Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP IT

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2020.09.15 07:05
*Site : http://takesupport.us/
*Title : Take Support - Download Software
*Info : 107.180.50.187, US(Scottsdale, United States)
*Check url : 21 counts
*Loading time : 20.298314sec
*Reference
  - VIRUSTOTAL : URL Hash 2020-09-14 10:03:11 3/79,  FILE Hash not found
  - Google SafeBrowsing(GSB) : takesupport.us is not found
*Result
 (1) Suspicious url(NULL) - 2count
 (2) http://www.ammyy.com/AA_v3.exe - 1count
 (3) user tracking code (google-analytics.com) - 1count
 (4) user information check - 1count
 (5) EXE File Signatures - 1count
 (6) (+) MD5 : revosetup.exe (8f11f6f501842000335db691143ffb9f) - 1count


Public Link : http://zerocert.org/?code=181227801564bfa9b9da5d2e67b64bbdd8fb9384f3359af7550b1f08ca43245c

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain not found
  • Relation ip : 1cnts → 103.224.212.210 [Node View]
  • same Domain not found
  • same IP not found
  • same IP bands: 103.224.212.x 2cnts
  • same ASN : AS133618 1cnts

http://takesupport.us/
  [script] https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js
  [script] https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js
  [script] http://takesupport.us/js/jquery.js
  [script] http://takesupport.us/js/bootstrap.min.js
  [script] http://takesupport.us/js/docs.js
  [script] http://files.downloadnow-1.com/s/software/15/78/11/40/iobituninstaller.exe?token=1501172997_e06e00de40610dc9347d0014a23dd53e&fileName=iobituninstaller.exe  -> Offline
  [exe] https://download.teamviewer.com/download/TeamViewer_Setup.exe
    [Location] https://dl.teamviewer.com/download/TeamViewer_Setup.exe
      -> Suspicious url(NULL)
      [Location] https://dl.teamviewer.com/download/download/version_15x/TeamViewer_Setup.exe
  [exe] http://takesupport.us/assets/AA_v3.exe  -> Offline
  [exe] http://download3.showmypc.com/ShowMyPC3515.exe  -> Offline
  [exe] http://takesupport.us/assets/gta.exe  -> Offline?
  [exe] http://www.ammyy.com/AA_v3.exe -> Malware url
    [Location] https://www.ammyy.com/AA_v3.exe
      -> Suspicious url(NULL)
      [Location] http://www.ammyy.com/en/downloads.html
        [Location] https://www.ammyy.com/en/downloads.html
          -> user tracking code (google-analytics.com)
          [script(*)] http://www.google-analytics.com/ga.js
            -> user information check
  [exe] http://takesupport.us/assets/revosetup.exe
    -> (+) MD5 : revosetup.exe (8f11f6f501842000335db691143ffb9f)
    -> EXE File Signatures
    [script] http://schemas.microsoft.com/SMI/2005/WindowsSettings  -> Offline
    [script] http://ts-ocsp.ws.symantec.com0  -> Offline?
*Country
takesupport.us - AU, 103.224.212.210 (, Australia)



*Whois
Domain Name: takesupport.us
Registry Domain ID: DD50D5B0A9004440CAA264A452C2B00FF-GDREG
Registrar WHOIS Server: whois.dynadot.com
Registrar URL: https://www.dynadot.com/
Updated Date: 2024-02-01T18:30:10Z
Creation Date: 2021-09-09T13:48:46Z
Registry Expiry Date: 2024-09-09T13:48:46Z
Registrar: Dynadot Inc
Registrar IANA ID: 472
Registrar Abuse Contact Email: abuse@dynadot.com
Registrar Abuse Contact Phone: +1.6502620100
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: C943AE03CE3EA43BC90AF52663FCB00EC-GDREG
Registrant Name: Domain Privacy
Registrant Organization: Domain Name Privacy Inc.
Registrant Street: 111 Leoforos Chlorakas
Registrant Street: Shop 9, Suite 500
Registrant Street:
Registrant City: Chloraka
Registrant State/Province: Paphos
Registrant Postal Code: 8220
Registrant Country: CY
Registrant Phone: +1.3256663867
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: whois@domainnameprivacyinc.com
Registrant Application Purpose: P1
Registrant Nexus Category: C31/CY
Registry Admin ID: C943AE03CE3EA43BC90AF52663FCB00EC-GDREG
Admin Name: Domain Privacy
Admin Organization: Domain Name Privacy Inc.
Admin Street: 111 Leoforos Chlorakas
Admin Street: Shop 9, Suite 500
Admin Street:
Admin City: Chloraka
Admin State/Province: Paphos
Admin Postal Code: 8220
Admin Country: CY
Admin Phone: +1.3256663867
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: whois@domainnameprivacyinc.com
Admin Application Purpose: P1
Admin Nexus Category: C31/CY
Registry Tech ID: C943AE03CE3EA43BC90AF52663FCB00EC-GDREG
Tech Name: Domain Privacy
Tech Organization: Domain Name Privacy Inc.
Tech Street: 111 Leoforos Chlorakas
Tech Street: Shop 9, Suite 500
Tech Street:
Tech City: Chloraka
Tech State/Province: Paphos
Tech Postal Code: 8220
Tech Country: CY
Tech Phone: +1.3256663867
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: whois@domainnameprivacyinc.com
Tech Application Purpose: P1
Tech Nexus Category: C31/CY
Name Server: ns15.abovedomains.com
Name Server: ns16.abovedomains.com
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2024-03-28T21:26:58Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

.US WHOIS Complaint Tool - http://www.whoiscomplaints.us
Advanced WHOIS Instructions - http://whois.us/help.html

Registry Services, LLC, the Registry Administrator for .US, has collected this information for the WHOIS database through a .US-Accredited Registrar. This information is provided to you for informational purposes only and is designed to assist persons in determining contents of a domain name registration record in the registry database.

Registry Services, LLC makes this information available to you "as is" and does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data:

(1) to allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone;
(2) in contravention of any applicable data and privacy protection laws; or
(3) to enable high volume, automated, electronic processes that apply to the registry (or its systems).

Compilation, repackaging, dissemination, or other use of the WHOIS database in its entirety, or of a substantial portion thereof, is not allowed without our prior written permission.

We reserve the right to modify or change these conditions at any time without prior or subsequent notification of any kind. By executing this query, in any manner whatsoever, you agree to abide by these terms. NOTE: FAILURE TO LOCATE A RECORD IN THE WHOIS DATABASE IS NOT INDICATIVE OF THE AVAILABILITY OF A DOMAIN NAME. All domain names are subject to certain additional domain name registration rules. For details, please visit our site at www.whois.us.

*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

[Info] Changing api service domain address (center.zerocert.org -> cert.zero.camp), API Reference