Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=uzbxx.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: uzbxx.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: close
Date: Wed, 02 Apr 2014 05:27:01 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 03 Apr 2014 05:27:01 GMT
Set-Cookie: SESID=1eah23kti7ee0bpb9u8jsanq00; path=/
X-Powered-By: PHP/5.4.11
GET / HTTP/1.1
Host: uzbxx.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: close
Date: Wed, 02 Apr 2014 05:27:01 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 03 Apr 2014 05:27:01 GMT
Set-Cookie: SESID=1eah23kti7ee0bpb9u8jsanq00; path=/
X-Powered-By: PHP/5.4.11
Second query (visit from search engine):
GET / HTTP/1.1
Host: uzbxx.ru
Referer: http://www.google.com/search?q=uzbxx.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: uzbxx.ru
Referer: http://www.google.com/search?q=uzbxx.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://uzbxx.ru/ | 200 OK Content-Length: 9123 Content-Type: text/html | clean |
http://nclick.su/jl2/26960/3/1 | 200 OK Content-Length: 394 Content-Type: text/html | clean |
http://nclick.su/jout.php?ids=26960&n=1606466 | 200 OK Content-Length: 1347 Content-Type: text/html | clean |
http://nclick.su/jout2.php?ids=26960&kod1=7709783&ses=8u8oec9l4immcsj2qb2d30hkb1&n=1606466 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Wed, 02 Apr 2014 05:26:13 GMT Pragma: no-cache Location: http://nclick.mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=q9mikjgifg335bk0rndv3e0bs6; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.mox.su/ | HTTP/1.1 302 Found Connection: close Date: Wed, 02 Apr 2014 05:26:15 GMT Location: http://nclick.ru/ads.php?ids=4443 Server: nginx/1.4.3 Content-Length: 1 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://nclick.ru/ads.php?ids=4443 | 200 OK Content-Length: 3688 Content-Type: text/html | clean |
http://nclick.su/bn/4443/2/11 | 200 OK Content-Length: 362 Content-Type: text/html | clean |
http://nclick.su/bnout.php?ids=4443&n=2638046 | 200 OK Content-Length: 1398 Content-Type: text/html | clean |
http://nclick.su/bnout2.php?ids=4443&kod1=2420723&ses=act7lv1p4tfc070hvj2cdeil25&n=2638046 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Wed, 02 Apr 2014 05:26:15 GMT Pragma: no-cache Location: http://nclick.ru/go.php?ids=4443 Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=uaruqtqd5imc6vaj92emho43j2; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.ru/go.php?ids=4443 | HTTP/1.1 302 Found Connection: close Date: Wed, 02 Apr 2014 05:26:15 GMT Location: http://nclick.ru/ads.php?ids=4443 Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://nclick.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 02 Apr 2014 05:26:15 GMT Location: http://nclick.ru/index.php Server: nginx/1.4.3 Content-Length: 285 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nclick.ru/index.php | 200 OK Content-Length: 7198 Content-Type: text/html | clean |
http://nclick.su/jl2/11384/1/1 | 200 OK Content-Length: 174 Content-Type: text/html | clean |
http://nclick.su/jout.php?ids=11384&n=1606477 | 200 OK Content-Length: 1347 Content-Type: text/html | clean |
http://nclick.su/jout2.php?ids=11384&kod1=4959284&ses=9avsoscod5uevin463c72m2ie3&n=1606477 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Wed, 02 Apr 2014 05:26:16 GMT Pragma: no-cache Location: http://nclick.mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=kse9b4v8i5164o8mm0boauvtq3; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.mox.su/test404page.js | 404 Not Found Content-Length: 291 Content-Type: text/html | clean |
http://nclick.su/bnout.php?ids=4443&n=2638047 | 200 OK Content-Length: 1398 Content-Type: text/html | clean |
http://nclick.su/bnout2.php?ids=4443&kod1=1624651&ses=ss4kg9lb8ni2ltqp1mi3m5if10&n=2638047 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Wed, 02 Apr 2014 05:26:16 GMT Pragma: no-cache Location: http://nclick.ru/go.php?ids=4443 Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=fop1jv1gvr0ou5kbfh9dieqmm6; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.ru/atlnk/4443/3/1 | 200 OK Content-Length: 2363 Content-Type: text/html | clean |
http://nclick.su/tout.php?ids=4443&n=853530 | 200 OK Content-Length: 1203 Content-Type: text/html | clean |
http://nclick.su/tout.php?ids=4443&n=853531 | 200 OK Content-Length: 1203 Content-Type: text/html | clean |
http://nclick.su/tout.php?ids=4443&n=853532 | 200 OK Content-Length: 1203 Content-Type: text/html | clean |