Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wap.yolda.biz
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wap.yolda.biz/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://wap.yolda.biz/ | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 04:04:47 GMT Location: http://wap.form.az Server: nginx/1.4.3 Content-Length: 267 Content-Type: text/html; charset=iso-8859-1 | clean |
http://wap.form.az/ | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 04:04:47 GMT Location: http://wap.form.az/index.php?sehife=html Server: nginx/1.4.3 Vary: Accept-Encoding,User-Agent Content-Length: 1 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://wap.form.az/index.php?sehife=html | HTTP/1.1 302 Found Cache-Control: no-cache, must-relative Connection: close Date: Sat, 04 Oct 2014 04:04:47 GMT Location: http://form.az/chat Server: nginx/1.4.3 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=utf-8 Last-Modified: Sat, 04 Oct 2014 04:04:47 GMT X-Powered-By: PHP/5.3.28 | clean |
http://form.az/chat | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 04 Oct 2014 04:04:47 GMT Location: http://form.az/chat/ Server: nginx/1.4.3 Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 | clean |
http://form.az/chat/ | 200 OK Content-Length: 2529 Content-Type: text/vnd.wap.wml | suspicious |
Page code contains blacklisted domain: wap.yolda.biz <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml12.dtd"> <wml> <head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head> <card id="index" title="Chat Wap.Form.Az"> <p align="center" mode="wrap"> <small><b>WaP.FoRM.aZ ve wap.yolda.biz Duwunmeki Teksen Qowul Bize Gencsen..!</b><br/>*****<br/><a href="onlinesms.php?ref=76287">Online SMS</a>: <span style="color: green"><b>Salam dostlar.Sizi ve Ailenizi Muqeddes Qurban bayrami munasibeti ile tebrik edirem.Allah arzularinizi dualarinizi qebul etsin,ruzu bereket sufrenizden eskik olmasin.Amin</b></span> (<a href="onlinesms.php?ref=76287&b=6&uid=582"& ...[2493 bytes skipped]... | ||
http://form.az/chat/onlinesms.php?ref=76287 | 200 OK Content-Length: 6914 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/onlinesms.php?b=1&ref=616035893 | 200 OK Content-Length: 454 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/reghelp.php?ref=616035893 | 200 OK Content-Length: 770 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/reg.php | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sat, 04 Oct 2014 04:04:48 GMT Pragma: no-cache Location: reghelp.php Server: nginx/1.4.3 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/vnd.wap.wml; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: SID=fabbc9cd7627ed5a0419daf93688738d; path=/ X-Powered-By: PHP/5.3.28 | clean |
http://form.az/chat/reghelp.php | 200 OK Content-Length: 770 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/index.php | 200 OK Content-Length: 2537 Content-Type: text/vnd.wap.wml | suspicious |
Page code contains blacklisted domain: wap.yolda.biz <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml12.dtd"> <wml> <head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head> <card id="index" title="Chat Wap.Form.Az"> <p align="center" mode="wrap"> <small><b>WaP.FoRM.aZ ve wap.yolda.biz Duwunmeki Teksen Qowul Bize Gencsen..!</b><br/>*****<br/><a href="onlinesms.php?ref=446858">Online SMS</a>: <span style="color: green"><b>Salam dostlar.Sizi ve Ailenizi Muqeddes Qurban bayrami munasibeti ile tebrik edirem.Allah arzularinizi dualarinizi qebul etsin,ruzu bereket sufrenizden eskik olmasin.Amin</b></span> (<a href="onlinesms.php?ref=446858&b=6&uid=582 ...[2501 bytes skipped]... | ||
http://form.az/chat/onlinesms.php?ref=446858 | 200 OK Content-Length: 6915 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/onlinesms.php?b=1&ref=932846080 | 200 OK Content-Length: 454 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/reghelp.php?ref=932846080 | 200 OK Content-Length: 770 Content-Type: text/vnd.wap.wml | clean |
http://form.az/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 04:04:49 GMT Location: http://wap.form.az Server: nginx/1.4.3 Content-Length: 261 Content-Type: text/html; charset=iso-8859-1 | clean |
http://wap.form.az/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 04:04:49 GMT Location: http://form.az/chat Server: nginx/1.4.3 Content-Length: 266 Content-Type: text/html; charset=iso-8859-1 | clean |
http://form.az/chat/onlinesms.php? | 200 OK Content-Length: 6909 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/onlinesms.php?b=1&ref=152352097 | 200 OK Content-Length: 454 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/reghelp.php?ref=152352097 | 200 OK Content-Length: 770 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/onlinesms.php?ref=152352097 | 200 OK Content-Length: 6918 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/onlinesms.php?b=1&ref=397438906 | 200 OK Content-Length: 454 Content-Type: text/vnd.wap.wml | clean |
http://form.az/chat/reghelp.php?ref=397438906 | 200 OK Content-Length: 770 Content-Type: text/vnd.wap.wml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wap.yolda.biz
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 04 Oct 2014 04:04:47 GMT
Location: http://wap.form.az
Server: nginx/1.4.3
Content-Length: 267
Content-Type: text/html; charset=iso-8859-1
...267 bytes of data.
GET / HTTP/1.1
Host: wap.yolda.biz
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 04 Oct 2014 04:04:47 GMT
Location: http://wap.form.az
Server: nginx/1.4.3
Content-Length: 267
Content-Type: text/html; charset=iso-8859-1
...267 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wap.yolda.biz
Referer: http://www.google.com/search?q=wap.yolda.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wap.yolda.biz
Referer: http://www.google.com/search?q=wap.yolda.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.