Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1cka.by
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Sep 2014 22:06:29 GMT
Server: nginx/1.4.4
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: 1cka.by
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Sep 2014 22:06:29 GMT
Server: nginx/1.4.4
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1cka.by
Referer: http://www.google.com/search?q=1cka.by
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1cka.by
Referer: http://www.google.com/search?q=1cka.by
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://1cka.by/ | 200 OK Content-Length: 19901 Content-Type: text/html | clean |
http://1cka.by/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://1cka.by/modules/mod_rokajaxsearch/js/rokajaxsearch.js | 200 OK Content-Length: 15974 Content-Type: application/x-javascript | clean |
http://1cka.by/function.session-start | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Sep 2014 22:06:30 GMT Location: http://start.hoster.by/404.html Server: nginx/1.4.4 Content-Length: 215 Content-Type: text/html; charset=iso-8859-1 | clean |
http://start.hoster.by/404.html | 200 OK Content-Length: 4976 Content-Type: text/html | clean |
http://start.hoster.by/contacts.html | 200 OK Content-Length: 5589 Content-Type: text/html | clean |
http://start.hoster.by/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Sep 2014 22:06:31 GMT Location: http://start.hoster.by/404.html Server: nginx/1.4.4 Content-Length: 215 Content-Type: text/html; charset=iso-8859-1 | clean |
http://1cka.by/aboutus.html | 200 OK Content-Length: 17337 Content-Type: text/html | clean |
http://1cka.by/our-services.html | 200 OK Content-Length: 17963 Content-Type: text/html | clean |
http://1cka.by/audit.html | 200 OK Content-Length: 71724 Content-Type: text/html | clean |
http://1cka.by/oursolutions.html | 200 OK Content-Length: 15804 Content-Type: text/html | clean |
http://1cka.by/oursolutions/card-of-accounts.html | 200 OK Content-Length: 15293 Content-Type: text/html | clean |
http://1cka.by/oursolutions/function.session-start | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Sep 2014 22:06:33 GMT Location: http://start.hoster.by/404.html Server: nginx/1.4.4 Content-Length: 215 Content-Type: text/html; charset=iso-8859-1 | clean |
http://1cka.by/oursolutions/batch-accounting.html | 200 OK Content-Length: 42235 Content-Type: text/html | clean |
http://1cka.by/oursolutions/partionny-account.html | 200 OK Content-Length: 37498 Content-Type: text/html | clean |
http://1cka.by/oursolutions/client-bank.html | 200 OK Content-Length: 15078 Content-Type: text/html | clean |
http://1cka.by/oursolutions/data-wrap.html | 200 OK Content-Length: 15353 Content-Type: text/html | clean |
http://1cka.by/oursolutions/data-import-from-vetraz.html | 200 OK Content-Length: 20818 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1cka.by
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1cka.by/
Result: 1cka.by is not infected or malware details are not published yet.
Result: 1cka.by is not infected or malware details are not published yet.