Analysis Results
https://unithomasmore.edu.ni/
Analyzed on January 14, 2026, 5:53 p.m. Click "Rescan Website" to get the latest data
Analysis SuccessfulMALWARE DETECTED!
Severity Level: MEDIUM
- Found 1 suspicious pattern(s)
Domain Information
DNS Records
A Records (IPv4 Addresses)
| Domain | IP Address |
|---|---|
unithomasmore.edu.ni |
181.78.116.19 |
MX Records (Mail Servers)
| Priority | Mail Server |
|---|---|
| 0 | unithomasmore-edu-ni.mail.protection.outlook.com. |
TXT Records
| Domain | Text Record |
|---|---|
unithomasmore.edu.ni |
"v=spf1 include:one.zoho.com include:spf.protection.outlook.com ~all" |
unithomasmore.edu.ni |
"google-site-verification=Z8UIFHpBiGrWzzUIMY0E3LbWI_EmYhBmuIG7hjPY71U" |
WWW Subdomain Records
| Subdomain | Type | Value |
|---|---|---|
www.unithomasmore.edu.ni |
A | 181.78.116.19 |
Services Detected (2 found)
Blocklisting Status
No threats detected by any security scanner
No threats detected
Hosting Information
server: apache/2.4.52 (ubuntu)
SSL/TLS Security
- Certificate Type: DV (Domain Validated - Basic Security)
- Subject: *.unithomasmore.edu.ni
-
Certificate Authority (CA):
RapidSSL TLS RSA CA G1
DigiCert Inc
www.digicert.com
US - Valid From: Dec 11 00:00:00 2025 GMT
- Valid Until: Jan 11 23:59:59 2027 GMT
- Serial Number:
0D02FD5AC03CD971C0287F8EB87CD7AC
Your SSL certificate is valid for 361 more days.
Certificate expires on Jan 11 23:59:59 2027 GMT
Content Management System
Themes
1
Plugins
11
WordPress Security Analysis
FAILEDXMLRPC.php Security Test FAILED
XMLRPC.php is accessible and vulnerable
HTTP Status: 200
WP-Login.php Security Test FAILED
WP-Login page is accessible without CAPTCHA protection
HTTP Status: 200
User Enumeration Test FAILED
User enumeration is possible via WordPress REST API
Endpoint: https://unithomasmore.edu.ni/wp-json/wp/v2/users
Status: FAILED
Message: User enumeration possible - 3 users found
HTTP Status: 200
Endpoint: https://unithomasmore.edu.ni/?rest_route=/wp/v2/users
Status: FAILED
Message: User enumeration possible - 3 users found
HTTP Status: 200
| ID | Name | Slug | Link |
|---|---|---|---|
| 5 | Javier Mairena | javier |
https://unithomasmore.edu.ni/author/javier/ |
| 1 | jixcomp | admin |
https://unithomasmore.edu.ni/author/admin/ |
| 2 | sallycruz | sallycruz |
https://unithomasmore.edu.ni/author/sallycruz/ |
Failed Security Tests:
- XMLRPC
- WP-Login
- User Enumeration
Security Headers Analysis
Present Security Headers
No security headers detected
Malware Analysis Details
Suspicious Patterns Detected
Suspicious setTimeout with redirect
Delayed redirect that could be malicious
Severity: MEDIUM
Matches Found: 1
Sample Matches:
setTimeout(hide_message, 3000);
}
}
function hide_message()
{
document.getElementById("wpcp-error-message").className = "msgmsg-box-wpcp warning-wpcp hideme";
}
</script>
<style>
@media print {
body * {display: none !important;}
body:after {
content: "No puedes contenido de la web por motivos de seguridad, Gracias"; }
}
</style>
<style type="text/css">
#wpcp-error-message {
direction: ltr;
text-align: center;
transition: opacity 900ms ease 0s;
z-index: 99999999;
}
.hideme {
opacity:0;
visibility: hidden;
}
.showme {
opacity:1;
visibility: visible;
}
.msgmsg-box-wpcp {
border:1px solid #f5aca6;
border-radius: 10px;
color: #555;
font-family: Tahoma;
font-size: 11px;
margin: 10px;
padding: 10px 36px;
position: fixed;
width: 255px;
top: 50%;
left: 50%;
margin-top: -10px;
margin-left: -130px;
-webkit-box-shadow: 0px 0px 34px 2px rgba(242,191,191,1);
-moz-box-shadow: 0px 0px 34px 2px rgba(242,191,191,1);
box-shadow: 0px 0px 34px 2px rgba(242,191,191,1);
}
.msgmsg-box-wpcp span {
font-weight:bold;
text-transform:uppercase;
}
.warning-wpcp {
background:#ffecec url('https://unithomasmore.edu.ni/wp-content/plugins/wp-content-copy-protector/images/warning.png') no-repeat 10px 50%;
}
</style>
<div data-elementor-type="popup" data-elementor-id="3300" class="elementor elementor-3300 elementor-location
Recommendations
- Review and clean suspicious HTML patterns
- Consider using a Web Application Firewall (WAF)
HTTP Headers
HTTP Response Code
200 OK - Request successfulHTTP Protocol Version
Recommendation: Consider upgrading to HTTP/2 or HTTP/3 for better performance. You can:
- Enable HTTP/2 on your web server
- Use Cloudflare or similar CDN services that support HTTP/2 and HTTP/3
- Configure your hosting provider's settings to enable HTTP/2
Information Disclosure: Server Version
Header: server
Value: Apache/2.4.52 (Ubuntu)
Server Type: Apache
The Server header reveals server version information, which can be used by attackers to identify vulnerabilities.Gzip Compression Enabled 👍
Great! This site is using Gzip compression to improve performance and reduce bandwidth usage.
| Header | Value |
|---|---|
date |
Wed, 14 Jan 2026 17:53:42 GMT |
link |
<https://unithomasmore.edu.ni/wp-json/>; rel="https://api.w.org/", <https://unithomasmore.edu.ni/wp-json/wp/v2/pages/532>; rel="alternate"; title="JSON"; type="application/json", <https://unithomasmore.edu.ni/>; rel=shortlink |
vary |
Accept-Encoding |
server |
Apache/2.4.52 (Ubuntu) |
connection |
Keep-Alive |
keep-alive |
timeout=5, max=100 |
content-type |
text/html; charset=UTF-8 |
http_version |
HTTP/1.1 |
content-length |
30851 |
content-encoding |
gzip |
Service Disclaimer
Free Service: This website security analyzer is provided as a free service to help website owners and administrators identify potential security issues and improve their website's security posture.
Donations: We welcome and appreciate donations to help us maintain and improve this service. Your support helps us keep this tool free and continuously enhance its capabilities.
Affiliate Links: We may use affiliate links for various security services, hosting providers, and security tools mentioned throughout this analysis. If you choose to purchase any of these services through our links, we may receive a small commission at no additional cost to you. This helps support the development and maintenance of this free service.
Support Our Service
Help us keep this tool free and improve it further