Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=erkiss.wen.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: erkiss.wen.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0
Connection: close
Date: Sun, 25 Jan 2015 14:37:45 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: WEN.RU HTTPD 3.8
Content-Length: 10169
Content-Type: text/html; charset=utf-8
Expires: Sat, 24 Jan 2015 14:37:45 GMT
Last-Modified: Fri, 23 Jan 2015 10:04:49 GMT
...10169 bytes of data.
GET / HTTP/1.1
Host: erkiss.wen.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0
Connection: close
Date: Sun, 25 Jan 2015 14:37:45 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: WEN.RU HTTPD 3.8
Content-Length: 10169
Content-Type: text/html; charset=utf-8
Expires: Sat, 24 Jan 2015 14:37:45 GMT
Last-Modified: Fri, 23 Jan 2015 10:04:49 GMT
...10169 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: erkiss.wen.ru
Referer: http://www.google.com/search?q=erkiss.wen.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: erkiss.wen.ru
Referer: http://www.google.com/search?q=erkiss.wen.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://erkiss.wen.ru/ | 200 OK Content-Length: 10169 Content-Type: text/html | clean |
http://nclick.su/tlnk/28286/2/1 | 200 OK Content-Length: 1680 Content-Type: text/html | clean |
http://nclick.su/tout.php?ids=28286&n=219145 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:22 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1170 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=g02gi2uc2hb0dvfldbnatgs121; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/tout2.php?ids=28286&kod1=1165167&ses=g02gi2uc2hb0dvfldbnatgs121&n=219145 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:22 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=cbgejlbhl70ddp8soektlvfl54; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://mox.su/ | 200 OK Content-Length: 8134 Content-Type: text/html | clean |
http://v.visitweb.com/v/84558 | 200 OK Content-Length: 6148 Content-Type: text/javascript | clean |
http://nclick.ru/tlnk/4443/1/1 | 200 OK Content-Length: 1138 Content-Type: text/html | clean |
http://nclick.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 25 Jan 2015 15:39:22 GMT Location: http://nclick.ru/index.php Server: nginx/1.4.3 Content-Length: 285 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nclick.ru/index.php | 200 OK Content-Length: 7092 Content-Type: text/html | clean |
http://nclick.su/jl2/11384/1/1 | 200 OK Content-Length: 138 Content-Type: text/html | clean |
http://nclick.su/jout.php?ids=11384&n=0 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1335 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=gj3jrvha4j95ogt5j6firk9sf2; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jout2.php?ids=11384&kod1=9632144&ses=gj3jrvha4j95ogt5j6firk9sf2&n=0 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=q7rta315ipu29ifoabd9oktta7; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://mox.su/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Location: http://mox.su Server: nginx/1.4.3 Content-Length: 269 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nclick.su/tout.php?ids=28286&n=219146 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1170 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=ib3a7e93rf4p17l23aokapeai3; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/tout2.php?ids=28286&kod1=4431096&ses=ib3a7e93rf4p17l23aokapeai3&n=219146 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=u3cv2v93bfndf51ostf7bupmf1; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jl2/28286/3/1 | 200 OK Content-Length: 411 Content-Type: text/html | clean |
http://nclick.su/jout.php?ids=28286&n=1380359 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1347 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=j4v2occ18b8tgrl8n72nnabae3; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jout2.php?ids=28286&kod1=3152233&ses=j4v2occ18b8tgrl8n72nnabae3&n=1380359 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=1c33thrl128q8o5oofk0nqopf4; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jout.php?ids=28286&n=1380360 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:23 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1347 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=j1c63iiu25cvsk9l40s3it33n2; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jout2.php?ids=28286&kod1=5590199&ses=j1c63iiu25cvsk9l40s3it33n2&n=1380360 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:24 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=2egbvv2qhnsjcb5r3tsi1m9kk3; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jout.php?ids=28286&n=1380361 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:24 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1347 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=sv70chb9h6b81ej5vacklt1bm4; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/jout2.php?ids=28286&kod1=5624582&ses=sv70chb9h6b81ej5vacklt1bm4&n=1380361 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:24 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=k95i9p8g7f6stf3trmssb4j584; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/bn/28286/1/1 | 200 OK Content-Length: 211 Content-Type: text/html | clean |
http://nclick.su/bnout.php?ids=28286&n=531892 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:24 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1398 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=qoms7p0fve0os3lbik153ihhs2; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/bnout2.php?ids=28286&kod1=4093579&ses=qoms7p0fve0os3lbik153ihhs2&n=531892 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 25 Jan 2015 15:39:24 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=gldh04afqr42o51gjfs4ind8h3; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://z1330.takru.com/in.php?id=1334306 | 200 OK Content-Length: 3145 Content-Type: text/html | clean |
http://z1330.takru.com/cl.php?key=1599246116919611855223067074958272466926358699296 | HTTP/1.1 200 OK Connection: close Date: Sun, 25 Jan 2015 15:39:32 GMT Server: Apache Content-Length: 198 Content-Type: text/html X-Powered-By: PHP/5.3.29 | clean |
http://tak.ru/ref.html | 200 OK Content-Length: 7330 Content-Type: text/html | clean |
http://tak.ru/rules.html | 200 OK Content-Length: 6094 Content-Type: text/html | clean |
http://tak.ru/ | 200 OK Content-Length: 7639 Content-Type: text/html | clean |
http://tak.ru/docs/faqseller.shtml | 200 OK Content-Length: 12850 Content-Type: text/html | clean |
http://tak.ru/docs/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |