Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: playingnet.tumblr.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Dec 2015 17:32:37 GMT
Vary: X-UA-Device
Content-Type: text/html; charset=utf-8
Link: <http://38.media.tumblr.com/avatar_eba43928536e_128.png>; rel=icon
P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Tumblr-Pixel: 3
X-Tumblr-Pixel-0: http://px.srvcs.tumblr.com/impixu?T=1450978357&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDpcL1wvcGxheWluZ25ldC50dW1ibHIuY29tXC8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6IlwvIn0=&U=OICGCCGHCN&K=da9c1e1d2e0c9943bf7091630a9b537e555c04555283279cbbf1527a940ad991--http://px.srvcs.tumblr.com/impixu?T=1450978357&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6XC9cL3BsYXlpbmduZXQudHVtYmxyLmNvbVwvIiwicmVxdHlwZSI6MCwicm91dGUiOiJcLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI2MDY0MjM5ODI4MCIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9LHsicG
X-Tumblr-Pixel-1: 9zdGlkIjoiNTg2MTU3OTk4MzMiLCJibG9naWQiOiIxMDY4NjY2NjMiLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjU4NjE1NzA4MzY5IiwiYmxvZ2lkIjoiMTA2ODY2NjYzIiwic291cmNlIjozM30seyJwb3N0aWQiOiI1ODYxNTU1Mjg1MyIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiNTg2MTU0MjcyNTUiLCJibG9naWQiOiIxMDY4NjY2NjMiLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjU4NjE1MzAyNDkxIiwiYmxvZ2lkIjoiMTA2ODY2NjYzIiwic291cmNlIjozM30seyJwb3N0aWQiOiI1ODYxNTI0NDM3MCIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiNTg2MTUxNTk0MDgi
X-Tumblr-Pixel-2: LCJibG9naWQiOiIxMDY4NjY2NjMiLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjU4NjE1MDcwNjU5IiwiYmxvZ2lkIjoiMTA2ODY2NjYzIiwic291cmNlIjozM30seyJwb3N0aWQiOiI1ODYxNDk4NzMyMCIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9XX0=&U=HHHEONJNJC&K=0ea723af5709ae7f86d0270358330ddfcfeeafb01a7acab4e3faae4090f3c7fb
X-Tumblr-User: playingnet
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
GET / HTTP/1.1
Host: playingnet.tumblr.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Dec 2015 17:32:37 GMT
Vary: X-UA-Device
Content-Type: text/html; charset=utf-8
Link: <http://38.media.tumblr.com/avatar_eba43928536e_128.png>; rel=icon
P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Tumblr-Pixel: 3
X-Tumblr-Pixel-0: http://px.srvcs.tumblr.com/impixu?T=1450978357&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDpcL1wvcGxheWluZ25ldC50dW1ibHIuY29tXC8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6IlwvIn0=&U=OICGCCGHCN&K=da9c1e1d2e0c9943bf7091630a9b537e555c04555283279cbbf1527a940ad991--http://px.srvcs.tumblr.com/impixu?T=1450978357&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6XC9cL3BsYXlpbmduZXQudHVtYmxyLmNvbVwvIiwicmVxdHlwZSI6MCwicm91dGUiOiJcLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI2MDY0MjM5ODI4MCIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9LHsicG
X-Tumblr-Pixel-1: 9zdGlkIjoiNTg2MTU3OTk4MzMiLCJibG9naWQiOiIxMDY4NjY2NjMiLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjU4NjE1NzA4MzY5IiwiYmxvZ2lkIjoiMTA2ODY2NjYzIiwic291cmNlIjozM30seyJwb3N0aWQiOiI1ODYxNTU1Mjg1MyIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiNTg2MTU0MjcyNTUiLCJibG9naWQiOiIxMDY4NjY2NjMiLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjU4NjE1MzAyNDkxIiwiYmxvZ2lkIjoiMTA2ODY2NjYzIiwic291cmNlIjozM30seyJwb3N0aWQiOiI1ODYxNTI0NDM3MCIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiNTg2MTUxNTk0MDgi
X-Tumblr-Pixel-2: LCJibG9naWQiOiIxMDY4NjY2NjMiLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjU4NjE1MDcwNjU5IiwiYmxvZ2lkIjoiMTA2ODY2NjYzIiwic291cmNlIjozM30seyJwb3N0aWQiOiI1ODYxNDk4NzMyMCIsImJsb2dpZCI6IjEwNjg2NjY2MyIsInNvdXJjZSI6MzN9XX0=&U=HHHEONJNJC&K=0ea723af5709ae7f86d0270358330ddfcfeeafb01a7acab4e3faae4090f3c7fb
X-Tumblr-User: playingnet
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
Second query (visit from search engine):
GET / HTTP/1.1
Host: playingnet.tumblr.com
Referer: http://www.google.com/search?q=playingnet.tumblr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: playingnet.tumblr.com
Referer: http://www.google.com/search?q=playingnet.tumblr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://playingnet.tumblr.com/ | 200 OK Content-Length: 63385 Content-Type: text/html | clean |
http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=4407ac63b04a974114891da19b333539 | 200 OK Content-Length: 3361 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
http://static.tumblr.com/euguvyd/4Dsl43n9o/jcarousellite.min.js | 200 OK Content-Length: 2857 Content-Type: application/x-javascript | clean |
http://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=8b0553f75283ecbeb78be24f096f4c2c | 200 OK Content-Length: 361 Content-Type: application/javascript | clean |
http://assets.tumblr.com/client/prod/standalone/tumblelog/index.js?_v=446ad63458b55abc51029a2108cfad2f | 200 OK Content-Length: 302052 Content-Type: application/javascript | clean |
http://playingnet.tumblr.com/ask | 200 OK Content-Length: 34110 Content-Type: text/html | clean |
http://playingnet.tumblr.com/submit | 200 OK Content-Length: 34159 Content-Type: text/html | clean |
http://playingnet.tumblr.com/mobile | 200 OK Content-Length: 26903 Content-Type: text/html | clean |
http://playingnet.tumblr.com/mobile/page/2 | 200 OK Content-Length: 23698 Content-Type: text/html | clean |
http://playingnet.tumblr.com/mobile/page/1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 24 Dec 2015 17:32:42 GMT Accept-Ranges: bytes Location: /mobile Vary: X-UA-Device Content-Length: 0 Content-Type: text/html P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" X-Tumblr-User: playingnet X-UA-Compatible: IE=Edge,chrome=1 X-UA-Device: desktop | clean |
http://playingnet.tumblr.com/test404page.js | 404 Not Found Content-Length: 33876 Content-Type: text/html | clean |
http://playingnet.tumblr.com/rss | 200 OK Content-Length: 14038 Content-Type: text/xml | clean |
http://playingnet.tumblr.com/post/60642398280/use-pcs-photos-and-files-with-bluestacks | 200 OK Content-Length: 37400 Content-Type: text/html | clean |
http://playingnet.tumblr.com/tagged/bluestacks | 200 OK Content-Length: 37924 Content-Type: text/html | clean |
http://playingnet.tumblr.com/tagged/whatsapp | 200 OK Content-Length: 37946 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=playingnet.tumblr.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://playingnet.tumblr.com/
Result: playingnet.tumblr.com is not infected or malware details are not published yet.
Result: playingnet.tumblr.com is not infected or malware details are not published yet.