Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jbox.erwap.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jbox.erwap.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jbox.erwap.ru/ | 200 OK Content-Length: 4804 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: secret.erwap.ru ...[3485 bytes skipped]... st.erwap.ru/?id=1&gd=5">Ðем ÑÑ Ð±Ñл в пÑоÑлой жизни</a></b></div><div style="text-align:left" class="box"><a href="http://test.erwap.ru/?id=1">ÐÑÑгие ÑеÑÑÑ >></a></div><div style="text-align:left" class="tit"><b>СекÑеÑÑ Ð¸Ð³Ñ:</b></div><div style="text-align:left" class="box"><b><img src="http://secret.erwap.ru/img/icon20.png" alt="*"/> <a href="http://secret.erwap.ru/games/?id=1">СекÑеÑÑ Java-игÑ</a></b><br/>СбоÑник ÑекÑеÑнÑÑ ÐºÐ¾Ð´Ð¾Ð² (ÑиÑов) Ð´Ð»Ñ Java-игÑ.</div><div style="text-align:left" class="tit"><b>СекÑеÑÑ ÑекÑа:</b></div><div style="text-align:left" class="box"><b><img src="http://secret.erwap.ru/projects/11/src/ico.png" alt="*"/> <a href="http://secret ...[1304 bytes skipped]... | ||
http://jbox.erwap.ru/jad.php | 200 OK Content-Length: 345 Content-Type: text/vnd.sun.j2me.app-descriptor | clean |
http://jbox.erwap.ru/jar.php | 200 OK Content-Length: 140827 Content-Type: application/java-archive | clean |
http://jbox.erwap.ru/test404page.js | 404 Not Found Content-Length: 1146 Content-Type: text/html | clean |
http://jbox.erwap.ru/index.php?v=2 | 200 OK Content-Length: 4983 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: secret.erwap.ru ...[3479 bytes skipped]... p://test.erwap.ru/?id=1&gd=7">Узнай Ð¸Ð¼Ñ Ð±ÑдÑÑей женÑ</a></b></div><div style="text-align:left" class="box"><a href="http://test.erwap.ru/?id=1">ÐÑÑгие ÑеÑÑÑ >></a></div><div style="text-align:left" class="tit"><b>СекÑеÑÑ Ð¸Ð³Ñ:</b></div><div style="text-align:left" class="box"><b><img src="http://secret.erwap.ru/img/icon20.png" alt="*"/> <a href="http://secret.erwap.ru/games/?id=1">СекÑеÑÑ Java-игÑ</a></b><br/>СбоÑник ÑекÑеÑнÑÑ ÐºÐ¾Ð´Ð¾Ð² (ÑиÑов) Ð´Ð»Ñ Java-игÑ.</div><div style="text-align:left" class="tit"><b>СекÑеÑÑ ÑекÑа:</b></div><div style="text-align:left" class="box"><b><img src="http://secret.erwap.ru/projects/13/src/ico.png" alt="*"/> <a href="http://secret ...[1529 bytes skipped]... | ||
http://jbox.erwap.ru/operators.php?v=2 | 200 OK Content-Length: 2765 Content-Type: text/html | clean |
http://jbox.erwap.ru/operators.php?v=1 | 200 OK Content-Length: 2111 Content-Type: text/vnd.wap.wml | clean |
http://jbox.erwap.ru/index.php?v=1 | 200 OK Content-Length: 4149 Content-Type: text/vnd.wap.wml | suspicious |
Page code contains blacklisted domain: secret.erwap.ru ...[2819 bytes skipped]... p://test.erwap.ru/?id=1&gd=7">Узнай Ð¸Ð¼Ñ Ð±ÑдÑÑей женÑ</a></b></small></p><p align="left"><small><a href="http://test.erwap.ru/?id=1">ÐÑÑгие ÑеÑÑÑ >></a></small></p><p align="left"><small><b>СекÑеÑÑ Ð¸Ð³Ñ:</b></small></p><p align="left"><small><b><img src="http://secret.erwap.ru/img/icon20.png" alt="*"/> <a href="http://secret.erwap.ru/games/?id=1">СекÑеÑÑ Java-игÑ</a></b><br/>СбоÑник ÑекÑеÑнÑÑ ÐºÐ¾Ð´Ð¾Ð² (ÑиÑов) Ð´Ð»Ñ Java-игÑ.</small></p><p align="left"><small><b>СекÑеÑÑ ÑекÑа:</b></small></p><p align="left"><small><b><img src="http://secret.erwap.ru/projects/13/src/ico.png" alt="*"/> <a href="http://secret ...[1541 bytes skipped]... | ||
http://jbox.erwap.ru/help.php?v=1 | 200 OK Content-Length: 4536 Content-Type: text/vnd.wap.wml | clean |
http://jbox.erwap.ru/help.php?v=2 | 200 OK Content-Length: 5202 Content-Type: text/html | clean |
http://jbox.erwap.ru/out.php?id=1&i=1&url=erwap.ru&lng=ru&v=2 | HTTP/1.1 200 OK Connection: close Date: Mon, 25 Aug 2014 17:50:22 GMT Server: nginx/1.4.4 Content-Length: 1108 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.3.28 | clean |
http://erwap.ru/ | 200 OK Content-Length: 7767 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games.erwap.ru ...[1262 bytes skipped]... ° ÑамÑй оÑкÑовеннÑй WAP-ÑайÑ!</div><div style="text-align:left" class="tit"><b>ÐевÑÑка днÑ:</b></div><div style="text-align:center" class="box"><img src="pic/girl.gif" alt="ÐевÑÑка днÑ"/></div><div style="text-align:left" class="tit"><b>ÐагÑÑзки:</b></div><div style="text-align:left" class="box"><img src="http://games.erwap.ru/img/games.png" alt="*"/> <b><a href="http://games.erwap.ru/?v=2">ÐгÑÑ</a></b> (ХиÑÑ Ð½ÐµÐ´ÐµÐ»Ð¸!)</div><div style="text-align:left" class="box"><img src="http://cat.erwap.ru/img/t.gif" alt="*"/><b><a href="top.php?v=2">TOP-100</a></b><br/><img src="img/d.gif" alt="+"/><b><a href="index.php?f=photo/&v=2">ФоÑо</a></b><br/><img src="img/d.gif" alt="+"/ ...[2657 bytes skipped]... | ||
http://erwap.ru/?lng=en | 200 OK Content-Length: 6517 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games.erwap.ru <?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><link rel="SHORTCUT ICON" href="http://erwap.ru/favicon1.ico"/><meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=UTF-8"/><meta http-equiv="language" content="en"/><meta name="descript ...[4561 bytes skipped]... | ||
http://erwap.ru/?lng=ru | 200 OK Content-Length: 8028 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games.erwap.ru ...[1262 bytes skipped]... ° ÑамÑй оÑкÑовеннÑй WAP-ÑайÑ!</div><div style="text-align:left" class="tit"><b>ÐевÑÑка днÑ:</b></div><div style="text-align:center" class="box"><img src="pic/girl.gif" alt="ÐевÑÑка днÑ"/></div><div style="text-align:left" class="tit"><b>ÐагÑÑзки:</b></div><div style="text-align:left" class="box"><img src="http://games.erwap.ru/img/games.png" alt="*"/> <b><a href="http://games.erwap.ru/?v=2">ÐгÑÑ</a></b> (ХиÑÑ Ð½ÐµÐ´ÐµÐ»Ð¸!)</div><div style="text-align:left" class="box"><img src="http://cat.erwap.ru/img/t.gif" alt="*"/><b><a href="top.php?v=2&lng=ru">TOP-100</a></b><br/><img src="img/d.gif" alt="+"/><b><a href="index.php?f=photo/&v=2&lng=ru">ФоÑо</a></b><br/>&l ...[2668 bytes skipped]... | ||
http://erwap.ru/top.php?v=2&lng=ru | 200 OK Content-Length: 8368 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: flirt.erwap.ru ...[3303 bytes skipped]... hidden" name="v" value="2"/><input type="hidden" name="lng" value="ru"/><input type="submit" value="ÐайÑи"/></form></div><div style="text-align:left" class="tit">* <a href="http://erwap.ru/java/?id=1">ÐoлнÑй дocÑyп</a><br/></div><div style="text-align:left" class="box">ÐÑÑпнейÑий ÑеÑÐ²Ð¸Ñ WAP-знакомÑÑв:<br/><b><img src="http://flirt.erwap.ru/img/kiss.gif" alt="*"/> <a href="http://flirt.erwap.ru/?v=2&lng=ru">ÐобилÑнÑй поÑелÑй</a></b></div><div style="text-align:left" class="ver"><img src="img/home2.gif" alt="«"/><a href="index.php?f=&v=2&lng=ru">Ðлавное менÑ</a><br/><a href="index.php?ses=&v=2&lng=ru">[ÐÑÑ Ð¾Ð´]</a><br/></div><div style="text-align:left" class="ver"&g ...[699 bytes skipped]... | ||
http://erwap.ru/java/?id=1 | 200 OK Content-Length: 360 Content-Type: text/vnd.sun.j2me.app-descriptor | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jbox.erwap.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 25 Aug 2014 17:50:19 GMT
Server: nginx/1.4.4
Content-Length: 4804
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.3.28
...4804 bytes of data.
GET / HTTP/1.1
Host: jbox.erwap.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 25 Aug 2014 17:50:19 GMT
Server: nginx/1.4.4
Content-Length: 4804
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.3.28
...4804 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jbox.erwap.ru
Referer: http://www.google.com/search?q=jbox.erwap.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jbox.erwap.ru
Referer: http://www.google.com/search?q=jbox.erwap.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.