Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: howtousewordpress.net
Result:
GET / HTTP/1.1
Host: howtousewordpress.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: howtousewordpress.net
Referer: http://www.google.com/search?q=howtousewordpress.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: howtousewordpress.net
Referer: http://www.google.com/search?q=howtousewordpress.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.howtousewordpress.net/ | HTTP/1.1 200 OK Connection: close Date: Wed, 23 Sep 2015 18:13:23 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html | clean |
http://twitter.com/ayyildizorg | HTTP/1.1 301 Moved Permanently Date: Wed, 23 Sep 2015 18:13:23 GMT Location: https://twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A144303200371174415; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:23 UTC X-Connection-Hash: e8a91b2587ce32391ff9928dfa24a970 X-Response-Time: 3 | clean |
https://twitter.com/ayyildizorg | HTTP/1.1 307 Temporary Redirect Cache-Control: no-cache Date: Wed, 23 Sep 2015 18:13:24 GMT Location: https://mobile.twitter.com/ayyildizorg Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A144303200453513773; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:24 UTC Status: 307 Temporary Redirect Strict-Transport-Security: max-age=631138519 X-Connection-Hash: e0881846fd7b9e968483dcce35dfaf8a X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 4 X-Transaction: f8af82f4d967af61 X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/ayyildizorg | 200 OK Content-Length: 77623 Content-Type: text/html | clean |
https://ma.twimg.com/twitter-mobile/53ae948cf290086b1957cc44e4a42e8b5ce6db69/javascripts/framebust.js | 200 OK Content-Length: 238 Content-Type: application/javascript | clean |
https://ma.twimg.com/twitter-mobile/53ae948cf290086b1957cc44e4a42e8b5ce6db69/assets/m2_tweets.js | 200 OK Content-Length: 10657 Content-Type: application/javascript | clean |
http://www.howtousewordpress.net/session/new | HTTP/1.1 200 OK Connection: close Date: Wed, 23 Sep 2015 18:13:28 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html | clean |
http://twitter.com/test404page.js | HTTP/1.1 301 Moved Permanently Date: Wed, 23 Sep 2015 18:13:28 GMT Location: https://twitter.com/test404page.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A144303200869487525; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:28 UTC X-Connection-Hash: 180a2695e9a60e0cb62b2e332cf64698 X-Response-Time: 2 | clean |
https://twitter.com/test404page.js | 404 Not Found Content-Length: 4458 Content-Type: text/html | clean |
https://abs.twimg.com/errors/404-5b74379aef88b251a1bb61207fdf03a9.js | 200 OK Content-Length: 11426 Content-Type: application/javascript | clean |
https://twitter.com/ | HTTP/1.1 307 Temporary Redirect Cache-Control: no-cache Date: Wed, 23 Sep 2015 18:13:33 GMT Location: https://mobile.twitter.com/ Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A144303201327937800; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:33 UTC Status: 307 Temporary Redirect Strict-Transport-Security: max-age=631138519 X-Connection-Hash: df605549cadbdda2ee1a44db269ecb00 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 30 X-Transaction: be78d276df49a5cb X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/ | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Date: Wed, 23 Sep 2015 18:13:34 GMT Pragma: no-cache Location: https://mobile.twitter.com/i/guest Server: tsa_b Vary: Accept-Encoding Content-Language: en Content-Length: 0 Expires: Tue, 31 Mar 1981 05:00:00 GMT Last-Modified: Wed, 23 Sep 2015 18:13:34 GMT Content-Security-Policy: default-src 'self'; connect-src 'self'; font-src 'self' data:; frame-src https://*.twitter.com twitter: https://www.google.com; img-src https://twitter.com https://*.twitter.com https://*.twimg.com https://maps.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com data:; media-src https://*.twitter.com https://*.twimg.com https://*.cdn.vine.co; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.twimg.com https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'unsafe-inline' https://*.twitter.com https://*.twimg.com; report-uri https://twitter.com/i/csp_report?a=O5SWEZTPOJQWY3A%3D&ro=false; Set-Cookie: _mobile_sess=BAh7ByIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoQX2NzcmZfdG9rZW4iJTJmYjAxMjgxNGU4NzA5MjdjYjVhMTk3MDI0MjYxMjRh--95be622c9683a3c802e10014e1f51683cff358f9; Expires=Sun, 22 Nov 2015 18:13:34 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCDgdaftPAToHaWQiJTE3%250ANmY5ZjVkNGU4NDY0MmU5N2Y0NDQ1NjY0MTE5NjE0--abddd2b697b47cfc43bc963e00170327b1d40e71; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: d=32; Expires=Thu, 22 Sep 2016 18:13:34 GMT; Path=/; Domain=.twitter.com; Secure Set-Cookie: mobile_metrics_token=144303201412149959; Expires=Fri, 22 Sep 2017 18:13:34 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: zrca=5; Expires=Fri, 23 Oct 2015 18:13:34 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A144303201413236861; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:34 UTC Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 97403b98d7ac6a54e9d60dc563cff79c X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 10 X-Transaction: 2b5401d2e3017e5b X-Twitter-Response-Tags: BouncerCompliant X-Xss-Protection: 1; mode=block | clean |
https://mobile.twitter.com/i/guest | 200 OK Content-Length: 4740 Content-Type: text/html | clean |
https://mobile.twitter.com/session/new | 200 OK Content-Length: 4361 Content-Type: text/html | clean |
https://mobile.twitter.com/signup | 200 OK Content-Length: 4622 Content-Type: text/html | clean |
https://ma.twimg.com/twitter-mobile/53ae948cf290086b1957cc44e4a42e8b5ce6db69/assets/m2_signup.js | 200 OK Content-Length: 7281 Content-Type: application/javascript | clean |
https://mobile.twitter.com/i/js_inst?input_id=ui_metrics | 200 OK Content-Length: 10220 Content-Type: text/javascript | clean |
https://mobile.twitter.com/tos?lang=en | 200 OK Content-Length: 33702 Content-Type: text/html | clean |
https://g.twimg.com/js/e8ae5bd/js_pQFhHS6YUoZj5r8sios9xawISCpdk_1HxiKy9OMWyf8.js | 200 OK Content-Length: 195004 Content-Type: application/javascript | clean |
https://g.twimg.com/js/e8ae5bd/js_XbS6NnEAUejJcVL59F-pX6DN8ENToDacQkmPcr_FIMg.js | 200 OK Content-Length: 104931 Content-Type: application/javascript | clean |
https://g.twimg.com/js/e8ae5bd/js_Rk5YIkK6m2gKTGH-GrMu0pM_PlMKXnI0ktQUgXw1XgA.js | 200 OK Content-Length: 1766 Content-Type: application/javascript | clean |
https://mobile.twitter.com/?lang=de | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Date: Wed, 23 Sep 2015 18:13:46 GMT Pragma: no-cache Location: https://mobile.twitter.com/i/guest Server: tsa_b Vary: Accept-Encoding Content-Language: de Content-Length: 0 Expires: Tue, 31 Mar 1981 05:00:00 GMT Last-Modified: Wed, 23 Sep 2015 18:13:46 GMT Content-Security-Policy: default-src 'self'; connect-src 'self'; font-src 'self' data:; frame-src https://*.twitter.com twitter: https://www.google.com; img-src https://twitter.com https://*.twitter.com https://*.twimg.com https://maps.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com data:; media-src https://*.twitter.com https://*.twimg.com https://*.cdn.vine.co; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.twimg.com https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'unsafe-inline' https://*.twitter.com https://*.twimg.com; report-uri https://twitter.com/i/csp_report?a=O5SWEZTPOJQWY3A%3D&ro=false; Set-Cookie: _mobile_sess=BAh7ByIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoQX2NzcmZfdG9rZW4iJWFlZjU0MWJkMjI2YmUyMjg4M2UyZTljZTgwOTA0NmJj--761d02ffc8bedb3baabcf0cefe8f797ed77adc6f; Expires=Sun, 22 Nov 2015 18:13:46 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCNdMaftPAToHaWQiJWUx%250AZWEzYTFkZWE1ZjFlOTFiMWFjNTVhMGI5YmUzZWVi--f93100243650eb04743c66569fe3d9d491055768; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: d=32; Expires=Thu, 22 Sep 2016 18:13:46 GMT; Path=/; Domain=.twitter.com; Secure Set-Cookie: lang=de; Path=/ Set-Cookie: mobile_metrics_token=144303202628831196; Expires=Fri, 22 Sep 2017 18:13:46 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: zrca=5; Expires=Fri, 23 Oct 2015 18:13:46 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A144303202632495950; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:46 UTC Strict-Transport-Security: max-age=631138519 X-Connection-Hash: 1e029cd1cd9958dcb2d3aaa4d22de30e X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Response-Time: 8 X-Transaction: 114c3b8ab2a65e75 X-Twitter-Response-Tags: BouncerCompliant X-Xss-Protection: 1; mode=block | clean |
http://mobile.twitter.com/test404page.js | HTTP/1.1 301 Moved Permanently Date: Wed, 23 Sep 2015 18:13:46 GMT Location: https://mobile.twitter.com/test404page.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A144303202672398358; Domain=.twitter.com; Path=/; Expires=Fri, 22-Sep-2017 18:13:46 UTC X-Connection-Hash: 983e51adedfda092b879b77b7a09ca11 X-Response-Time: 3 | clean |
https://mobile.twitter.com/test404page.js | 404 Not Found Content-Length: 4015 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=howtousewordpress.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://howtousewordpress.net/
Result: howtousewordpress.net is not infected or malware details are not published yet.
Result: howtousewordpress.net is not infected or malware details are not published yet.