Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lbox.erwap.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lbox.erwap.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://lbox.erwap.ru/ | 200 OK Content-Length: 4682 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: secret.erwap.ru ...[3733 bytes skipped]... test.erwap.ru/?id=1&gd=6">Узнай наÑколÑко Ð²Ñ ÑовмеÑÑимÑ</a></b></div><div style="text-align:left" class="box"><a href="http://test.erwap.ru/?id=1">ÐÑе ÑеÑÑÑ >></a></div><div style="text-align:left" class="tit"><b>СекÑеÑÑ ÑекÑа:</b></div><div style="text-align:left" class="box"><b><img src="http://secret.erwap.ru/projects/13/src/ico.png" alt="*"/> <a href="http://secret.erwap.ru/sex/?id=1&gd=13">ÐÑкÑÑÑÑво минеÑа</a></b><br/>СамÑй легкий ÑпоÑоб завоеваÑÑ Ð¼ÑжÑинÑ.</div><div style="text-align:left" class="box"><a href="http://secret.erwap.ru/sex/?id=1">ÐÑÑгие ÑекÑеÑÑ >></a></div><div style="text-align:left" class="box"><a href="operators.php?v=2" ...[900 bytes skipped]... | ||
http://lbox.erwap.ru/jad.php | 200 OK Content-Length: 345 Content-Type: text/vnd.sun.j2me.app-descriptor | clean |
http://lbox.erwap.ru/jar.php | 200 OK Content-Length: 135812 Content-Type: application/java-archive | clean |
http://lbox.erwap.ru/test404page.js | 404 Not Found Content-Length: 1137 Content-Type: text/html | clean |
http://lbox.erwap.ru/index.php?v=2 | 200 OK Content-Length: 4849 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: secret.erwap.ru ...[3733 bytes skipped]... test.erwap.ru/?id=1&gd=6">Узнай наÑколÑко Ð²Ñ ÑовмеÑÑимÑ</a></b></div><div style="text-align:left" class="box"><a href="http://test.erwap.ru/?id=1">ÐÑе ÑеÑÑÑ >></a></div><div style="text-align:left" class="tit"><b>СекÑеÑÑ ÑекÑа:</b></div><div style="text-align:left" class="box"><b><img src="http://secret.erwap.ru/projects/13/src/ico.png" alt="*"/> <a href="http://secret.erwap.ru/sex/?id=1&gd=13">ÐÑкÑÑÑÑво минеÑа</a></b><br/>СамÑй легкий ÑпоÑоб завоеваÑÑ Ð¼ÑжÑинÑ.</div><div style="text-align:left" class="box"><a href="http://secret.erwap.ru/sex/?id=1">ÐÑÑгие ÑекÑеÑÑ >></a></div><div style="text-align:left" class="box"><a href="operators.php?v=2" ...[1107 bytes skipped]... | ||
http://lbox.erwap.ru/operators.php?v=2 | 200 OK Content-Length: 2756 Content-Type: text/html | clean |
http://lbox.erwap.ru/operators.php?v=1 | 200 OK Content-Length: 2111 Content-Type: text/vnd.wap.wml | clean |
http://lbox.erwap.ru/index.php?v=1 | 200 OK Content-Length: 4058 Content-Type: text/vnd.wap.wml | suspicious |
Page code contains blacklisted domain: secret.erwap.ru ...[3082 bytes skipped]... test.erwap.ru/?id=1&gd=6">Узнай наÑколÑко Ð²Ñ ÑовмеÑÑимÑ</a></b></small></p><p align="left"><small><a href="http://test.erwap.ru/?id=1">ÐÑе ÑеÑÑÑ >></a></small></p><p align="left"><small><b>СекÑеÑÑ ÑекÑа:</b></small></p><p align="left"><small><b><img src="http://secret.erwap.ru/projects/15/src/ico.png" alt="*"/> <a href="http://secret.erwap.ru/sex/?id=1&gd=15">Ð¢ÐµÑ Ð½Ð¸ÐºÐ° онанизма</a></b><br/>ÐолÑÑи макÑимÑм наÑÐ»Ð°Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¾Ñ Ð¼Ð°ÑÑÑÑбаÑии!</small></p><p align="left"><small><a href="http://secret.erwap.ru/sex/?id=1">ÐÑÑгие ÑекÑеÑÑ >></a></small></p><p align="left"><small><a href="operator ...[1129 bytes skipped]... | ||
http://lbox.erwap.ru/help.php?v=1 | 200 OK Content-Length: 4535 Content-Type: text/vnd.wap.wml | clean |
http://lbox.erwap.ru/help.php?v=2 | 200 OK Content-Length: 5192 Content-Type: text/html | clean |
http://lbox.erwap.ru/out.php?id=1&i=1&url=erwap.ru&lng=ru&v=2 | HTTP/1.1 200 OK Connection: close Date: Tue, 26 Aug 2014 02:03:26 GMT Server: nginx/1.4.4 Content-Length: 1098 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.3.28 | clean |
http://erwap.ru/ | 200 OK Content-Length: 7739 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games.erwap.ru ...[1263 bytes skipped]... ÑамÑй оÑкÑовеннÑй WAP-ÑайÑ!</div><div style="text-align:left" class="tit"><b>ÐевÑÑки днÑ:</b></div><div style="text-align:center" class="box"><img src="pic/girls.gif" alt="ÐевÑÑки днÑ"/></div><div style="text-align:left" class="tit"><b>ÐагÑÑзки:</b></div><div style="text-align:left" class="box"><img src="http://games.erwap.ru/img/games.png" alt="*"/> <b><a href="http://games.erwap.ru/?v=2">ÐгÑÑ</a></b> (ХиÑÑ Ð½ÐµÐ´ÐµÐ»Ð¸!)</div><div style="text-align:left" class="box"><img src="http://cat.erwap.ru/img/t.gif" alt="*"/><b><a href="top.php?v=2">TOP-100</a></b><br/><img src="img/d.gif" alt="+"/><b><a href="index.php?f=photo/&v=2">ФоÑо</a></b><br/><img src="img/d.gif" alt="+"/ ...[2656 bytes skipped]... | ||
http://erwap.ru/?lng=en | 200 OK Content-Length: 6499 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games.erwap.ru <?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><link rel="SHORTCUT ICON" href="http://erwap.ru/favicon1.ico"/><meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=UTF-8"/><meta http-equiv="language" content="en"/><meta name="descript ...[4561 bytes skipped]... | ||
http://erwap.ru/?lng=ru | 200 OK Content-Length: 7999 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games.erwap.ru ...[1263 bytes skipped]... ÑамÑй оÑкÑовеннÑй WAP-ÑайÑ!</div><div style="text-align:left" class="tit"><b>ÐевÑÑки днÑ:</b></div><div style="text-align:center" class="box"><img src="pic/girls.gif" alt="ÐевÑÑки днÑ"/></div><div style="text-align:left" class="tit"><b>ÐагÑÑзки:</b></div><div style="text-align:left" class="box"><img src="http://games.erwap.ru/img/games.png" alt="*"/> <b><a href="http://games.erwap.ru/?v=2">ÐгÑÑ</a></b> (ХиÑÑ Ð½ÐµÐ´ÐµÐ»Ð¸!)</div><div style="text-align:left" class="box"><img src="http://cat.erwap.ru/img/t.gif" alt="*"/><b><a href="top.php?v=2&lng=ru">TOP-100</a></b><br/><img src="img/d.gif" alt="+"/><b><a href="index.php?f=photo/&v=2&lng=ru">ФоÑо</a></b><br/>&l ...[2673 bytes skipped]... | ||
http://erwap.ru/top.php?v=2&lng=ru | 200 OK Content-Length: 8402 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: barbars.erwap.ru ...[696 bytes skipped]... ÑоÑиÑеÑкий WAP-поÑÑал</title><link rel="stylesheet" type="text/css" href="http://erwap.ru/style3.css"/></head><body><div class="main"><div class="title">ТÐÐ-100 <span style="font-weight:normal">(18+)</span></div><div style="text-align:left" class="tit"><b>Ðнлайн игÑа: <img src="http://erwap.ru/img/barbars.png" alt="*"/> <a href="http://barbars.erwap.ru/?id=1">ÐаÑваÑÑ</a></b></div><div style="text-align:left" class="tit">* <a href="http://erwap.ru/java/?id=1">ÐÑоÑиÑеÑкий клÑб</a><br/></div><div style="text-align:left" class="box">1.<img src="http://jimm.erwap.ru/img/icon1.gif" alt="."/><a href="index.php?f=java/icq/1.jm&v=2&lng=ru">Jimm SE</a> / <img src="img/d.gif" alt="."/><a href="index.php?f=java/icq/& ...[3297 bytes skipped]... | ||
http://erwap.ru/java/?id=1 | 200 OK Content-Length: 360 Content-Type: text/vnd.sun.j2me.app-descriptor | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lbox.erwap.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 02:03:25 GMT
Server: nginx/1.4.4
Content-Length: 4682
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.3.28
...4682 bytes of data.
GET / HTTP/1.1
Host: lbox.erwap.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 02:03:25 GMT
Server: nginx/1.4.4
Content-Length: 4682
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.3.28
...4682 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lbox.erwap.ru
Referer: http://www.google.com/search?q=lbox.erwap.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lbox.erwap.ru
Referer: http://www.google.com/search?q=lbox.erwap.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.