Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://d-news.co/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: d-news.co Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Location: http://ow.ly Content-Length: 0 | malicious |
Scanned pages/files
Request | Server response | Status |
http://d-news.co/fnerq | HTTP/1.1 301 Moved Permanently Connection: close Location: http://www.justjared.com/2012/11/17/will-i-am-britney-spears-scream-and-shout/ Content-Length: 0 | clean |
http://www.justjared.com/2012/11/17/will-i-am-britney-spears-scream-and-shout/ | 200 OK Content-Length: 98659 Content-Type: text/html | clean |
http://www.justjared.com/wp-content/themes/default/target.js | 200 OK Content-Length: 1885 Content-Type: application/javascript | clean |
http://www.justjared.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=3.2.1 | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
http://www.justjared.com/wp-content/plugins/anti-spam/js/anti-spam.js?ver=2.2 | 200 OK Content-Length: 1812 Content-Type: application/javascript | clean |
http://d-news.co/wp-content/themes/default/js/jquery.als-1.2.min.js?v=1 | HTTP/1.1 301 Moved Permanently Connection: close Location: http://ow.ly Content-Length: 0 | clean |
http://ow.ly/ | HTTP/1.1 301 Moved Permanently Connection: close Location: /url/shorten-url Content-Length: 0 | clean |
http://ow.ly/url/shorten-url | 200 OK Content-Length: 2912 Content-Type: text/html | clean |
https://ws.areyouahuman.com/ws/script/9c23d8d067c270d618274dd8efa605efe4ce7a09 | 200 OK Content-Length: 219513 Content-Type: text/javascript | clean |
http://static.ow.ly/v1/js/app.8489fabb7f783290.js | 200 OK Content-Length: 107502 Content-Type: application/javascript | clean |
http://d-news.co/login | HTTP/1.1 303 See Other Connection: close Location: https://api.twitter.com/oauth/authorize?oauth_token=AHKg2fJJxDc8sGjk3WIf76gLEpynK8jk Content-Length: 0 Set-Cookie: OWLYSID="6e3f04ba64fb1afa452f0df8328d9be156239d7a-SID=0828f2c8ace744c682e87a2b31d4dc079e383700bfe74e8d8baae41d9b68a73481fde7e363f445aa958a4145c3ed9485d1f41f83f0514eeeade4409adbe376c8"; Path=/; HTTPOnly | clean |
https://api.twitter.com/oauth/authorize?oauth_token=ahkg2fjjxdc8sgjk3wif76glepynk8jk | 403 Forbidden Content-Length: 3111 Content-Type: text/html | clean |
https://abs.twimg.com/a/1417651733/tfw/loadrunner.js | 200 OK Content-Length: 10480 Content-Type: application/javascript | clean |
http://d-news.co/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Location: http://ow.ly Content-Length: 0 | clean |
http://ow.ly/test404page.js | 404 Not Found Content-Length: 2393 Content-Type: text/html | clean |
http://ow.ly/login | HTTP/1.1 303 See Other Connection: close Location: https://api.twitter.com/oauth/authorize?oauth_token=4cMPTVb563zDmmqQ8eZz7RX1cRHXLcgv Content-Length: 0 Set-Cookie: OWLYSID="b264697e190207d2d9a024ec103e17241422fbb8-SID=042866f7f13e4c40b3dc1f48deb7ed8c044f839dd0a94497a16b3285903a8cf28b88d9a3312b439eb381abde08613be3b027a447bca44ce4a592ad98e9155716"; Path=/; HTTPOnly | clean |
https://api.twitter.com/oauth/authorize?oauth_token=4cmptvb563zdmmqq8ezz7rx1crhxlcgv | 403 Forbidden Content-Length: 3111 Content-Type: text/html | clean |
https://api.twitter.com/intent/session?return_to=%2Foauth%2Fauthorize%3Foauth_token%3D4cmptvb563zdmmqq8ezz7rx1crhxlcgv | 200 OK Content-Length: 4703 Content-Type: text/html | clean |
https://api.twitter.com/ | 404 Not Found Content-Length: 4311 Content-Type: text/html | clean |
https://abs.twimg.com/errors/404-4f54405af9c0bcdecbe656ca8893f7a9.js | 200 OK Content-Length: 10803 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=d-news.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://d-news.co/
Result: d-news.co is not infected or malware details are not published yet.
Result: d-news.co is not infected or malware details are not published yet.