Scanned pages/files
Request | Server response | Status |
http://ibermega.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Apr 2014 08:32:27 GMT Location: http://www.ibermega.com/ Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch Vary: Accept-Encoding Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ibermega.com/ | 200 OK Content-Length: 34498 Content-Type: text/html | clean |
http://www.ibermega.com//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 30 Apr 2014 08:32:30 GMT Pragma: no-cache Location: http://www.ibermega.com/ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.ibermega.com/xmlrpc.php X-Powered-By: PHP/5.2.9 | clean |
http://www.ibermega.com/ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ | 404 Not Found Content-Length: 20501 Content-Type: text/html | clean |
http://www.ibermega.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/javascript | clean |
http://www.ibermega.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8 | 200 OK Content-Length: 9630 Content-Type: application/javascript | clean |
http://www.ibermega.com/wp-content/plugins/google-analytics-y-la-ley-de-cookies/main.js | 200 OK Content-Length: 5654 Content-Type: application/javascript | clean |
http://www.ibermega.com/wp-content/themes/iberbase/media/js/iberbase.js?ver=3.1.0 | 200 OK Content-Length: 122566 Content-Type: application/javascript | clean |
http://www.ibermega.com/plantillas-web-gratis-y-premium-para-wordpress-en-espanol/ | 200 OK Content-Length: 23386 Content-Type: text/html | clean |
http://www.ibermega.com/author/miguelarico/ | 200 OK Content-Length: 45056 Content-Type: text/html | clean |
http://www.ibermega.com/themes/ | 200 OK Content-Length: 22698 Content-Type: text/html | clean |
http://www.ibermega.com/themes/wp-content/plugins/amazon-product-in-a-post-plugin/js/amazon-lightbox.js?ver=3.9 | 200 OK Content-Length: 5497 Content-Type: application/javascript | clean |
http://www.ibermega.com/themes/wp-content/plugins/wp-menu-cart/javascript/wpmenucart.js?ver=3.9 | 200 OK Content-Length: 812 Content-Type: application/javascript | clean |
http://www.ibermega.com/themes/wp-content/plugins/easy-digital-downloads/assets/js/edd-ajax.min.js?ver=1.9.8 | 200 OK Content-Length: 5792 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function edd_load_gateway(e){jQuery(".edd-cart-ajax").show();jQuery("#edd_purchase_form_wrap").html('<img src="'+edd_scripts.ajax_loader+'"/>');jQuery.post(edd_scripts.ajaxurl+"?payment-mode="+e,{action:"edd_load_gateway",edd_payment_mode:e},function(e){jQuery("#edd_purchase_form_wrap").html(e);jQuery(".edd-no-js").hide()})}var edd_scripts;jQuery(document).ready(function(e){e(".edd-no-js").hide();e("a.edd-add-to-cart").addClass("edd-has-js");e("body").on("click.eddRemoveFromCart",".edd-rem Antivirus reports:
| ||
http://www.ibermega.com/themes/wp-content/plugins/responsive-lightbox/assets/prettyphoto/js/jquery.prettyPhoto.js?ver=3.9 | 200 OK Content-Length: 22060 Content-Type: application/javascript | clean |
http://www.ibermega.com/themes/wp-content/plugins/responsive-lightbox/js/front.js?ver=3.9 | 200 OK Content-Length: 4841 Content-Type: application/javascript | clean |
http://www.ibermega.com/themes/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ibermega.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 30 Apr 2014 08:32:27 GMT
Location: http://www.ibermega.com/
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
...232 bytes of data.
GET / HTTP/1.1
Host: ibermega.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 30 Apr 2014 08:32:27 GMT
Location: http://www.ibermega.com/
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g PHP/5.2.9 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
...232 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ibermega.com
Referer: http://www.google.com/search?q=ibermega.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ibermega.com
Referer: http://www.google.com/search?q=ibermega.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ibermega.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ibermega.com/
Result: ibermega.com is not infected or malware details are not published yet.
Result: ibermega.com is not infected or malware details are not published yet.