Scanned pages/files
| Request | Server response | Status |
http://wapok.ru/ | 200 OK Content-Length: 15266 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://kickme.mobi/26516.html <iframe src="http://kickme.mobi/26516.html" height="1" width="1"> | ||
http://ads.juicyads.com/jsclients/jam_min.js | 200 OK Content-Length: 21397 Content-Type: application/x-javascript | clean |
http://azpoint.ws/2729.js | 200 OK Content-Length: 442 Content-Type: text/html | clean |
http://azpoint.ws/click/B08B2BAF6749B2C9F04D961CF89D6641300199716C34D45854BF2CA294481B0665429321372A14073721588F95BA4582FE2EB3F827D88D6D2DA123 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 07 Aug 2014 00:42:38 GMT Pragma: no-cache Location: http://biralem.biz/chat/xhtml/reg.php Server: nginx/1.2.7 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=de13625362806d8b20585c165ef050db; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://biralem.biz/chat/xhtml/reg.php | HTTP/1.1 302 Found Connection: close Date: Thu, 07 Aug 2014 00:42:46 GMT Location: http://biralem.biz/chat Server: nginx/1.2.7 Content-Length: 270 Content-Type: text/html; charset=iso-8859-1 | clean |
http://biralem.biz/chat | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 07 Aug 2014 00:42:47 GMT Location: http://biralem.biz/chat/ Server: nginx/1.2.7 Content-Length: 295 Content-Type: text/html; charset=iso-8859-1 | clean |
http://biralem.biz/chat/ | 200 OK Content-Length: 1468 Content-Type: text/vnd.wap.wml | clean |
http://topmob.biz/25.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://topmob.biz/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 07 Aug 2014 00:42:42 GMT Location: http://topmob.biz Server: nginx/1.2.7 Content-Length: 263 Content-Type: text/html; charset=iso-8859-1 | clean |
http://topmob.biz/ | 200 OK Content-Length: 6747 Content-Type: text/html | clean |
http://topmob.biz/1.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wapok.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Aug 2014 00:41:51 GMT
Accept-Ranges: bytes
ETag: "92e47-3ba2-4ff4237fb8ec0"
Server: nginx/1.4.4
Vary: Accept-Encoding
Content-Length: 15266
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 28 Jul 2014 15:02:59 GMT
...15266 bytes of data.
GET / HTTP/1.1
Host: wapok.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Aug 2014 00:41:51 GMT
Accept-Ranges: bytes
ETag: "92e47-3ba2-4ff4237fb8ec0"
Server: nginx/1.4.4
Vary: Accept-Encoding
Content-Length: 15266
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 28 Jul 2014 15:02:59 GMT
...15266 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wapok.ru
Referer: http://www.google.com/search?q=wapok.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wapok.ru
Referer: http://www.google.com/search?q=wapok.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wapok.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wapok.ru/
Result: wapok.ru is not infected or malware details are not published yet.
Result: wapok.ru is not infected or malware details are not published yet.