Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cantonnails.com
Result:
GET / HTTP/1.1
Host: cantonnails.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: cantonnails.com
Referer: http://www.google.com/search?q=cantonnails.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cantonnails.com
Referer: http://www.google.com/search?q=cantonnails.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.cantonnails.com/ | HTTP/1.1 200 OK Connection: close Date: Sun, 09 Aug 2015 23:50:11 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html | clean |
http://twitter.com/ayyildizorg | HTTP/1.1 301 Moved Permanently Date: Sun, 09 Aug 2015 23:50:12 GMT Location: https://twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A143916421216252784; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:12 UTC X-Connection-Hash: 53974b345707f0881cc93d4e6bb6bfac X-Response-Time: 3 | clean |
https://twitter.com/ayyildizorg | HTTP/1.1 307 Temporary Redirect Cache-Control: no-cache Date: Sun, 09 Aug 2015 23:50:12 GMT Location: https://mobile.twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Content-Security-Policy: default-src 'self'; connect-src 'self' https://upload.twitter.com https://analytics.twitter.com https://pay.twitter.com https://graph.facebook.com; font-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com data:; frame-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com twitter: https://www.youtube.com https://vine.co https://upload.twitter.com https://platform.twitter.com https://syndication.twitter.com https://s-static.ak.facebook.com https://www.facebook.com https://pay.twitter.com; img-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com blob: https://syndication.twitter.com https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com data:; media-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com blob:; object-src https://twitter.com https://pbs.twimg.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com https://platform.twitter.com https://syndication.twitter.com https://analytics.twitter.com https://www.google-analytics.com https://ssl.google-analytics.com https://connect.facebook.net https://cm.g.doubleclick.net https://api.twitter.com https://graph.facebook.com https://www.google.com; style-src 'unsafe-inline' 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://translate.googleapis.com https://platform.twitter.com; report-uri https://twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=false; Set-Cookie: guest_id=v1%3A143916421277733640; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:12 UTC Status: 307 Temporary Redirect Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 0d642da23a3dd16a99abe7774ff736df X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 5 X-Transaction: cd40a5f17ec359cd X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/ayyildizorg | 200 OK Content-Length: 75726 Content-Type: text/html | clean |
https://ma.twimg.com/twitter-mobile/c52e5c0f8c8c1a475530daaac8d16f2af34a3319/javascripts/framebust.js | 200 OK Content-Length: 238 Content-Type: application/javascript | clean |
https://ma.twimg.com/twitter-mobile/c52e5c0f8c8c1a475530daaac8d16f2af34a3319/assets/m2_tweets.js | 200 OK Content-Length: 10657 Content-Type: application/javascript | clean |
http://www.cantonnails.com/session/new | HTTP/1.1 200 OK Connection: close Date: Sun, 09 Aug 2015 23:50:14 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html | clean |
http://twitter.com/test404page.js | HTTP/1.1 301 Moved Permanently Date: Sun, 09 Aug 2015 23:50:15 GMT Location: https://twitter.com/test404page.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A143916421511845031; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:15 UTC X-Connection-Hash: 84e4e5eb38cc38181d0b35a69f74c236 X-Response-Time: 3 | clean |
https://twitter.com/test404page.js | 404 Not Found Content-Length: 4458 Content-Type: text/html | clean |
https://abs.twimg.com/errors/404-5b74379aef88b251a1bb61207fdf03a9.js | 200 OK Content-Length: 11426 Content-Type: application/javascript | clean |
https://twitter.com/ | HTTP/1.1 307 Temporary Redirect Cache-Control: no-cache Date: Sun, 09 Aug 2015 23:50:16 GMT Location: https://mobile.twitter.com/ Server: tsa_b Content-Length: 0 Content-Security-Policy: default-src 'self'; connect-src 'self' https://upload.twitter.com https://analytics.twitter.com https://pay.twitter.com https://graph.facebook.com; font-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com data:; frame-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com twitter: https://www.youtube.com https://vine.co https://upload.twitter.com https://platform.twitter.com https://syndication.twitter.com https://s-static.ak.facebook.com https://www.facebook.com https://pay.twitter.com; img-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com blob: https://syndication.twitter.com https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com data:; media-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com blob:; object-src https://twitter.com https://pbs.twimg.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com https://platform.twitter.com https://syndication.twitter.com https://analytics.twitter.com https://www.google-analytics.com https://ssl.google-analytics.com https://connect.facebook.net https://cm.g.doubleclick.net https://api.twitter.com https://graph.facebook.com https://www.google.com; style-src 'unsafe-inline' 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://translate.googleapis.com https://platform.twitter.com; report-uri https://twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=false; Set-Cookie: guest_id=v1%3A143916421658304474; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:16 UTC Status: 307 Temporary Redirect Strict-Transport-Security: max-age=631138519 X-Connection-Hash: bae73f09dce88cf2d835f1f8261e3468 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 6 X-Transaction: b32f0de7ec438c5f X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/ | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Date: Sun, 09 Aug 2015 23:50:17 GMT Pragma: no-cache Location: https://mobile.twitter.com/i/guest Server: tsa_b Vary: Accept-Encoding Content-Language: en Content-Length: 0 Expires: Tue, 31 Mar 1981 05:00:00 GMT Last-Modified: Sun, 09 Aug 2015 23:50:17 GMT Content-Security-Policy: default-src 'self'; connect-src 'self'; font-src 'self' data:; frame-src https://*.twitter.com twitter: https://www.google.com; img-src https://twitter.com https://*.twitter.com https://*.twimg.com https://maps.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com data:; media-src https://*.twitter.com https://*.twimg.com https://*.cdn.vine.co; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.twimg.com https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'unsafe-inline' https://*.twitter.com https://*.twimg.com; report-uri https://twitter.com/i/csp_report?a=O5SWEZTPOJQWY3A%3D&ro=false; Set-Cookie: _mobile_sess=BAh7ByIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoQX2NzcmZfdG9rZW4iJTMwMDNhMzA5Y2M5OWU4NTViM2JjNTg3NmY4OGJiMDUy--98aee0643187c7e60772c38b57b231a62e9bafaa; Expires=Thu, 08 Oct 2015 23:50:17 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCHk33xRPAToHaWQiJTI5%250AYjI2ZTY1MDBhYTZmOWViOGZiZGE3NzQ0NTdkZjI4--7aa9a1716e7d35ec9c0ee7ab82339435cfd102e2; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: d=32; Expires=Mon, 08 Aug 2016 23:50:17 GMT; Path=/; Domain=.twitter.com; Secure Set-Cookie: mobile_metrics_token=143916421732448714; Expires=Tue, 08 Aug 2017 23:50:17 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: zrca=3; Expires=Tue, 08 Sep 2015 23:50:17 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A143916421720583400; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:17 UTC Strict-Transport-Security: max-age=631138519 X-Connection-Hash: dda53fd406c0dc9782d4a75300459c15 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 11 X-Transaction: df5c5472ffb289c8 X-Twitter-Response-Tags: BouncerCompliant X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/i/guest | 200 OK Content-Length: 4740 Content-Type: text/html | clean |
https://mobile.twitter.com/session/new | 200 OK Content-Length: 4361 Content-Type: text/html | clean |
https://mobile.twitter.com/signup | 200 OK Content-Length: 4618 Content-Type: text/html | clean |
https://ma.twimg.com/twitter-mobile/c52e5c0f8c8c1a475530daaac8d16f2af34a3319/assets/m2_signup.js | 200 OK Content-Length: 7281 Content-Type: application/javascript | clean |
https://mobile.twitter.com/i/js_inst?input_id=ui_metrics | 200 OK Content-Length: 9617 Content-Type: text/javascript | clean |
https://mobile.twitter.com/tos?lang=en | 200 OK Content-Length: 33692 Content-Type: text/html | clean |
https://g.twimg.com/js/c36a1fb/js_PC7sGSb0pEoirRlQzzeP_OCtnJXNqrmCSAx83C4Zlxo.js | 200 OK Content-Length: 194214 Content-Type: application/javascript | clean |
https://g.twimg.com/js/c36a1fb/js_-qTWwe9W7A2LZSkjsZmREOZKmy7rbTKwkxyIpNG-uTo.js | 200 OK Content-Length: 104846 Content-Type: application/javascript | clean |
https://g.twimg.com/js/c36a1fb/js_Rk5YIkK6m2gKTGH-GrMu0pM_PlMKXnI0ktQUgXw1XgA.js | 200 OK Content-Length: 1766 Content-Type: application/javascript | clean |
https://mobile.twitter.com/?lang=de | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Date: Sun, 09 Aug 2015 23:50:23 GMT Pragma: no-cache Location: https://mobile.twitter.com/i/guest Server: tsa_b Vary: Accept-Encoding Content-Language: de Content-Length: 0 Expires: Tue, 31 Mar 1981 05:00:00 GMT Last-Modified: Sun, 09 Aug 2015 23:50:23 GMT Content-Security-Policy: default-src 'self'; connect-src 'self'; font-src 'self' data:; frame-src https://*.twitter.com twitter: https://www.google.com; img-src https://twitter.com https://*.twitter.com https://*.twimg.com https://maps.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com data:; media-src https://*.twitter.com https://*.twimg.com https://*.cdn.vine.co; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.twimg.com https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'unsafe-inline' https://*.twitter.com https://*.twimg.com; report-uri https://twitter.com/i/csp_report?a=O5SWEZTPOJQWY3A%3D&ro=false; Set-Cookie: _mobile_sess=BAh7ByIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoQX2NzcmZfdG9rZW4iJTA5NDcyOTI3MDAwNmRlNWY4OWVjNWUxMjAxOWRkZGQz--ae7145c7d2d14e9c5c994cbc4934a04a446ecb85; Expires=Thu, 08 Oct 2015 23:50:23 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCP5O3xRPAToHaWQiJTNi%250AZjYwYzdkN2QzMjYwZjkxYjUwOThmMTU0NTAxZTlj--0c608257fd5eb5d405d2b4e7218c6eefe227197c; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: d=32; Expires=Mon, 08 Aug 2016 23:50:23 GMT; Path=/; Domain=.twitter.com; Secure Set-Cookie: lang=de; Path=/ Set-Cookie: mobile_metrics_token=143916422339372426; Expires=Tue, 08 Aug 2017 23:50:23 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: zrca=3; Expires=Tue, 08 Sep 2015 23:50:23 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A143916422322328579; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:23 UTC Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 522a37784b7c15ddaf802e8c5f573bab X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 12 X-Transaction: 42854bb12d3b1f56 X-Twitter-Response-Tags: BouncerCompliant X-Xss-Protection: 1; mode=block | clean |
http://mobile.twitter.com/test404page.js | HTTP/1.1 301 Moved Permanently Date: Sun, 09 Aug 2015 23:50:23 GMT Location: https://mobile.twitter.com/test404page.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A143916422354758059; Domain=.twitter.com; Path=/; Expires=Tue, 08-Aug-2017 23:50:23 UTC X-Connection-Hash: 0171ef72e489ac3da159ca845da69dc7 X-Response-Time: 2 | clean |
https://mobile.twitter.com/test404page.js | 404 Not Found Content-Length: 4015 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cantonnails.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cantonnails.com/
Result: cantonnails.com is not infected or malware details are not published yet.
Result: cantonnails.com is not infected or malware details are not published yet.