Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ogtrk.mk.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ogtrk.mk.ua/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ogtrk.mk.ua/ | 200 OK Content-Length: 32082 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: psy-ufa.ru ...[37882 bytes skipped]... /> </div> </div> <footer class="footer clearfix"><br /><br /> <font><div align='center'>ÐÐÐÐÐÐÐÐСЬÐÐ ÐÐÐÐСÐÐ ÐÐÐ ÐТÐÐÐÐ ÐÐÐÐÐÐÐÐÐÐÐЯ © 2013</div></font> <br /><br /> </footer> </div> </body><script type="text/javascript" src="http://psy-ufa.ru/wp-includes/images/wlw/1/404.php"></script> </html> | ||
http://ogtrk.mk.ua/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/plugins/content/highslide/highslide-full.packed.js | 200 OK Content-Length: 47973 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/plugins/content/highslide/easing_equations.js | 200 OK Content-Length: 9387 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/plugins/content/highslide/swfobject.js | 200 OK Content-Length: 9759 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/plugins/content/highslide/config/js/highslide-sitesettings.js | 200 OK Content-Length: 10008 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/modules/mod_blog_calendar/js/blog_calendar.js | 200 OK Content-Length: 3214 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/templates/lexx/jquery.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/templates/lexx/script.js | 200 OK Content-Length: 43346 Content-Type: application/javascript | clean |
http://ogtrk.mk.ua/templates/lexx/script.responsive.js | 200 OK Content-Length: 13282 Content-Type: application/javascript | clean |
http://master-style.ru/js/tiny_mce/plugins/emotions/img/1/404.php | 404 Not Found Content-Length: 359 Content-Type: text/html | clean |
http://master-style.ru/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ogtrk.mk.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 11 Jun 2014 04:16:16 GMT
Pragma: no-cache
Server: Apache/2.2.17 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 87daaa4983de34a517d0947a10b11cc1=rssb4o073micj2bpbffnbjp0e5; path=/
X-Powered-By: PHP/5.3.5-1ubuntu7.7
GET / HTTP/1.1
Host: ogtrk.mk.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 11 Jun 2014 04:16:16 GMT
Pragma: no-cache
Server: Apache/2.2.17 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 87daaa4983de34a517d0947a10b11cc1=rssb4o073micj2bpbffnbjp0e5; path=/
X-Powered-By: PHP/5.3.5-1ubuntu7.7
Second query (visit from search engine):
GET / HTTP/1.1
Host: ogtrk.mk.ua
Referer: http://www.google.com/search?q=ogtrk.mk.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ogtrk.mk.ua
Referer: http://www.google.com/search?q=ogtrk.mk.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.