com
Referer: http://www.google.com/search?q=producingpeak.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=producingpeak.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://producingpeak.com/
Result: producingpeak.com is not infected or malware details are not published yet.
Result: producingpeak.com is not infected or malware details are not published yet.