Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: web.cwjh.ptc.edu.tw
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 19 Jan 2015 17:05:47 GMT
Accept-Ranges: bytes
ETag: "2000000000e5c-12a-4ab3a7f6e782b"
Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Content-Length: 298
Content-Type: text/html
Last-Modified: Wed, 24 Aug 2011 06:34:01 GMT
...298 bytes of data.
GET / HTTP/1.1
Host: web.cwjh.ptc.edu.tw
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 19 Jan 2015 17:05:47 GMT
Accept-Ranges: bytes
ETag: "2000000000e5c-12a-4ab3a7f6e782b"
Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Content-Length: 298
Content-Type: text/html
Last-Modified: Wed, 24 Aug 2011 06:34:01 GMT
...298 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: web.cwjh.ptc.edu.tw
Referer: http://www.google.com/search?q=web.cwjh.ptc.edu.tw
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: web.cwjh.ptc.edu.tw
Referer: http://www.google.com/search?q=web.cwjh.ptc.edu.tw
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://web.cwjh.ptc.edu.tw/ | HTTP/1.1 200 OK Connection: close Date: Mon, 19 Jan 2015 17:05:47 GMT Accept-Ranges: bytes ETag: "2000000000e5c-12a-4ab3a7f6e782b" Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6 Content-Length: 298 Content-Type: text/html Last-Modified: Wed, 24 Aug 2011 06:34:01 GMT | clean |
http://163.24.70.10/school/web/index.php | 200 OK Content-Length: 47900 Content-Type: text/html | clean |
http://163.24.70.10/school/web/style/style5/skin.js | 200 OK Content-Length: 1996 Content-Type: application/javascript | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=poiuy | 200 OK Content-Length: 18229 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/style/style1/skin.js | 200 OK Content-Length: 1996 Content-Type: application/javascript | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/accesskey.php?fs_id=14 | 200 OK Content-Length: 1589 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/test404page.js | 404 Not Found Content-Length: 1128 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/ | 200 OK Content-Length: 32591 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/style/style6/skin.js | 200 OK Content-Length: 1996 Content-Type: application/javascript | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/accesskey.php?fs_id=1 | 200 OK Content-Length: 1589 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=admin&mod_area=8 | 200 OK Content-Length: 12924 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=admin&mod_area=9 | 200 OK Content-Length: 17031 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=admin&mod_area=10 | 200 OK Content-Length: 16970 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=admin&mod_area=4 | 200 OK Content-Length: 25207 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=admin&mod_area=7 | 200 OK Content-Length: 12088 Content-Type: text/html | clean |
http://web.cwjh.ptc.edu.tw/dyna3/webs/index.php?account=admin&mod_area=1 | 200 OK Content-Length: 11934 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=web.cwjh.ptc.edu.tw
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://web.cwjh.ptc.edu.tw/
Result: web.cwjh.ptc.edu.tw is not infected or malware details are not published yet.
Result: web.cwjh.ptc.edu.tw is not infected or malware details are not published yet.