Scanned pages/files
Request | Server response | Status |
http://www.deltaspedition.com/ | HTTP/1.1 200 OK Connection: close Date: Sun, 19 Oct 2014 14:16:29 GMT Server: nginx/1.4.4 Vary: Accept-Encoding,User-Agent Content-Type: text/html X-Powered-By: PHP/5.4.26 | clean |
http://twitter.com/ayyildizorg | HTTP/1.1 301 Moved Permanently Date: Sun, 19 Oct 2014 14:16:29 UTC Location: https://twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A141372818925000527; Domain=.twitter.com; Path=/; Expires=Tue, 18-Oct-2016 14:16:29 UTC X-Connection-Hash: 7b985f7f598859d0203bbd677df6a7fd | clean |
https://twitter.com/ayyildizorg | 200 OK Content-Length: 254642 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.abavictory.com <!DOCTYPE html> <!--[if IE 8]><html class="lt-ie10 ie8" lang="en data-scribe-reduced-action-queue="true""><![endif]--> <!--[if IE 9]><html class="lt-ie10 ie9" lang="en data-scribe-reduced-action-queue="true""><![endif]--> <!--[if gt IE 9]><!--><html lang="en" data-scribe-reduced-action-queue="true"><!--<![endif]--> <head> ...[4232 bytes skipped]... | ||
https://abs.twimg.com/c/swift/en/init.4fda889207ca906c51ad6ec7b7bcf3bc7e6e9ecd.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
http://www.deltaspedition.com/?lang=id | HTTP/1.1 200 OK Connection: close Date: Sun, 19 Oct 2014 14:16:38 GMT Server: nginx/1.4.4 Vary: Accept-Encoding,User-Agent Content-Type: text/html X-Powered-By: PHP/5.4.26 | clean |
http://twitter.com/test404page.js | HTTP/1.1 301 Moved Permanently Date: Sun, 19 Oct 2014 14:16:38 UTC Location: https://twitter.com/test404page.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A141372819878399398; Domain=.twitter.com; Path=/; Expires=Tue, 18-Oct-2016 14:16:38 UTC X-Connection-Hash: de8265fdef3027377c49b4a6496e915b | clean |
https://twitter.com/test404page.js | 404 Not Found Content-Length: 4311 Content-Type: text/html | clean |
https://abs.twimg.com/errors/404-4f54405af9c0bcdecbe656ca8893f7a9.js | 200 OK Content-Length: 10803 Content-Type: application/javascript | clean |
https://twitter.com/ | 200 OK Content-Length: 57546 Content-Type: text/html | clean |
https://twitter.com/?lang=id | 200 OK Content-Length: 58043 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/id/init.fbdab3cec237c8e8f2e5fb962eea5f1235776e4c.js | 200 OK Content-Length: 303488 Content-Type: application/javascript | clean |
https://twitter.com/?lang=msa | HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Date: Sun, 19 Oct 2014 14:16:43 UTC Pragma: no-cache Server: tsa_b Content-Length: 3036 Content-Type: text/html;charset=utf-8 Expires: Tue, 31 Mar 1981 05:00:00 GMT Last-Modified: Sun, 19 Oct 2014 14:16:43 GMT Content-Security-Policy-Report-Only: default-src https:; connect-src https:; font-src https: data:; frame-src https: http://*.twimg.com http://itunes.apple.com about: javascript:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' about: https:; style-src 'unsafe-inline' https:; report-uri https://twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=true; Set-Cookie: _twitter_sess=BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCOtxxChJAToMY3NyZl9p%250AZCIlYzMzYmM5NDIzMzJlZjhkNDMzY2QxYmRjZTNjMTE5YzQ6B2lkIiUxMDNi%250AYTE1YjhlYmI2YzU3ZmRmYzAxZGY0ZWRlOTFiYQ%253D%253D--4d9cda25fc4019a62b5e7538cbf41d52ef36dafb; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: lang=msa Set-Cookie: guest_id=v1%3A141372820324073623; Domain=.twitter.com; Path=/; Expires=Tue, 18-Oct-2016 14:16:43 UTC Status: 200 OK Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 640014bdeb233bbdf74b6e28029ea60f X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Transaction: 68d2133a1b9a8140 X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/?lang=msa | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Date: Sun, 19 Oct 2014 14:16:43 UTC Pragma: no-cache Location: https://mobile.twitter.com/i/guest Server: tsa_b Vary: Accept-Encoding Content-Language: en Content-Length: 100 Content-Type: text/html; charset=utf-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Set-Cookie: req_country=Lithuania; path=/; expires=Tue, 18-Nov-2014 14:16:43 GMT Set-Cookie: req_country_code=LT; path=/; expires=Tue, 18-Nov-2014 14:16:43 GMT Set-Cookie: req_ip=78.158.11.226; path=/; expires=Tue, 18-Nov-2014 14:16:43 GMT Set-Cookie: _mobile_sess=BAh7CDoLcmVwX2lkSSIpNzlmZmEzMTAtMzljOC0wMTMyLTk2ODYtMDA4Y2Zh%0AMDQxMjU0BjoGRVQ6EF9jc3JmX3Rva2VuIhk4NWY2YWVmNzNkNzVlMWMxNGYy%0AMDobaXNfZm9yY2VfbG9naW5fZXhlbXB0P1Q%3D%0A--23e85c62d060d5a438efdc7233e325618139c0b3; path=/; expires=Sun, 14-Dec-2014 02:46:16 GMT; secure; HttpOnly Set-Cookie: guest_id=v1%3A141372820385054981; Domain=.twitter.com; Path=/; Expires=Tue, 18-Oct-2016 14:16:43 UTC Status: 302 Found Strict-Transport-Security: max-age=631138519 X-Connection-Hash: d1a7d6a9d517465ee0b9a5fe143c479e X-Content-Type-Options: NOSNIFF X-Frame-Options: SAMEORIGIN X-Runtime: 29 X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/i/guest | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Date: Sun, 19 Oct 2014 14:16:44 UTC Pragma: no-cache Location: https://mobile.twitter.com/ Server: tsa_b Vary: Accept-Encoding Content-Language: en Content-Length: 93 Content-Type: text/html; charset=utf-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Set-Cookie: _mobile_sess=BAh7CDoLcmVwX2lkSSIpN2E1ZmJmZjAtMzljOC0wMTMyLTM3YTMtMDA4Y2Zh%0AMDNiNzQ0BjoGRVQ6EF9jc3JmX3Rva2VuIhllODNlMzQ1NmQ0NDllNzhhZTM5%0ANjobaXNfZm9yY2VfbG9naW5fZXhlbXB0P1Q%3D%0A--caea2d352b338c62b0f9724c2e5e764a22d07b10; path=/; expires=Sun, 14-Dec-2014 02:41:07 GMT; secure; HttpOnly Set-Cookie: guest_id=v1%3A141372820448631238; Domain=.twitter.com; Path=/; Expires=Tue, 18-Oct-2016 14:16:44 UTC Status: 302 Found Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 1f9b7b0b5a3d8bce68587b7a2ef47eb1 X-Content-Type-Options: NOSNIFF X-Frame-Options: SAMEORIGIN X-Runtime: 2 X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/ | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Date: Sun, 19 Oct 2014 14:16:45 UTC Pragma: no-cache Location: https://mobile.twitter.com/i/guest Server: tsa_b Vary: Accept-Encoding Content-Language: en Content-Length: 100 Content-Type: text/html; charset=utf-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Set-Cookie: req_country=Lithuania; path=/; expires=Tue, 18-Nov-2014 14:16:45 GMT Set-Cookie: req_country_code=LT; path=/; expires=Tue, 18-Nov-2014 14:16:45 GMT Set-Cookie: req_ip=78.158.11.226; path=/; expires=Tue, 18-Nov-2014 14:16:45 GMT Set-Cookie: _mobile_sess=BAh7CDoLcmVwX2lkSSIpN2FiZjk2ODAtMzljOC0wMTMyLWNhZWQtMDAwMmM5%0AZTk3MDMwBjoGRVQ6EF9jc3JmX3Rva2VuIhlhNDFkOGFjOTJlZThiYjRmYTZj%0AZDobaXNfZm9yY2VfbG9naW5fZXhlbXB0P1Q%3D%0A--0a5cd5786523f9d529ab37fe174f0ff43d194960; path=/; expires=Sun, 14-Dec-2014 02:43:43 GMT; secure; HttpOnly Set-Cookie: guest_id=v1%3A141372820511458174; Domain=.twitter.com; Path=/; Expires=Tue, 18-Oct-2016 14:16:45 UTC Status: 302 Found Strict-Transport-Security: max-age=631138519 X-Connection-Hash: bd408d40cc64e03701daba1f00ecf2a1 X-Content-Type-Options: NOSNIFF X-Frame-Options: SAMEORIGIN X-Runtime: 27 X-Xss-Protection: 1; mode=block | clean |
http://mobile.twitter.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
https://twitter.com/?lang=cs | 200 OK Content-Length: 58449 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/cs/init.01f798d74904011035db7c9d026035feb316411a.js | 200 OK Content-Length: 302033 Content-Type: application/javascript | clean |
https://twitter.com/?lang=da | 200 OK Content-Length: 57848 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/da/init.2f4e06dca27a9f8f40f31dd349371b9a0db680c1.js | 200 OK Content-Length: 300547 Content-Type: application/javascript | clean |
https://twitter.com/?lang=de | 200 OK Content-Length: 58572 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/de/init.a49b52ad4746cac825ba1fa1bc54f009ce5d6a2d.js | 200 OK Content-Length: 303063 Content-Type: application/javascript | clean |
https://twitter.com/?lang=en | 200 OK Content-Length: 57580 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: deltaspedition.com
Result:
GET / HTTP/1.1
Host: deltaspedition.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: deltaspedition.com
Referer: http://www.google.com/search?q=deltaspedition.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: deltaspedition.com
Referer: http://www.google.com/search?q=deltaspedition.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=deltaspedition.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://deltaspedition.com/
Result: deltaspedition.com is not infected or malware details are not published yet.
Result: deltaspedition.com is not infected or malware details are not published yet.