Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ytcdedu.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 16 Sep 2013 23:58:59 GMT
Location: http://www.ytcdedu.org/
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.5 Perl/v5.8.8
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.ytcdedu.org/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: ytcdedu.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 16 Sep 2013 23:58:59 GMT
Location: http://www.ytcdedu.org/
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.5 Perl/v5.8.8
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.ytcdedu.org/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ytcdedu.org
Referer: http://www.google.com/search?q=ytcdedu.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ytcdedu.org
Referer: http://www.google.com/search?q=ytcdedu.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ytcdedu.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 16 Sep 2013 23:58:59 GMT Location: http://www.ytcdedu.org/ Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.5 Perl/v5.8.8 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.ytcdedu.org/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.ytcdedu.org/ | 200 OK Content-Length: 30499 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/09/%e3%83%90%e3%83%ac%e3%83%b3%e3%83%86%e3%82%a3%e3%83%b3%e9%81%b8%e6%89%8b%e3%80%81%e6%97%a5%e6%9c%ac%e8%a8%98%e9%8c%b2%e3%81%8a%e3%82%81%e3%81%a7%e3%81%a8%e3%81%86%e3%81%94%e3%81%96%e3%81%84%e3%81%be/ | 200 OK Content-Length: 9386 Content-Type: text/html | clean |
http://www.ytcdedu.org/./%e3%82%b9%e3%83%9d%e3%83%bc%e3%83%84%e9%96%a2%e9%80%a3/ | 200 OK Content-Length: 29091 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/08/%e6%9d%be%e5%9d%82%e3%81%8c%e6%96%b0%e5%a4%a9%e5%9c%b0%e3%81%a7%e5%86%8d%e8%b5%b7%e3%82%92%e3%81%8b%e3%81%91%e3%82%8b/ | 200 OK Content-Length: 9342 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/08/%e5%84%aa%e5%8b%9d%e5%80%99%e8%a3%9c%e3%81%8c%e6%95%97%e3%82%8c%e3%82%8b/ | 200 OK Content-Length: 9375 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/08/%e5%ae%89%e4%be%a1%e3%81%a7%e6%89%8b%e8%bb%bd%e3%81%aa%e3%83%95%e3%82%a1%e3%83%bc%e3%82%b9%e3%83%88%e3%83%95%e3%83%bc%e3%83%89/ | 200 OK Content-Length: 9534 Content-Type: text/html | clean |
http://www.ytcdedu.org/./saisin/ | 200 OK Content-Length: 31829 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/09/%e7%95%b0%e5%b8%b8%e6%b0%97%e8%b1%a1%e3%81%a7%e6%97%a5%e6%9c%ac%e5%88%97%e5%b3%b6%e5%a4%a7%e8%8d%92%e3%82%8c/ | 200 OK Content-Length: 9864 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/08/%e8%8a%b8%e8%83%bd%e7%95%8c%e3%81%a3%e3%81%a6%e4%b8%8d%e6%80%9d%e8%ad%b0%e3%81%aa%e6%89%80%e3%81%a7%e3%81%99/ | 200 OK Content-Length: 9958 Content-Type: text/html | clean |
http://www.ytcdedu.org/./geinoujin/ | 200 OK Content-Length: 26952 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/08/%e3%81%95%e3%82%93%e3%81%be%e3%81%95%e3%82%93%e3%81%ae%e5%bc%95%e9%80%80%e3%81%ab%e3%81%a4%e3%81%84%e3%81%a6/ | 200 OK Content-Length: 9573 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/07/%e3%81%aa%e3%81%a4%e3%81%8b%e3%81%97%e3%81%ae%e3%83%ad%e3%83%bc%e3%82%ab%e3%83%ab%e3%81%8a%e3%82%84%e3%81%a4/ | 200 OK Content-Length: 9805 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/07/%e4%b8%96%e7%95%8c%e9%81%ba%e7%94%a3%e3%81%ae%e5%af%8c%e5%a3%ab%e5%b1%b1%e3%82%92%e5%ae%88%e3%82%8b%e3%81%9f%e3%82%81%e3%81%ab%e3%81%af%e5%85%a5%e5%b1%b1%e6%96%99%e3%81%af%e5%bf%85%e8%a6%81/ | 200 OK Content-Length: 10524 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/07/%e9%81%b8%e6%8c%99%e3%81%ab%e8%a1%8c%e3%81%a3%e3%81%9f%e3%82%89%e7%89%b9%e5%85%b8%ef%bc%81/ | 200 OK Content-Length: 10230 Content-Type: text/html | clean |
http://www.ytcdedu.org/2013/07/%e3%83%8d%e3%83%83%e3%83%88%e9%81%b8%e6%8c%99%e3%81%af20%e4%bb%a3%e3%81%ae%e5%ba%95%e4%b8%8a%e3%81%92%e3%81%ab%e3%81%a4%e3%81%aa%e3%81%8c%e3%82%8b%e3%81%8b/ | 200 OK Content-Length: 10002 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ytcdedu.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ytcdedu.org/
Result: ytcdedu.org is not infected or malware details are not published yet.
Result: ytcdedu.org is not infected or malware details are not published yet.