Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: host24.co.il
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Oct 2015 12:41:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: host24.co.il
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Oct 2015 12:41:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: host24.co.il
Referer: http://www.google.com/search?q=host24.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: host24.co.il
Referer: http://www.google.com/search?q=host24.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://host24.co.il/ | HTTP/1.1 200 OK Connection: close Date: Tue, 13 Oct 2015 12:41:27 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html | clean |
http://twitter.com/ayyildizorg | HTTP/1.1 301 Moved Permanently Date: Tue, 13 Oct 2015 12:41:27 GMT Location: https://twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Set-Cookie: ua=m2; Expires=Sat, 17 Oct 2015 16:41:27 UTC; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A144474008750102769; Domain=.twitter.com; Path=/; Expires=Thu, 12-Oct-2017 12:41:27 UTC X-Connection-Hash: 79e28d8606e0a41d048ae090e69fe3d8 X-Response-Time: 3 | clean |
https://twitter.com/ayyildizorg | HTTP/1.1 307 Temporary Redirect Cache-Control: no-cache Date: Tue, 13 Oct 2015 12:41:28 GMT Location: https://mobile.twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Set-Cookie: ua=m2; Expires=Sat, 17 Oct 2015 16:41:28 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A144474008813502827; Domain=.twitter.com; Path=/; Expires=Thu, 12-Oct-2017 12:41:28 UTC Status: 307 Temporary Redirect Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 0e19e70715fd9ddbe5e74e9b1275c7f7 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 5 X-Transaction: af518ff5f6d6c32a X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/ayyildizorg | 200 OK Content-Length: 73935 Content-Type: text/html | clean |
https://ma.twimg.com/twitter-mobile/d8b94b772b819b5e2d3d28bfda898475ca794841/javascripts/framebust.js | 200 OK Content-Length: 238 Content-Type: application/javascript | clean |
https://ma.twimg.com/twitter-mobile/d8b94b772b819b5e2d3d28bfda898475ca794841/assets/m2_tweets.js | 200 OK Content-Length: 11076 Content-Type: application/javascript | clean |
http://host24.co.il/session/new | 404 Not Found Content-Length: 390 Content-Type: text/html | clean |
http://host24.co.il/test404page.js | 404 Not Found Content-Length: 393 Content-Type: text/html | clean |
http://host24.co.il/signup | 404 Not Found Content-Length: 385 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/following | 404 Not Found Content-Length: 400 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/followers | 404 Not Found Content-Length: 400 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/media/grid?idx=0 | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/media/grid?idx=1 | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/media/grid | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg?p=i | 404 Not Found Content-Length: 390 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg?p=s | 404 Not Found Content-Length: 390 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/status/653842933968437249?p=p | 404 Not Found Content-Length: 416 Content-Type: text/html | clean |
http://host24.co.il/AyyildizOrg/status/653842933968437249?p=v | 404 Not Found Content-Length: 416 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=host24.co.il
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://host24.co.il/
Result: host24.co.il is not infected or malware details are not published yet.
Result: host24.co.il is not infected or malware details are not published yet.