Scanned pages/files
Request | Server response | Status |
http://www.democratherald.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=10 Connection: close Date: Mon, 22 Dec 2014 22:31:44 GMT Via: 1.1 varnish Accept-Ranges: bytes Age: 529 ETag: 1e241eaf37480e976d70a966de8c9d6e Location: http://democratherald.com/ Server: WWW Content-Length: 654 Content-Type: text/html; charset=UTF-8 Real-Hostname: democratherald.com X-Cache-Info: cached X-Loop: 1 X-PersistenceNode: 1 X-PHP-Engine: enabled X-TN-ServedBy: cms.varnish-app.6081 X-TNCMS-Memory-Usage: 3578200 X-TNCMS-Render-Time: 0.0089 X-TNCMS-Served-By: cmsapp12 X-TNCMS-Version: 1.19.2 X-Varnish: 2901940834 2901817308 X-VCache: HIT X-XRDS-Location: http://democratherald.com/tncms/xrds/ | clean |
http://democratherald.com/ | 200 OK Content-Length: 160286 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: California whacked by ...[98852 bytes skipped]... t Oregon, killing 2, causing damage</a></li> <li><a href="/news/state-and-regional/california-whacked-by-pineapple-express-storm/article_0d4d58a6-de24-548a-b2be-3171b4a55ffb.html" title="California whacked by 'Pineapple Express' storm">California whacked by 'Pineapple Express' storm</a></li> <li><a href="" title=""></a></li> ...[91249 bytes skipped]... | ||
http://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/components/lee_core_2/resources/scripts/jquery.1.7.2.js?_dc=1418983480 | 200 OK Content-Length: 94839 Content-Type: application/x-javascript | clean |
http://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/components/lee_core_2/resources/scripts/plugins.js?_dc=1418983480 | 200 OK Content-Length: 46774 Content-Type: application/x-javascript | clean |
http://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/components/lee_core_2/resources/scripts/common.js?_dc=1418983480 | 200 OK Content-Length: 11696 Content-Type: application/x-javascript | clean |
http://www.democratherald.com/shared-content/art/tncms/tracking.js | 200 OK Content-Length: 2435 Content-Type: application/x-javascript | clean |
http://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/ads/tncms-ad-limits.js?_dc=1419285477 | 200 OK Content-Length: 124 Content-Type: application/x-javascript | clean |
http://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/ads/tncms-ad-curve.js?_dc=1419238571 | 200 OK Content-Length: 1974 Content-Type: application/x-javascript | clean |
http://www.democratherald.com/shared-content/art/tncms-ad-manager/ads.js | 200 OK Content-Length: 28931 Content-Type: application/x-javascript | clean |
https://www.google.com/jsapi | 200 OK Content-Length: 24553 Content-Type: text/javascript | clean |
http://www.democratherald.com/shared-content/art/tncms-ad-manager/swfobject/swfobject.js | 200 OK Content-Length: 5993 Content-Type: application/x-javascript | clean |
http://stats.townnews.com/shared-content/stats/common/tracker.js | 200 OK Content-Length: 7594 Content-Type: application/x-javascript | clean |
http://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/ads/weather/weather1.js?_dc=1417449672 | 200 OK Content-Length: 1190 Content-Type: application/x-javascript | clean |
http://api.circularhub.com/1144/8c8d9f8046678151/circularhub_module.js | 200 OK Content-Length: 131670 Content-Type: text/javascript | clean |
http://widgets.digitalmediacommunications.com/embed/retail/300x250/1263/mid | 200 OK Content-Length: 316 Content-Type: application/x-javascript | clean |
http://www.democratherald.com/calendar/lee-calendar/resources/scripts/date.js | 404 Not Found Content-Length: 680 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: democratherald.com
Result:
HTTP/1.1 200 OK
Cache-Control: public, max-age=10
Connection: close
Date: Mon, 22 Dec 2014 22:31:44 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 91
ETag: 1a741825d4df2ceec1191fbf23b6cd66
Server: WWW
Vary: Accept-Encoding
Content-Length: 160286
Content-Type: text/html; charset=UTF-8
Real-Hostname: democratherald.com
X-Cache-Info: cached
X-ChromeLogger-Data: eyJ2ZXJzaW9uIjoiMS4xOS4yIiwiY29sdW1ucyI6WyJ0eXBlIiwibG9nIiwiYmFja3RyYWNlIl0sInJvd3MiOltbIndhcm4iLFsiY21zLnVybDogRmFpbGVkIHRvIHBhc3MgXCJhcHBcIiBvciBcInBhdGhcIiJdLCJlZGl0b3JpYWxcL2xlZS1uZXdzXC90ZW1wbGF0ZXNcL2Zyb250Lmh0bWwudXRsIl1dfQ==
X-Loop: 1
X-PersistenceNode: 0
X-PHP-Engine: enabled
X-TN-ServedBy: cms.varnish-app.6081
X-TNCMS-Memory-Usage: 12960064
X-TNCMS-Render-Time: 4.9274
X-TNCMS-Served-By: cmsapp17
X-TNCMS-Version: 1.19.2
X-Varnish: 3544742203 3544717189
X-VCache: HIT
X-XRDS-Location: http://democratherald.com/tncms/xrds/
...160286 bytes of data.
GET / HTTP/1.1
Host: democratherald.com
Result:
HTTP/1.1 200 OK
Cache-Control: public, max-age=10
Connection: close
Date: Mon, 22 Dec 2014 22:31:44 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 91
ETag: 1a741825d4df2ceec1191fbf23b6cd66
Server: WWW
Vary: Accept-Encoding
Content-Length: 160286
Content-Type: text/html; charset=UTF-8
Real-Hostname: democratherald.com
X-Cache-Info: cached
X-ChromeLogger-Data: eyJ2ZXJzaW9uIjoiMS4xOS4yIiwiY29sdW1ucyI6WyJ0eXBlIiwibG9nIiwiYmFja3RyYWNlIl0sInJvd3MiOltbIndhcm4iLFsiY21zLnVybDogRmFpbGVkIHRvIHBhc3MgXCJhcHBcIiBvciBcInBhdGhcIiJdLCJlZGl0b3JpYWxcL2xlZS1uZXdzXC90ZW1wbGF0ZXNcL2Zyb250Lmh0bWwudXRsIl1dfQ==
X-Loop: 1
X-PersistenceNode: 0
X-PHP-Engine: enabled
X-TN-ServedBy: cms.varnish-app.6081
X-TNCMS-Memory-Usage: 12960064
X-TNCMS-Render-Time: 4.9274
X-TNCMS-Served-By: cmsapp17
X-TNCMS-Version: 1.19.2
X-Varnish: 3544742203 3544717189
X-VCache: HIT
X-XRDS-Location: http://democratherald.com/tncms/xrds/
...160286 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: democratherald.com
Referer: http://www.google.com/search?q=democratherald.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: democratherald.com
Referer: http://www.google.com/search?q=democratherald.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=democratherald.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://democratherald.com/
Result: democratherald.com is not infected or malware details are not published yet.
Result: democratherald.com is not infected or malware details are not published yet.