New scan:

Malware Scanner report for ibermega.com

Malicious/Suspicious/Total urls checked
1/0/17
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://ibermega.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 30 Apr 2014 08:32:27 GMT
Location: http://www.ibermega.com/
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
clean
http://www.ibermega.com/
200 OK
Content-Length: 34498
Content-Type: text/html
clean
http://www.ibermega.com//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Wed, 30 Apr 2014 08:32:30 GMT
Pragma: no-cache
Location: http://www.ibermega.com/ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.ibermega.com/xmlrpc.php
X-Powered-By: PHP/5.2.9
clean
http://www.ibermega.com/ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/
404 Not Found
Content-Length: 20501
Content-Type: text/html
clean
http://www.ibermega.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05
200 OK
Content-Length: 16305
Content-Type: application/javascript
clean
http://www.ibermega.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8
200 OK
Content-Length: 9630
Content-Type: application/javascript
clean
http://www.ibermega.com/wp-content/plugins/google-analytics-y-la-ley-de-cookies/main.js
200 OK
Content-Length: 5654
Content-Type: application/javascript
clean
http://www.ibermega.com/wp-content/themes/iberbase/media/js/iberbase.js?ver=3.1.0
200 OK
Content-Length: 122566
Content-Type: application/javascript
clean
http://www.ibermega.com/plantillas-web-gratis-y-premium-para-wordpress-en-espanol/
200 OK
Content-Length: 23386
Content-Type: text/html
clean
http://www.ibermega.com/author/miguelarico/
200 OK
Content-Length: 45056
Content-Type: text/html
clean
http://www.ibermega.com/themes/
200 OK
Content-Length: 22698
Content-Type: text/html
clean
http://www.ibermega.com/themes/wp-content/plugins/amazon-product-in-a-post-plugin/js/amazon-lightbox.js?ver=3.9
200 OK
Content-Length: 5497
Content-Type: application/javascript
clean
http://www.ibermega.com/themes/wp-content/plugins/wp-menu-cart/javascript/wpmenucart.js?ver=3.9
200 OK
Content-Length: 812
Content-Type: application/javascript
clean
http://www.ibermega.com/themes/wp-content/plugins/easy-digital-downloads/assets/js/edd-ajax.min.js?ver=1.9.8
200 OK
Content-Length: 5792
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function edd_load_gateway(e){jQuery(".edd-cart-ajax").show();jQuery("#edd_purchase_form_wrap").html('<img src="'+edd_scripts.ajax_loader+'"/>');jQuery.post(edd_scripts.ajaxurl+"?payment-mode="+e,{action:"edd_load_gateway",edd_payment_mode:e},function(e){jQuery("#edd_purchase_form_wrap").html(e);jQuery(".edd-no-js").hide()})}var edd_scripts;jQuery(document).ready(function(e){e(".edd-no-js").hide();e("a.edd-add-to-cart").addClass("edd-has-js");e("body").on("click.eddRemoveFromCart",".edd-rem
... 4890 bytes are skipped ...
loading);e(this).after('<span class="edd-cart-ajax"><i class="edd-icon-spinner edd-icon-spin"></i></span>');e.post(edd_global_vars.ajaxurl,e("#edd_purchase_form").serialize()+"&action=edd_process_checkout&edd_ajax=true",function(t){if(e.trim(t)=="success"){e(".edd_errors").remove();e("#edd_purchase_form").submit()}else{e("#edd_purchase_form input[type=submit]").val(n);e(".edd-cart-ajax").remove();e(".edd_errors").remove();e("#edd_purchase_submit").before(t)}})})})

Antivirus reports:

Emsisoft
Android.Trojan.GingerMaster.DN (B)

http://www.ibermega.com/themes/wp-content/plugins/responsive-lightbox/assets/prettyphoto/js/jquery.prettyPhoto.js?ver=3.9
200 OK
Content-Length: 22060
Content-Type: application/javascript
clean
http://www.ibermega.com/themes/wp-content/plugins/responsive-lightbox/js/front.js?ver=3.9
200 OK
Content-Length: 4841
Content-Type: application/javascript
clean
http://www.ibermega.com/themes/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05
200 OK
Content-Length: 16305
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ibermega.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 30 Apr 2014 08:32:27 GMT
Location: http://www.ibermega.com/
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1

...232 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ibermega.com
Referer: http://www.google.com/search?q=ibermega.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ibermega.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ibermega.com/

Result: ibermega.com is not infected or malware details are not published yet.