Scanned pages/files
Request | Server response | Status |
http://autodg.org/ | 200 OK Content-Length: 4765 Content-Type: text/html | suspicious |
Suspicious code found <p> Ñòîèìîñòü äîñòóïà ñîñòàâëÿåò 20.00 ðóáëåé (âêëþ÷àÿ ÍÄÑ) çà 1 äåíü äëÿ àáîíåíòîâ ÎÀÎ "ÌåãàÔîí"; Ïðîäëåíèå äîñòóïà ïðîèñõîäèò àâòîìàòè÷åñêè, ïîñðåäñòâîì ïîäïèñêè. Äëÿ îòêàçà îò ïðåäîñòàâëåíèÿ Ïîäïèñêè íà óñëóãó îòïðàâüòå SMS-ñîîáùåíèå ñî ñëîâîì ÑÒÎÏ 4215 íà íîìåð 5051 äëÿ àáîíåíòîâ ÎÀÎ "ÌåãàÔîí" Cîîáùåíèå áåñïëàòíî â äîìàøíåì ðåãèîíå.; Ëèáî âîñïîëüçóéòåñü ôîðìîé óïðàâëåíèÿ ïîäïèñêîé. Òåëåôîí ñëóæáû ïîääåðæêè: 8-800-3333-455 (çâîíîê áåñïëà <p> Ñòîèìîñòü äîñòóïà ñîñòàâëÿåò 20.00 ðóáëåé (âêëþ÷àÿ ÍÄÑ) çà 1 äåíü äëÿ àáîíåíòîâ ÎÀÎ «ÂûìïåëÊîì»; Ïðîäëåíèå äîñòóïà ïðîèñõîäèò àâòîìàòè÷åñêè, ïîñðåäñòâîì ïîäïèñêè. Äëÿ îòêàçà îò ïðåäîñòàâëåíèÿ Ïîäïèñêè íà óñëóãó îòïðàâüòå SMS-ñîîáùåíèå ñî ñëîâîì ÑÒÎÏ íà íîìåð 1955 äëÿ àáîíåíòîâ ÎÀÎ "ÂûìïåëÊîì" ñîîáùåíèå áåñïëàòíî â äîìàøíåì ðåãèîíå.; Ëèáî âîñïîëüçóéòåñü ôîðìîé óïðàâëåíèÿ ïîäïèñêîé. Òåëåôîí ñëóæáû ïîääåðæêè: 8-800-3333-455 (çâîíîê áåñïëàòíûé). </p> | ||
http://autodg.org/reg.php | HTTP/1.1 302 Found Connection: close Date: Sat, 28 Feb 2015 18:38:27 GMT Location: http://subwap.jumpit.ru/col/mds4/partner/wap_tmp/enter.jsp?status=new&serviceid=autodg&returnurl=mft-subscribe%2Fws%2Fop%2Fcode%2F0ac32326-3a46-413b-b35f-71130dc17c71&psid=a5eMfv59mz9DvreB&transactid=123206150 Server: nginx/1.2.3 Content-Length: 329 Content-Type: text/html; charset=WINDOWS-1251 X-Powered-By: PHP/5.4.6 | clean |
http://subwap.jumpit.ru/col/mds4/partner/wap_tmp/enter.jsp?status=new&serviceid=autodg&returnurl=mft-subscribe%2fws%2fop%2fcode%2f0ac32326-3a46-413b-b35f-71130dc17c71&psid=a5emfv59mz9dvreb&transactid=123206150 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 28 Feb 2015 19:40:12 GMT Location: http://podpiskipro.ru/is3nwp/psm/auth?service_id=2251&return_url=mds4%2Fpartner%2Fwap_tmp%2Fenter.jsp%3Fstatus%3Dnew%26serviceid%3Dautodg%26returnurl%3Dmft-subscribe%252fws%252fop%252fcode%252f0ac32326-3a46-413b-b35f-71130dc17c71%26psid%3Da5emfv59mz9dvreb%26transactid%3D123206150 Content-Length: 0 Content-Type: text/mul;charset=UTF-8 Set-Cookie: JSESSIONID=E5CB077DB2BF6B961D7B4DD0E9805CE0.sub1; Path=/col | clean |
http://podpiskipro.ru/is3nwp/psm/auth?service_id=2251&return_url=mds4%2fpartner%2fwap_tmp%2fenter.jsp%3fstatus%3dnew%26serviceid%3dautodg%26returnurl%3dmft-subscribe%252fws%252fop%252fcode%252f0ac32326-3a46-413b-b35f-71130dc17c71%26psid%3da5emfv59mz9dvreb%26transactid%3d123206150 | HTTP/1.1 302 Found Connection: close Date: Sat, 28 Feb 2015 19:40:14 GMT Via: 1.1 podpiskipro.ru Location: http://subwap.jumpit.ru/col/mds4/partner/wap_tmp/enter.jsp?status=new&serviceid=autodg&returnurl=mft-subscribe%2fws%2fop%2fcode%2f0ac32326-3a46-413b-b35f-71130dc17c71&psid=a5emfv59mz9dvreb&transactid=123206150&tmp_id=no&service_id=2251 Server: Apache-Coyote/1.1 Content-Length: 0 Content-Type: text/plain; charset=UTF-8 Set-Cookie: JSESSIONID=0D8C15FD8B3FB86ABBB0077FB435AF22; Path=/is3nwp Set-Cookie: jsession_01=0D8C15FD8B3FB86ABBB0077FB435AF22; Path=/is3nwp | clean |
http://subwap.jumpit.ru/col/mds4/partner/wap_tmp/enter.jsp?status=new&serviceid=autodg&returnurl=mft-subscribe%2fws%2fop%2fcode%2f0ac32326-3a46-413b-b35f-71130dc17c71&psid=a5emfv59mz9dvreb&transactid=123206150&tmp_id=no&service_id=2251 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 28 Feb 2015 19:40:14 GMT Location: http://podpiskipro.ru/is3nwp/psmcharge/charge?service_id=2251&opt_id=322552913&template=autodg_WAP_1&sid=nuirmkts&return_url=mds4%2Fpartner%2Fwap_tmp%2Fexit.jsp%3Freturnurl%3Dmft-subscribe%252Fws%252Fop%252Fcode%252F0ac32326-3a46-413b-b35f-71130dc17c71%26serviceid%3Dautodg%26transactid%3D123206150&status=new&new_if&context=trid_123206150 Content-Length: 0 Content-Type: text/mul;charset=UTF-8 Set-Cookie: JSESSIONID=47BC3D25DABDD36C2CD69E212DFA967E.sub1; Path=/col | clean |
http://podpiskipro.ru/is3nwp/psmcharge/charge?service_id=2251&opt_id=322552913&template=autodg_wap_1&sid=nuirmkts&return_url=mds4%2fpartner%2fwap_tmp%2fexit.jsp%3freturnurl%3dmft-subscribe%252fws%252fop%252fcode%252f0ac32326-3a46-413b-b35f-71130dc17c71%26serviceid%3dautodg%26transactid%3d123206150&status=new&new_if&context=trid_123206150 | 400 Bad Request Content-Length: 968 Content-Type: text/html | clean |
http://podpiskipro.ru/test404page.js | 404 Not Found Content-Length: 1019 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: autodg.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Feb 2015 18:38:23 GMT
Server: nginx/1.2.3
Content-Length: 4765
Content-Type: text/html; charset=WINDOWS-1251
X-Powered-By: PHP/5.4.6
...4765 bytes of data.
GET / HTTP/1.1
Host: autodg.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Feb 2015 18:38:23 GMT
Server: nginx/1.2.3
Content-Length: 4765
Content-Type: text/html; charset=WINDOWS-1251
X-Powered-By: PHP/5.4.6
...4765 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: autodg.org
Referer: http://www.google.com/search?q=autodg.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: autodg.org
Referer: http://www.google.com/search?q=autodg.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=autodg.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://autodg.org/
Result: autodg.org is not infected or malware details are not published yet.
Result: autodg.org is not infected or malware details are not published yet.