Scanned pages/files
Request | Server response | Status |
http://newyearseattle.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Sep 2014 06:04:24 GMT Location: http://www.zvents.com/ Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://www.zvents.com/ | 200 OK Content-Length: 39536 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js | 200 OK Content-Length: 201842 Content-Type: text/javascript | clean |
http://newyearseattle.com/foresee/foresee-trigger.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Sep 2014 06:04:30 GMT Location: http://www.zvents.com/ Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://www.zvents.com/test404page.js | 404 Not Found Content-Length: 15019 Content-Type: text/html | clean |
http://js.zvents.com/javascripts/happy_default.js?version=f1762fe1aab50b80304753ff1a6677cef9c92428 | 200 OK Content-Length: 301428 Content-Type: application/x-javascript | clean |
http://www.zvents.com/javascripts/s_code.js | 200 OK Content-Length: 39869 Content-Type: application/x-javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://edge.quantserve.com/quant.js | 200 OK Content-Length: 7874 Content-Type: application/x-javascript | clean |
http://www.zvents.com/welcome/create | HTTP/1.1 302 Found Cache-Control: no-cache Connection: keep-alive Date: Mon, 22 Sep 2014 06:04:38 GMT Location: http://www.zvents.com/listings Server: nginx/1.0.15 Content-Type: text/html; charset=utf-8 Set-Cookie: welcome=cxAQo3HHHwg-CODxwgltRg.215154860; path=/; expires=Thu, 22-Sep-2044 06:04:38 GMT Set-Cookie: zvents_tracker_sid=cxAQo3HHHwg-CODxwgltRg.215154860; path=/; expires=Thu, 22-Sep-2044 06:04:38 GMT Set-Cookie: _zsess=BAh7BzoPc2Vzc2lvbl9pZCIlZGEzZTIyZWRhZTQwOTY3ZGI4MTEyNWQ2ZWJkMTYzMWYiDWxvY2F0aW9uexAiC3JhZGl1c2lQIgljaXR5IgxWaWxuaXVzIgplcnJvckYiDWxhdGl0dWRlZhc1NC42ODMzMDAwMTgzMTA1NDciE2Rpc3BsYXlfc3RyaW5nIhdWaWxuaXVzLCBMaXRodWFuaWEiDXRpbWV6b25lIhNFdXJvcGUvVmlsbml1cyISZGlzdGFuY2VfdW5pdCIHa20iDGNvdW50cnkiDkxpdGh1YW5pYSIObG9uZ2l0dWRlZhcyNS4zMTY2OTk5ODE2ODk0NTMiEXdoZXJlX3N0cmluZ0AQIgpzdGF0ZUAW--af6af5484373e52fbaa834917a006a498a9f95f5; path=/; expires=Mon, 22-Dec-2014 06:04:38 GMT; HttpOnly Status: 302 Found X-HTTP_CLIENT_IP_O: 78.158.11.226 X-Rack-Cache: miss X-Runtime: 34 Z-DETECTED-FLAVOR: z_flavor | Z-REQUEST-HANDLED-BY: www14 | clean |
http://www.zvents.com/listings | 200 OK Content-Length: 17502 Content-Type: text/html | clean |
http://www.zvents.com/javascripts/form/add_listings.js | 200 OK Content-Length: 2878 Content-Type: application/x-javascript | clean |
http://www.zvents.com/user/signup?return_to=%2Flistings | HTTP/1.1 302 Found Cache-Control: no-cache Connection: keep-alive Date: Mon, 22 Sep 2014 06:04:40 GMT Location: https://secure.zvents.com/user/signup?return_to=%2Flistings Server: nginx/1.0.15 Content-Type: text/html; charset=utf-8 Set-Cookie: welcome=QkD3V8a1KX1fF65DzlDugQ.215154862; path=/; expires=Thu, 22-Sep-2044 06:04:40 GMT Set-Cookie: zvents_tracker_sid=QkD3V8a1KX1fF65DzlDugQ.215154862; path=/; expires=Thu, 22-Sep-2044 06:04:40 GMT Set-Cookie: _zsess=BAh7BzoPc2Vzc2lvbl9pZCIlMDJhNGZhYjI1NDJjNzhhNjY5ZWVlNjZiZmJiMGEwMzgiDWxvY2F0aW9uexAiC3JhZGl1c2lQIgljaXR5IgxWaWxuaXVzIgplcnJvckYiDWxhdGl0dWRlZhc1NC42ODMzMDAwMTgzMTA1NDciE2Rpc3BsYXlfc3RyaW5nIhdWaWxuaXVzLCBMaXRodWFuaWEiDXRpbWV6b25lIhNFdXJvcGUvVmlsbml1cyISZGlzdGFuY2VfdW5pdCIHa20iDGNvdW50cnkiDkxpdGh1YW5pYSIObG9uZ2l0dWRlZhcyNS4zMTY2OTk5ODE2ODk0NTMiEXdoZXJlX3N0cmluZ0AQIgpzdGF0ZUAW--c61be5815c02f88255176026b8e4d5c516e56c46; path=/; expires=Mon, 22-Dec-2014 06:04:40 GMT; HttpOnly Status: 302 Found X-HTTP_CLIENT_IP_O: 78.158.11.226 X-Rack-Cache: miss X-Runtime: 32 Z-DETECTED-FLAVOR: z_flavor | Z-REQUEST-HANDLED-BY: www30 | clean |
https://secure.zvents.com/user/signup?return_to=%2flistings | 200 OK Content-Length: 16879 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.zvents.com/zat <iframe src="http://www.zvents.com/zat" width="1" height="1"> | ||
https://secure.zvents.com/javascripts/happy_default.js?version=f1762fe1aab50b80304753ff1a6677cef9c92428 | 200 OK Content-Length: 300890 Content-Type: application/x-javascript | clean |
https://secure.zvents.com/javascripts/happy_forms.js?version=f1762fe1aab50b80304753ff1a6677cef9c92428 | 200 OK Content-Length: 6900 Content-Type: application/x-javascript | clean |
https://ssl.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.zvents.com//secure.quantserve.com/quant.js/ | 404 Not Found Content-Length: 15085 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: newyearseattle.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Sep 2014 06:04:24 GMT
Location: http://www.zvents.com/
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: newyearseattle.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Sep 2014 06:04:24 GMT
Location: http://www.zvents.com/
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: newyearseattle.com
Referer: http://www.google.com/search?q=newyearseattle.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: newyearseattle.com
Referer: http://www.google.com/search?q=newyearseattle.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=newyearseattle.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://newyearseattle.com/
Result: newyearseattle.com is not infected or malware details are not published yet.
Result: newyearseattle.com is not infected or malware details are not published yet.