Scanned pages/files
Request | Server response | Status |
http://redleaf.es/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 30 Sep 2014 03:12:30 GMT Pragma: no-cache Location: http://www.redleaf.es/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=c4447e647c752389740ccd8c3fd8b8eb; path=/ X-Pingback: http://www.redleaf.es/xmlrpc.php X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.redleaf.es/ | 200 OK Content-Length: 39736 Content-Type: text/html | clean |
http://www.redleaf.es//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 30 Sep 2014 03:12:34 GMT Pragma: no-cache Location: http://www.redleaf.es/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=b571240a7e82675d44fd72d62a45f349; path=/ X-Pingback: http://www.redleaf.es/xmlrpc.php X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.redleaf.es/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | 404 Not Found Content-Length: 3 Content-Type: text/html | clean |
http://www.redleaf.es/test404page.js | 404 Not Found Content-Length: 3 Content-Type: text/html | clean |
http://www.redleaf.es/wp-includes/js/jquery/jquery-migrate.js?ver=1.2.1 | 200 OK Content-Length: 17142 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/private-content/js/private-content.js?ver=3.24 | 200 OK Content-Length: 5995 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/sweetcaptcha-revolutionary-free-captcha-service/js/swtcptcf.js?ver=3.0.8 | 200 OK Content-Length: 1755 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/cookie-law-info/js/cookielawinfo.js?ver=4.0 | 200 OK Content-Length: 6919 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.tools.min.js?rev=4.6.0&ver=4.0 | 200 OK Content-Length: 95767 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.6.0&ver=4.0 | 200 OK Content-Length: 112014 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/ultimate-preloader/js/ups.js?ver=4.0 | 200 OK Content-Length: 11610 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/themes/minimum/js/html5.js?ver=4.0 | 200 OK Content-Length: 10686 Content-Type: application/javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
http://redleaf.es//www.sweetcaptcha.com/api/v2/apps/csrf/107201?ver=3.0.8/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 30 Sep 2014 03:12:44 GMT Pragma: no-cache Location: http://www.redleaf.es/www.sweetcaptcha.com/api/v2/apps/csrf/107201?ver=3.0.8/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=05be5c8e5986b6967fccd627d59cc32e; path=/ X-Pingback: http://www.redleaf.es/xmlrpc.php X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.redleaf.es/www.sweetcaptcha.com/api/v2/apps/csrf/107201?ver=3.0.8/ | 404 Not Found Content-Length: 3 Content-Type: text/html | clean |
http://www.redleaf.es/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 17192 Content-Type: application/javascript | clean |
http://www.redleaf.es/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8.1 | 200 OK Content-Length: 10517 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: redleaf.es
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 30 Sep 2014 03:12:30 GMT
Pragma: no-cache
Location: http://www.redleaf.es/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c4447e647c752389740ccd8c3fd8b8eb; path=/
X-Pingback: http://www.redleaf.es/xmlrpc.php
X-UA-Compatible: IE=edge,chrome=1
...0 bytes of data.
GET / HTTP/1.1
Host: redleaf.es
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 30 Sep 2014 03:12:30 GMT
Pragma: no-cache
Location: http://www.redleaf.es/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c4447e647c752389740ccd8c3fd8b8eb; path=/
X-Pingback: http://www.redleaf.es/xmlrpc.php
X-UA-Compatible: IE=edge,chrome=1
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: redleaf.es
Referer: http://www.google.com/search?q=redleaf.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: redleaf.es
Referer: http://www.google.com/search?q=redleaf.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=redleaf.es
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://redleaf.es/
Result: redleaf.es is not infected or malware details are not published yet.
Result: redleaf.es is not infected or malware details are not published yet.