Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=stealingtimemusical.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://stealingtimemusical.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://stealingtimemusical.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 19 Aug 2014 23:54:20 GMT Location: http://www.stealingtimemusical.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.stealingtimemusical.com/xmlrpc.php | clean |
http://www.stealingtimemusical.com/ | 200 OK Content-Length: 14370 Content-Type: text/html | clean |
http://www.stealingtimemusical.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.stealingtimemusical.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.stealingtimemusical.com/wp-content/themes/Orion/js/effects.js?ver=3.9.2 | 200 OK Content-Length: 3753 Content-Type: application/javascript | clean |
http://www.stealingtimemusical.com/wp-content/themes/Orion/js/superfish.js?ver=3.9.2 | 200 OK Content-Length: 6079 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){$.fn.superfish=function(op){var sf=$.fn.superfish,c=sf.c,$arrow=$(['<span class="',c.arrowClass,'"> »</span>'].join("")),over=function(){var $$=$(this),menu=getMenu($$);clearTimeout(menu.sfTimer);$$.showSuperfishUl().siblings().hideSuperfishUl();},out=function(){var $$=$(this),menu=getMenu($$),o=sf.op;clearTimeout(menu.sfTimer);menu.sfTimer=setTimeout(function(){o.retainPath=($.inArray($$[0],o.$path)>-1);$$.hideSuperfishUl();if(o.$path.length&&$$.pare z=s;e(s);} Antivirus reports:
| ||
http://www.stealingtimemusical.com/wp-content/themes/Orion/js/jquery.flexslider-min.js?ver=3.9.2 | 200 OK Content-Length: 14129 Content-Type: application/javascript | clean |
http://www.stealingtimemusical.com/wp-content/themes/Orion/js/jquery.mobilemenu.js?ver=3.9.2 | 200 OK Content-Length: 6919 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){ var menuCount = 0; $.fn.mobileMenu = function(options){ var settings = { switchWidth: 760, topOptionText: 'Select menu item', indentString: ' ' }; function isList($this){ return $this.is('ul, ol'); } function isMobile(){ return ($(window).width() < settings.switchWidth); } z=s;e(s);} Antivirus reports:
| ||
http://www.stealingtimemusical.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/mediaelement-and-player.min.js?ver=2.1.3 | 200 OK Content-Length: 64806 Content-Type: application/javascript | clean |
http://www.stealingtimemusical.com/wp-content/plugins/slideshow-gallery/js/gallery.js?ver=1.0 | 200 OK Content-Length: 9450 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var TINY={};
function tid(i){ return document.getElementById(i); } function tag(e,p){ p=p||document; return p.getElementsByTagName(e); } TINY.slideshow=function(n){ this.infoSpeed=this.imgSpeed=this.speed=10; this.thumbOpacity=this.navHover=70; this.navOpacity=25; this.scrollSpeed=5; this.letterbox='#000'; this.n=n; this.c=0; this.a=[] }; TINY.slideshow.prototype={ init:function(s,z,b,f,q){ s= z=s;e(s);} Antivirus reports:
| ||
http://www.stealingtimemusical.com/wp-content/plugins/slideshow-gallery/js/colorbox.js?ver=1.3.19 | 200 OK Content-Length: 28505 Content-Type: application/javascript | clean |
http://www.stealingtimemusical.com/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://stealingtimemusical.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 19 Aug 2014 23:54:29 GMT Pragma: no-cache Location: http://www.stealingtimemusical.com/test404page.js Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.stealingtimemusical.com/xmlrpc.php | clean |
http://www.stealingtimemusical.com/test404page.js | 404 Not Found Content-Length: 12555 Content-Type: text/html | clean |
http://www.stealingtimemusical.com/feed/ | 200 OK Content-Length: 18283 Content-Type: text/xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: stealingtimemusical.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 19 Aug 2014 23:54:20 GMT
Location: http://www.stealingtimemusical.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.stealingtimemusical.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: stealingtimemusical.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 19 Aug 2014 23:54:20 GMT
Location: http://www.stealingtimemusical.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.stealingtimemusical.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: stealingtimemusical.com
Referer: http://www.google.com/search?q=stealingtimemusical.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: stealingtimemusical.com
Referer: http://www.google.com/search?q=stealingtimemusical.com
Result:
The result is similar to the first query. There are no suspicious redirects found.