Scanned pages/files
Request | Server response | Status |
http://mts.ru/ | HTTP/1.1 302 Found Date: Mon, 27 Apr 2015 18:43:32 GMT Location: http://www.mts.ru/ Server: Microsoft-IIS/8.5 Content-Length: 135 Compression-Control: whitespace Set-Cookie: ARRAffinity=beece71e0f60c1e7e87f7ad58d69a87f4584240f31cc6fc0a9773374e68c8962;Path=/;Domain=mts.ru X-Cms-Developed-By: Quantum Art X-Cms-Platform: QP8.Framework X-Powered-By: ASP.NET X-Powered-By: ARR/2.5 X-Powered-By: ASP.NET X-Site-Developed-By: Quantum Art | clean |
http://www.mts.ru/ | 200 OK Content-Length: 46220 Content-Type: text/html | suspicious |
Suspicious code found <table class="new_header_one"> <tr> <td> <h1 class="g-ir"><a href="http://www.mts.ru/" id="__HTMLDocument___HTMLBody_Header_PlaceHolderHeader_BaseHeaderBlock_lnkLogo" tabindex="12">ÐТС Ðа Ñаг впеÑеди</a></h1> </td> <td> <div class="current-region"> <a href="#" tabindex='13'>ÐоÑква и ÐодмоÑковÑе</a> </div> </td> </tr> </table> | ||
http://www.mts.ru/bundle/bndl/js/common/cm | 200 OK Content-Length: 181976 Content-Type: text/javascript | clean |
http://mts.ru/bundle/bndl/js/common/qa | HTTP/1.1 302 Found Date: Mon, 27 Apr 2015 18:43:33 GMT Location: http://www.mts.ru/bundle/bndl/js/common/qa Server: Microsoft-IIS/8.5 Content-Length: 159 Compression-Control: whitespace Set-Cookie: ARRAffinity=beece71e0f60c1e7e87f7ad58d69a87f4584240f31cc6fc0a9773374e68c8962;Path=/;Domain=mts.ru X-Cms-Developed-By: Quantum Art X-Cms-Platform: QP8.Framework X-Powered-By: ASP.NET X-Powered-By: ARR/2.5 X-Powered-By: ASP.NET X-Site-Developed-By: Quantum Art | clean |
http://www.mts.ru/bundle/bndl/js/common/qa | 200 OK Content-Length: 15824 Content-Type: text/javascript | clean |
http://Static03.mts.ru/upload/images/js/adfox/adfox.asyn.code.ver3.js | 200 OK Content-Length: 3318 Content-Type: application/javascript | clean |
http://mts.ru/bundle/bndl/js/common/ui | HTTP/1.1 302 Found Date: Mon, 27 Apr 2015 18:43:34 GMT Location: http://www.mts.ru/bundle/bndl/js/common/ui Server: Microsoft-IIS/8.5 Content-Length: 159 Compression-Control: whitespace Set-Cookie: ARRAffinity=eaa194b577f0c15c3f3dc1380911b6bad53b53c48c3d9b4bc82dce18b1f410c2;Path=/;Domain=mts.ru X-Cms-Developed-By: Quantum Art X-Cms-Platform: QP8.Framework X-Powered-By: ASP.NET X-Powered-By: ARR/2.5 X-Powered-By: ASP.NET X-Site-Developed-By: Quantum Art | clean |
http://www.mts.ru/bundle/bndl/js/common/ui | 200 OK Content-Length: 263857 Content-Type: text/javascript | clean |
http://mts.ru/bundle/bndl/js/regionResolve | HTTP/1.1 302 Found Date: Mon, 27 Apr 2015 18:43:35 GMT Location: http://www.mts.ru/bundle/bndl/js/regionresolve Server: Microsoft-IIS/8.5 Content-Length: 163 Compression-Control: whitespace Set-Cookie: ARRAffinity=eaa194b577f0c15c3f3dc1380911b6bad53b53c48c3d9b4bc82dce18b1f410c2;Path=/;Domain=mts.ru X-Cms-Developed-By: Quantum Art X-Cms-Platform: QP8.Framework X-Powered-By: ASP.NET X-Powered-By: ARR/2.5 X-Powered-By: ASP.NET X-Site-Developed-By: Quantum Art | clean |
http://www.mts.ru/bundle/bndl/js/regionresolve | 200 OK Content-Length: 17186 Content-Type: text/javascript | clean |
http://mts.ru/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZPFMOXMFM-3GeBDmCuo-bEwtPtZllvZyEVAiDN6JSNaniLmMEg2&t=635589543571259667 | HTTP/1.1 302 Found Date: Mon, 27 Apr 2015 18:43:35 GMT Location: http://www.mts.ru/webresource.axd?d=pyngkmcfuv13he1qd6_tzpfmoxmfm-3gebdmcuo-bewtptzllvzyevaidn6jsnanilmmeg2&t=635589543571259667 Server: Microsoft-IIS/8.5 Content-Length: 249 Compression-Control: whitespace Set-Cookie: ARRAffinity=eaa194b577f0c15c3f3dc1380911b6bad53b53c48c3d9b4bc82dce18b1f410c2;Path=/;Domain=mts.ru X-Cms-Developed-By: Quantum Art X-Cms-Platform: QP8.Framework X-Powered-By: ASP.NET X-Powered-By: ARR/2.5 X-Powered-By: ASP.NET X-Site-Developed-By: Quantum Art | clean |
http://www.mts.ru/webresource.axd?d=pyngkmcfuv13he1qd6_tzpfmoxmfm-3gebdmcuo-bewtptzllvzyevaidn6jsnanilmmeg2&t=635589543571259667 | 404 Not Found Content-Length: 21868 Content-Type: text/html | suspicious |
Suspicious code found <ul class="toplevel"> <li id="gcLI0" class="retail" onclick="setCookieCommon('siteSection', 'ab', 0, '/', '.mts.ru', null);"> <a id="hlML0" class="active" href="http://www.mts.ru/">ЧаÑÑнÑм клиенÑам</a> </li> <li id="gcLI1" class="corporate"> <a id="hlML1" href="http://www.corp.mts.ru/">ÐоÑпоÑаÑивнÑм клиенÑам</a> </li> <li id="gcLI2" class="company"> <a id="hlML2" href="http://www.company.mts.ru/">Ркомпании</a> </li> <li id="gcLI3" class="partners"> <a id="hlML3" href="http://www.dealers.mts.ru/">ÐаÑÑнеÑам</a> </li> </ul> | ||
https://static.ssl.mts.ru/upload/images/main/d2012/v30/f/js/modernizr.custom.84103.js | 200 OK Content-Length: 11028 Content-Type: application/javascript | clean |
https://static.ssl.mts.ru/upload/images/js/jquery-1.8.3.js | 200 OK Content-Length: 267792 Content-Type: application/javascript | clean |
https://static.ssl.mts.ru/upload/images/js/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
https://static.ssl.mts.ru/upload/templates/NDMainTemplate/v2/js/Common.js | 200 OK Content-Length: 4032 Content-Type: application/javascript | clean |
https://static.ssl.mts.ru/upload/templates/NDMainTemplate/v0/js/FootnotesJS_2.js | 200 OK Content-Length: 202 Content-Type: application/javascript | clean |
https://static.ssl.mts.ru/upload/images/main/d2012/v14/f/js/uniformInterface.js | 200 OK Content-Length: 3488 Content-Type: application/javascript | clean |
https://login.mts.ru/profile/js/2013v2/jquery.ba-hashchange.min.js | 200 OK Content-Length: 2704 Content-Type: application/javascript | clean |
http://mts.ru/test404page.js | HTTP/1.1 302 Found Date: Mon, 27 Apr 2015 18:43:37 GMT Location: http://www.mts.ru/test404page.js Server: Microsoft-IIS/8.5 Content-Length: 149 Compression-Control: whitespace Set-Cookie: ARRAffinity=d77d7274696c816ad20473425a30762549a13435a311a6a48bdc634a5be43b9a;Path=/;Domain=mts.ru X-Cms-Developed-By: Quantum Art X-Cms-Platform: QP8.Framework X-Powered-By: ASP.NET X-Powered-By: ARR/2.5 X-Powered-By: ASP.NET X-Site-Developed-By: Quantum Art | clean |
http://www.mts.ru/test404page.js | 404 Not Found Content-Length: 21868 Content-Type: text/html | suspicious |
Suspicious code found <ul class="toplevel"> <li id="gcLI0" class="retail" onclick="setCookieCommon('siteSection', 'ab', 0, '/', '.mts.ru', null);"> <a id="hlML0" class="active" href="http://www.mts.ru/">ЧаÑÑнÑм клиенÑам</a> </li> <li id="gcLI1" class="corporate"> <a id="hlML1" href="http://www.corp.mts.ru/">ÐоÑпоÑаÑивнÑм клиенÑам</a> </li> <li id="gcLI2" class="company"> <a id="hlML2" href="http://www.company.mts.ru/">Ркомпании</a> </li> <li id="gcLI3" class="partners"> <a id="hlML3" href="http://www.dealers.mts.ru/">ÐаÑÑнеÑам</a> </li> </ul> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mts.ru
Result:
HTTP/1.1 302 Found
Date: Mon, 27 Apr 2015 18:43:32 GMT
Location: http://www.mts.ru/
Server: Microsoft-IIS/8.5
Content-Length: 135
Compression-Control: whitespace
Set-Cookie: ARRAffinity=beece71e0f60c1e7e87f7ad58d69a87f4584240f31cc6fc0a9773374e68c8962;Path=/;Domain=mts.ru
X-Cms-Developed-By: Quantum Art
X-Cms-Platform: QP8.Framework
X-Powered-By: ASP.NET
X-Powered-By: ARR/2.5
X-Powered-By: ASP.NET
X-Site-Developed-By: Quantum Art
...135 bytes of data.
GET / HTTP/1.1
Host: mts.ru
Result:
HTTP/1.1 302 Found
Date: Mon, 27 Apr 2015 18:43:32 GMT
Location: http://www.mts.ru/
Server: Microsoft-IIS/8.5
Content-Length: 135
Compression-Control: whitespace
Set-Cookie: ARRAffinity=beece71e0f60c1e7e87f7ad58d69a87f4584240f31cc6fc0a9773374e68c8962;Path=/;Domain=mts.ru
X-Cms-Developed-By: Quantum Art
X-Cms-Platform: QP8.Framework
X-Powered-By: ASP.NET
X-Powered-By: ARR/2.5
X-Powered-By: ASP.NET
X-Site-Developed-By: Quantum Art
...135 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mts.ru
Referer: http://www.google.com/search?q=mts.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mts.ru
Referer: http://www.google.com/search?q=mts.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mts.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mts.ru/
Result: mts.ru is not infected or malware details are not published yet.
Result: mts.ru is not infected or malware details are not published yet.