Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=turtekans.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://turtekans.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://turtekans.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Jan 2015 00:24:33 GMT Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D0%B3%D0%B4%D0%B7+%D0%B8+%D0%BB+%D0%B1%D0%B8%D0%BC+%D1%81%D0%B0%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BB%D1%8B%D1%82%D0%B0%D0%B5%D0%B2%D0%B0+10+%D0%BA%D0%BB%D0%B0%D1%81%D1%81&v=3&id_mark=3222 Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://rublevskiypirs.ru/books?charset=utf-8&keyword=%d0%b3%d0%b4%d0%b7+%d0%b8+%d0%bb+%d0%b1%d0%b8%d0%bc+%d1%81%d0%b0%d0%b4%d0%be%d0%bc%d0%be%d0%b2%d0%b0+%d0%bb%d1%8b%d1%82%d0%b0%d0%b5%d0%b2%d0%b0+10+%d0%ba%d0%bb%d0%b0%d1%81%d1%81&v=3&id_mark=3222 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 10 Jan 2015 00:24:33 GMT Pragma: no-cache Location: http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 10 Jan 2015 00:24:33 GMT X-Powered-By: PHP/5.4.34 | clean |
http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j | HTTP/1.1 302 Found Connection: close Date: Sat, 10 Jan 2015 00:24:34 GMT Location: http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z8z1z0 Server: Apache/2.2.19 (Unix) PHP/5.1.6 mod_ssl/2.2.19 OpenSSL/0.9.7e-p1 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.1.6 | clean |
http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z8z1z0 | HTTP/1.1 302 nginx/1.1.19 Connection: Close Date: Sat, 10 Jan 2015 00:24:34 GMT Location: http://nw1.truedefendredirect.com/?oid=3299&s1=86fa83a7f96d20baf39f9c2e92d37666&s2=CD4823&s3=3299&s4=&s5= Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: mt_imp_3299=1; expires=Mon, 09-Feb-2015 00:24:34 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_muid=MT-54b07142d357b-5231; expires=Mon, 09-Feb-2015 00:24:34 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_lds=86fa83a7f96d20baf39f9c2e92d37666; expires=Mon, 09-Feb-2015 00:24:34 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_clk=86fa83a7f96d20baf39f9c2e92d37666; path=/; domain=chlcotrk.com X-Powered-By: HHVM/3.0.1 | clean |
http://nw1.truedefendredirect.com/?oid=3299&s1=86fa83a7f96d20baf39f9c2e92d37666&s2=cd4823&s3=3299&s4=&s5= | HTTP/1.1 302 Moved Temporarily Connection: Close Date: Sat, 10 Jan 2015 00:24:35 GMT Location: http://s3Azz.titty.elitewindowstream.xyz/?sov=241786602&hid=dhfdjnhtjpjpjhdh&redid=788&id=XNSX.86fa83a7f96d20baf39f9c2e92d37666%3A%3Acd4823%3A%3A3299-r788 Server: nginx/1.2.8 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | clean |
http://s3azz.titty.elitewindowstream.xyz/?sov=241786602&hid=dhfdjnhtjpjpjhdh&redid=788&id=xnsx.86fa83a7f96d20baf39f9c2e92d37666%3a%3acd4823%3a%3a3299-r788 | 200 OK Content-Length: 12362 Content-Type: text/html | clean |
http://s3azz.titty.elitewindowstream.xyz/terms/privacy.html | 200 OK Content-Length: 24252 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://s3azz.titty.elitewindowstream.xyz/templates/_common/footer_links/js/script.js | 200 OK Content-Length: 5674 Content-Type: application/javascript | clean |
http://s3azz.titty.elitewindowstream.xyz//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://s3azz.titty.elitewindowstream.xyz/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://turtekans.ru/terms/terms.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Jan 2015 00:24:40 GMT Location: http://restoran-bambuk.ru/404?keyword=terms.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=terms.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 10 Jan 2015 00:24:40 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 10 Jan 2015 00:24:40 GMT X-Powered-By: PHP/5.4.34 | clean |
http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Jan 2015 00:38:47 GMT Location: http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.27 | suspicious |
http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/ | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Sat, 10 Jan 2015 00:24:40 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Tue, 13 Jan 2015 00:24:40 GMT Set-Cookie: PHPSESSID=9l46dkrrehk3hbtaifpmbi2rb4; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/?page=lending&key=archive755217.zip%2f | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Sat, 10 Jan 2015 00:24:41 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Tue, 13 Jan 2015 00:24:41 GMT Set-Cookie: PHPSESSID=ub88ors0f7fpdp84m0fvngrn70; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://turtekans.ru/terms/aboutus.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Jan 2015 00:24:41 GMT Location: http://restoran-bambuk.ru/404?keyword=aboutus.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=aboutus.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 10 Jan 2015 00:24:41 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 10 Jan 2015 00:24:41 GMT X-Powered-By: PHP/5.4.34 | clean |
http://turtekans.ru/terms/privacy.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Jan 2015 00:24:42 GMT Location: http://restoran-bambuk.ru/404?keyword=privacy.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=privacy.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 10 Jan 2015 00:24:42 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 10 Jan 2015 00:24:42 GMT X-Powered-By: PHP/5.4.34 | clean |
http://turtekans.ru//titty.elitewindowstream.xyz/admin_config/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Jan 2015 00:24:42 GMT Location: http://restoran-bambuk.ru/404?keyword=.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 10 Jan 2015 00:24:43 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 10 Jan 2015 00:24:43 GMT X-Powered-By: PHP/5.4.34 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: turtekans.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 10 Jan 2015 00:24:33 GMT
Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D0%B3%D0%B4%D0%B7+%D0%B8+%D0%BB+%D0%B1%D0%B8%D0%BC+%D1%81%D0%B0%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BB%D1%8B%D1%82%D0%B0%D0%B5%D0%B2%D0%B0+10+%D0%BA%D0%BB%D0%B0%D1%81%D1%81&v=3&id_mark=3222
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
GET / HTTP/1.1
Host: turtekans.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 10 Jan 2015 00:24:33 GMT
Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D0%B3%D0%B4%D0%B7+%D0%B8+%D0%BB+%D0%B1%D0%B8%D0%BC+%D1%81%D0%B0%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BB%D1%8B%D1%82%D0%B0%D0%B5%D0%B2%D0%B0+10+%D0%BA%D0%BB%D0%B0%D1%81%D1%81&v=3&id_mark=3222
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: turtekans.ru
Referer: http://www.google.com/search?q=turtekans.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: turtekans.ru
Referer: http://www.google.com/search?q=turtekans.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.