Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: henrylax.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 02 Sep 2014 14:48:23 GMT
Location: http://leagueathletics.com/Default.asp?snid=kCHD%5E1H6Z&org=henrylax
Server: Apache/2.2.22 (Debian)
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
...334 bytes of data.
GET / HTTP/1.1
Host: henrylax.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 02 Sep 2014 14:48:23 GMT
Location: http://leagueathletics.com/Default.asp?snid=kCHD%5E1H6Z&org=henrylax
Server: Apache/2.2.22 (Debian)
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
...334 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: henrylax.com
Referer: http://www.google.com/search?q=henrylax.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: henrylax.com
Referer: http://www.google.com/search?q=henrylax.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://henrylax.com/ | HTTP/1.1 302 Found Connection: close Date: Tue, 02 Sep 2014 14:48:23 GMT Location: http://leagueathletics.com/Default.asp?snid=kCHD%5E1H6Z&org=henrylax Server: Apache/2.2.22 (Debian) Content-Length: 334 Content-Type: text/html; charset=iso-8859-1 | clean |
http://leagueathletics.com/default.asp?snid=kchd%5e1h6z&org=henrylax | 200 OK Content-Length: 109879 Content-Type: text/html | clean |
https://partner.googleadservices.com/gampad/google_service.js | 200 OK Content-Length: 3867 Content-Type: text/javascript | clean |
http://henrylax.com/js/jquery-1.10.2.min.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://henrylax.com/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
http://henrylax.com//ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://henrylax.com/js/jquery.timepicker_old.min.js | 404 Not Found Content-Length: 307 Content-Type: text/html | clean |
http://henrylax.com/js/bootstrap23.min.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://henrylax.com/js/bxSlider/jquery.bxslider.js | 404 Not Found Content-Length: 306 Content-Type: text/html | clean |
http://henrylax.com/js/jquery.bootstrap-growl.min.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://henrylax.com/Tools/Masonary/jquery.masonry.min.js | 404 Not Found Content-Length: 312 Content-Type: text/html | clean |
http://henrylax.com/Tools/Masonary/js/modernizr-transitions.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://henrylax.com/js/galleria/galleria-1.2.9.min.js | 404 Not Found Content-Length: 309 Content-Type: text/html | clean |
http://henrylax.com/js/galleria/themes/classic/galleria.classic.min.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
https://s7.addthis.com/js/200/addthis_widget.js | 200 OK Content-Length: 7403 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=henrylax.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://henrylax.com/
Result: henrylax.com is not infected or malware details are not published yet.
Result: henrylax.com is not infected or malware details are not published yet.