Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: transyouth.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Mar 2015 17:21:15 GMT
Accept-Ranges: bytes
ETag: "1e182f5-5a18-4acc5f272fec0"
Server: nginx/1.7.5
Content-Length: 23064
Content-Type: text/html
Last-Modified: Mon, 12 Sep 2011 22:21:23 GMT
X-Frame-Options: SAMEORIGIN
...23064 bytes of data.
GET / HTTP/1.1
Host: transyouth.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Mar 2015 17:21:15 GMT
Accept-Ranges: bytes
ETag: "1e182f5-5a18-4acc5f272fec0"
Server: nginx/1.7.5
Content-Length: 23064
Content-Type: text/html
Last-Modified: Mon, 12 Sep 2011 22:21:23 GMT
X-Frame-Options: SAMEORIGIN
...23064 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: transyouth.net
Referer: http://www.google.com/search?q=transyouth.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: transyouth.net
Referer: http://www.google.com/search?q=transyouth.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://transyouth.net/ | 200 OK Content-Length: 23064 Content-Type: text/html | clean |
http://www.andrewlehman.com/livehelp/livehelp_js.php?department=3&pingtimes=60 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 04 Mar 2015 17:21:15 GMT Pragma: no-cache Location: http://andrewlehman.com/livehelp/livehelp_js.php?department=3&pingtimes=60 Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://andrewlehman.com/wordpress/xmlrpc.php X-Powered-By: PleskLin | clean |
http://andrewlehman.com/livehelp/livehelp_js.php?department=3&pingtimes=60 | 404 Not Found Content-Length: 12938 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=3.8.5 | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://andrewlehman.com/wordpress/wp-content/themes/ALD/js/superfish/js/superfish.js?ver=3.8.5 | 200 OK Content-Length: 3784 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/themes/ALD/js/jquery.equalHeightColumns.min.js?ver=3.8.5 | 200 OK Content-Length: 944 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/plugins/anythingslider_wordpress/js/jquery.easing.1.2.js?ver=3.8.5 | 200 OK Content-Length: 4757 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/plugins/anythingslider_wordpress/js/jquery.anythingslider.js?ver=3.8.5 | 200 OK Content-Length: 10001 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/plugins/anythingslider_wordpress/js/jquery.tools.min.js?ver=3.8.5 | 200 OK Content-Length: 7358 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/themes/ALD/jquery-ui-1.8.11.custom/js/jquery-1.5.1.min.js?ver=3.8.5 | 404 Not Found Content-Length: 13088 Content-Type: text/html | clean |
http://andrewlehman.com/wordpress/wp-content/plugins/dd-formmailer/date_chooser.js | 200 OK Content-Length: 16731 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/wordpress/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.7.2 | 200 OK Content-Length: 8913 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/ | 200 OK Content-Length: 25013 Content-Type: text/html | clean |
http://andrewlehman.com/wordpress/wp-includes/js/comment-reply.min.js?ver=3.8.5 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://andrewlehman.com/website-services/ | 200 OK Content-Length: 18491 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=transyouth.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://transyouth.net/
Result: transyouth.net is not infected or malware details are not published yet.
Result: transyouth.net is not infected or malware details are not published yet.