Overview

URLt.cohttps:///XGQvLd4tFQ
IP199.16.156.75
ASNAS13414 Twitter Inc.
Location United States
Report completed2017-06-19 12:38:41 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com No alerts detected
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 199.16.156.75

Date UQ / IDS / BL URL IP
2017-06-27 15:54:140 - 0 - 0t.cohttps:///bXquTS0H7v199.16.156.75
2017-06-27 15:40:120 - 0 - 0t.cohttps:///spfnznwpbp199.16.156.75
2017-06-27 10:12:220 - 0 - 0t.cohttps:///rmCYRBcVAh199.16.156.75
2017-06-27 04:45:530 - 0 - 0t.cohttps:///jk0LEd0SoS%20#InfoSec199.16.156.75
2017-06-26 21:46:410 - 0 - 0t.cohttps:///kyzUtkU1rb199.16.156.75
2017-06-26 19:04:290 - 0 - 1t.cohttps:///j323L2Wb6X199.16.156.75

Last 6 reports on ASN: AS13414 Twitter Inc.

Date UQ / IDS / BL URL IP
2017-06-27 19:28:480 - 0 - 0twitter.comhttps:///xabuzijade/status/879680250967449600104.244.42.1
2017-06-27 19:18:470 - 0 - 0twitter.comhttps:///podycajer/status/879712615517302784104.244.42.193
2017-06-27 19:15:130 - 0 - 0twitter.comhttps:///sxgvdnu/status/879742269791797249104.244.42.65
2017-06-27 19:14:340 - 0 - 0twitter.comhttps:///KayeOlga/status/879710730936872960104.244.42.129
2017-06-27 19:08:230 - 0 - 0twitter.comhttps:///GroupIB_GIB/status/879736598535032832104.244.42.65
2017-06-27 19:05:570 - 0 - 0t.cohttps:///esr23zz8yr199.16.156.11

Last 6 reports on domain: t.co

Date UQ / IDS / BL URL IP
2017-06-27 19:05:570 - 0 - 0t.cohttps:///esr23zz8yr199.16.156.11
2017-06-27 18:51:290 - 0 - 0t.cohttps:///l3YMl2V6ML199.16.156.11
2017-06-27 16:37:050 - 0 - 1t.cohttps:///47TX74yU4e199.16.156.11
2017-06-27 15:54:140 - 0 - 0t.cohttps:///bXquTS0H7v199.16.156.75
2017-06-27 15:49:550 - 0 - 1t.cohttps:///j2V6TygLPC199.16.156.11
2017-06-27 15:44:340 - 0 - 0t.cohttps:///BCPbqKKmQk199.16.156.11



JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (12)


Request Response
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Mon, 19 Jun 2017 10:37:07 GMT
Etag: "5947687a-1d7"
Expires: Sun, 25 Jun 2017 22:37:07 GMT
Last-Modified: Mon, 19 Jun 2017 06:00:26 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Mon, 19 Jun 2017 10:37:07 GMT
Etag: "59476890-1d7"
Expires: Sun, 25 Jun 2017 22:37:07 GMT
Last-Modified: Mon, 19 Jun 2017 06:00:48 GMT
Server: ECS (arn/45E4)
X-Cache: HIT
Content-Length: 471
GET /XGQvLd4tFQ HTTP/1.1

Host: t.co

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 199.16.156.11
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate
Content-Length: 0
Date: Mon, 19 Jun 2017 10:37:07 GMT
Location: https://twitter.com/safety/unsafe_link_warning?unsafe_link=http%3A%2F%2Fbit.ly%2F2sa0bOs
Server: tsa_b
strict-transport-security: max-age=0
x-connection-hash: 49d3dad45773ecfd7b74a70e905df148
x-response-time: 19
x-xss-protection: 1; mode=block
POST / HTTP/1.1

Host: ss.symcd.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx/1.10.2
Content-Length: 1608
Content-Transfer-Encoding: binary
Cache-Control: max-age=499672, public, no-transform, must-revalidate
Last-Modified: Sun, 18 Jun 2017 05:24:59 GMT
Expires: Sun, 25 Jun 2017 05:24:59 GMT
Date: Mon, 19 Jun 2017 10:37:07 GMT
Connection: keep-alive
GET /safety/unsafe_link_warning?unsafe_link=http%3A%2F%2Fbit.ly%2F2sa0bOs HTTP/1.1

Host: twitter.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 104.244.42.193
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Content-Encoding: gzip
content-security-policy: script-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com; frame-ancestors https://tweetdeck-devel.atla.twitter.com https://tweetdeck-devel.smf1.twitter.com https://tdapi-staging.smf1.twitter.com https://tweetdeck.localhost.twitter.com https://tweetdeck.twitter.com https://mobile.twitter.com https://tdapi-staging.atla.twitter.com https://ms1.twitter.com 'self'; font-src https://twitter.com https://*.twimg.com data: https://ton.twitter.com 'self'; media-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com; connect-src 'self'; style-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com; object-src 'none'; default-src 'self'; frame-src 'self' https://*.twimg.com https://twitter.com https://ton.twitter.com; img-src https://twitter.com https://*.twimg.com data: https://ton.twitter.com 'self'; report-uri https://twitter.com/i/csp_report?a=ONYGC3LBMNQXO%3D%3D%3D&ro=false;
Date: Mon, 19 Jun 2017 10:37:08 GMT
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Last-Modified: Mon, 19 Jun 2017 10:37:08 GMT
Pragma: no-cache
Server: tsa_o
Set-Cookie: fm=0; Expires=Mon, 19 Jun 2017 10:36:58 GMT; Path=/; Domain=.twitter.com; Secure; HTTPOnly _twitter_sess=BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCJRw7b9cAToMY3NyZl9p%250AZCIlYzg1NDI3MzQwMjcwYTAwMmQ1MzQzOWI5NDI1MjdlNmI6B2lkIiUxNWNm%250AYTI5ZWE5ZWQxMWFmYTg0NzFkNTAxYjUyNTMwZA%253D%253D--a266d09fe3c755465ba8ca8838e6833cd722c193; Path=/; Domain=.twitter.com; Secure; HTTPOnly guest_id=v1%3A149786862811469188; Domain=.twitter.com; Path=/; Expires=Wed, 19-Jun-2019 10:37:08 UTC
status: 200 OK
strict-transport-security: max-age=631138519
Transfer-Encoding: chunked
x-connection-hash: f9fec7fe33ced4ceb05a31071f251ee8
x-content-type-options: nosniff
x-frame-options: DENY
x-response-time: 111
x-transaction: 00c794e500d7ad99
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 1; mode=block
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Mon, 19 Jun 2017 10:37:08 GMT
Etag: "59476167-1d7"
Expires: Sun, 25 Jun 2017 22:37:08 GMT
Last-Modified: Mon, 19 Jun 2017 05:30:15 GMT
Server: ECS (arn/45E4)
X-Cache: HIT
Content-Length: 471
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Mon, 19 Jun 2017 10:37:08 GMT
Etag: "59476d22-1d7"
Expires: Sun, 25 Jun 2017 22:37:08 GMT
Last-Modified: Mon, 19 Jun 2017 06:20:18 GMT
Server: ECS (arn/45E2)
X-Cache: HIT
Content-Length: 471
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Mon, 19 Jun 2017 10:37:08 GMT
Etag: "59477b59-1d7"
Expires: Sun, 25 Jun 2017 22:37:08 GMT
Last-Modified: Mon, 19 Jun 2017 07:20:57 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Mon, 19 Jun 2017 10:37:08 GMT
Etag: "59475377-1d7"
Expires: Sun, 25 Jun 2017 22:37:08 GMT
Last-Modified: Mon, 19 Jun 2017 04:30:47 GMT
Server: ECS (arn/459D)
X-Cache: HIT
Content-Length: 471
GET /favicons/favicon.ico HTTP/1.1

Host: abs.twimg.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 192.229.233.50
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Accept-Ranges: bytes
Date: Mon, 19 Jun 2017 10:37:08 GMT
Etag: "Sg87NoJANNxZAbQnCDQOCw=="
Expires: Mon, 26 Jun 2017 10:37:08 GMT
Last-Modified: Tue, 10 Nov 2015 19:50:56 GMT
Server: ECS (arn/45A1)
surrogate-key: twitter-assets
X-Cache: HIT
x-connection-hash: c1e5a33a71e88935b9d894cb5742949c
x-content-type-options: nosniff
x-response-time: 105
x-ton-expected-size: 6518
Content-Length: 6518
GET /safety/unsafe_link_warning.02b27721af5ca64a670e358c6a14fd9ef7d13796.css HTTP/1.1

Host: abs-0.twimg.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://twitter.com/safety/unsafe_link_warning?unsafe_link=http%3A%2F%2Fbit.ly%2F2sa0bOs
 104.244.43.195
HTTP/1.1 200 OK
Content-Type: text/css
access-control-allow-origin: *
Content-Encoding: gzip
Etag: "BRzrC4JFbuHXRdsgBq3wFQ=="
Expires: Sat, 10 Feb 2018 21:45:20 GMT
Last-Modified: Fri, 10 Feb 2017 14:34:41 GMT
x-connection-hash: 3494886318f0d5c17bf62fb0f31737d0
x-response-time: 19
x-ton-expected-size: 9249
Content-Length: 2840
Accept-Ranges: bytes
Date: Mon, 19 Jun 2017 10:37:08 GMT
Connection: keep-alive
X-Served-By: cache-tw-sto1-6-TWSTO1
X-Cache: HIT
Vary: Accept-Encoding
x-content-type-options: nosniff
X-CDN: FAST
GET /safety/unsafe_link_warning.a7eb471deb3f03d26de1c613f94c3ba5da718535.js HTTP/1.1

Host: abs-0.twimg.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://twitter.com/safety/unsafe_link_warning?unsafe_link=http%3A%2F%2Fbit.ly%2F2sa0bOs
 104.244.43.195
HTTP/1.1 200 OK
Content-Type: application/javascript
access-control-allow-origin: *
Content-Encoding: gzip
Etag: "E/V8YTOTd/26D+BoQ9LJBg=="
Expires: Wed, 28 Jun 2017 16:39:01 GMT
Last-Modified: Thu, 23 Jun 2016 23:20:42 GMT
x-connection-hash: 26a4b14a56dc0f2ff7cb50991b870aac
x-response-time: 31
x-ton-expected-size: 108741
Content-Length: 38168
Accept-Ranges: bytes
Date: Mon, 19 Jun 2017 10:37:08 GMT
Connection: keep-alive
X-Served-By: cache-tw-sto1-9-TWSTO1
X-Cache: HIT
Vary: Accept-Encoding
x-content-type-options: nosniff
X-CDN: FAST