Scanned pages/files
Request | Server response | Status |
http://5templates.net/ | 200 OK Content-Length: 8645 Content-Type: text/html | clean |
http://5templates.net/media/system/js/core.js | 200 OK Content-Length: 3616 Content-Type: application/javascript | clean |
http://5templates.net/media/system/js/mootools-core.js | 200 OK Content-Length: 83987 Content-Type: application/javascript | clean |
http://5templates.net/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/javascript | clean |
http://5templates.net/media/system/js/mootools-more.js | 200 OK Content-Length: 224389 Content-Type: application/javascript | clean |
http://5templates.net/templates/theme648/javascript/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://5templates.net/templates/theme648/javascript/cufon-yui.js | 200 OK Content-Length: 18258 Content-Type: application/javascript | clean |
http://5templates.net/templates/theme648/javascript/cufon-replace.js | 200 OK Content-Length: 81 Content-Type: application/javascript | clean |
http://5templates.net/templates/theme648/javascript/AGOpusHighResolution_700.font.js | 200 OK Content-Length: 17429 Content-Type: application/javascript | clean |
http://5templates.net/templates/theme648/javascript/html5.js | 200 OK Content-Length: 1381 Content-Type: application/javascript | clean |
http://5templates.net/templates/theme648/javascript/tiny.js | 200 OK Content-Length: 4870 Content-Type: application/javascript | clean |
http://5templates.net/index.php/solutions-train-3 | 200 OK Content-Length: 10732 Content-Type: text/html | clean |
http://5templates.net/index.php/ | 200 OK Content-Length: 8655 Content-Type: text/html | clean |
http://5templates.net/index.php/affiliate-program1-2 | 200 OK Content-Length: 9319 Content-Type: text/html | clean |
http://5templates.net/index.php/production-2 | 200 OK Content-Length: 6004 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY HIDDEN27 ...[6663 bytes skipped]... r/> <div class="main"> <div id="content"> <div class="wrapper"> <div class="item-page"> <h1> Production </h1> <div id="article"> <div class="wrapper"> <div class="col-1"> <div class="indent"> <div class="border-bot p4"> <h2>HACKED BY HIDDEN27</h2> </div> </div> </div> <div class="col-3"></div> </div> </div> </div> </div> </div> </div> </div> <footer> <div id="footer"> <p>HR Consulting Services © 2011. <a href="#">All rights reserved</a></p> <!-- ...[132 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 5templates.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Jun 2015 09:31:28 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Set-Cookie: b80d9bd9162520783308b9be43397e7f=61a2c658467b120eaa04595712d467ef; path=/
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: 5templates.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Jun 2015 09:31:28 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Set-Cookie: b80d9bd9162520783308b9be43397e7f=61a2c658467b120eaa04595712d467ef; path=/
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: 5templates.net
Referer: http://www.google.com/search?q=5templates.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 5templates.net
Referer: http://www.google.com/search?q=5templates.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=5templates.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://5templates.net/
Result: 5templates.net is not infected or malware details are not published yet.
Result: 5templates.net is not infected or malware details are not published yet.