Malicious redirect -what is this?

See: htxp://en.wordpress.com/tag/dormring1/ landing here: htxp://wir-sprechen-online.com/2009/10/09/dormring1-click-fraud-evolves/
heuristics do not look good. Anyone to comment?
Misused server on that IP?
History of Trojan.Crypt.Delf.E, unknown exe or probably unknown NewHeur_PE?

polonus

Found this: http://adamdempsey.com/2012/08/fun-and-unusual-http-response-headers/


HTTP/1.1 200 OK 
Server: nginx 
Date: Tue, 09 Oct 2012 18:38:30 GMT 
Content-Type: text/html; charset=utf-8 
Transfer-Encoding: chunked 
Connection: keep-alive 
Vary: Accept-Encoding 
Last-Modified: Tue, 09 Oct 2012 18:36:02 GMT 
Cache-Control: max-age=1052, must-revalidate 
X-nananana: Batcache 
Vary: Cookie 
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. 
X-Frame-Options: SAMEORIGIN 
Content-Encoding: gzip 

polonus