Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP IT

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2017.06.28 12:51
*Site : http://kggc.kr/
*Title : 금산인삼협동조합
*Info : 112.175.93.2, KR(, Korea, Republic of)
*Check url : 39 counts
*Loading time : 5.442477sec
*Reference
  - MANGOSCAN : not found
  - VIRUSTOTAL : URL Hash not found,  FILE Hash not found
  - Google SafeBrowsing(GSB) : kggc.kr is not found
*Result
 (1) Suspicious script has been detected (Obfuscation:URL.161101) - 15count
 (2) Malicious URL(http://134.249.116.78/jquery.js) - 15count
 (3) user information check - 7count
 (4) Suspicious url(NULL) - 6count
 (5) Apache Struts2 S2-045(CVE-2017-5638) : not vulnerable. - 1count
 (6) Apache Struts2 S2-032(CVE-2016-3081) : not vulnerable. - 1count
 (7) Suspicious file (Virustotal detection ratio) - 1count
 (8) https://onclkds.com/afu.php?zoneid=1157984 - 1count
 (9) http://134.249.116.78/jquery.js - 1count
 (10) (-) ee06fbde1d203270408be269ce491be5 - 1count
 (11) (-) c92750f4e820ea0f106c6f36254b8a6f / Virustotal : 2017-06-23 03:47:20 7/24 - 1count
 (12) (-) b798ec093f92f940e1a0d6fd8bf85b46 - 1count
 (13) (-) a6072c659cd3e163c426e37240545a1a - 1count
 (14) (-) 9f48784c75bff1d960131d607c0038ce - 1count
 (15) (-) 83c576d15d92500f062e2e4a7d0b785b - 1count
 (16) (-) 718b60a82aa8a65538282e8b3567e557 - 1count
 (17) (-) 5ee89076f796aeeacab28effd037ffa2 - 1count
 (18) (-) 4dd2dc55f416b0e5725b3c15dd943bb9 / Virustotal : 2017-06-23 03:47:23 19/55 - 1count
 (19) (-) 457b971337969707730444827b71d124 - 1count
 (20) (-) 2fbfecaed67cc5e9045cd78eb78bd056 - 1count
 (21) (-) 282e035a8e04670a11033dcef6798355 - 1count
 (22) (-) 1f42efa083670d94090747b1b0cea415 - 1count
 (23) (-) 0c5213692037e28a3cffe36bec0eb247 - 1count


Public Link : http://zerocert.org/?code=5cf47d2ec46f0bdd1be41f34ba8cca795f18eb3a6444513e306608aa3b349450

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain not found
  • same Domain not found

http://kggc.kr/
  [script] http://k-ginseng.kr
    -> Suspicious url(NULL)
    [Location] http://geumsanginseng.com/
      [script] http://geumsanginseng.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
        (-) 4dd2dc55f416b0e5725b3c15dd943bb9 / Virustotal : 2017-06-23 03:47:23 19/55
        -> Suspicious file (Virustotal detection ratio)
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
        [Decode] http://134.249.116.78/jquery.js -> Malware url  -> Offline?
        [unescape] https://onclkds.com/afu.php?zoneid=1157984 -> Malware url
          -> user information check
          [script] http://www.w3.org/1999/html  -> Offline
      [script] http://geumsanginseng.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
        (-) c92750f4e820ea0f106c6f36254b8a6f / Virustotal : 2017-06-23 03:47:20 7/24
        -> user information check
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider-min.js?ver=3.3.7
        (-) 2fbfecaed67cc5e9045cd78eb78bd056
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.3.7
        (-) 0c5213692037e28a3cffe36bec0eb247
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/themes/bct4d/js/common.js?ver=20150422
        (-) 1f42efa083670d94090747b1b0cea415
        -> user information check
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/themes/bct4d/js/theme.js?ver=20150422
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/themes/bct4d/js/image-slider.js?ver=20150422
        (-) 457b971337969707730444827b71d124
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/themes/bct4d/js/jquery.mobile.just-touch.js?ver=20150422
        (-) 9f48784c75bff1d960131d607c0038ce
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/themes/bct4d/skins/tong/js/skin.js?ver=20150422
        (-) 718b60a82aa8a65538282e8b3567e557
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1.2.8
        (-) ee06fbde1d203270408be269ce491be5
        -> user information check
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-content/plugins/responsive-lightbox/assets/swipebox/js/jquery.swipebox.min.js?ver=1.6.8
        (-) 83c576d15d92500f062e2e4a7d0b785b
        -> user information check
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
        [frame] http://player.vimeo.com/video/
          -> Suspicious url(NULL)
          [Location] https://player.vimeo.com/video/
        [script] http://www.w3.org/2000/svg
      [script] http://geumsanginseng.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=1.6.8
        (-) 282e035a8e04670a11033dcef6798355
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
        [frame] http://www.facebook.com/plugins/like.php?locale=en_US&href=
          -> Suspicious url(NULL)
          [Location] https://www.facebook.com/plugins/like.php?locale=en_US&href
            [script] https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/sWVEHzCL54j.js
            [script] https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/X-UnxuDA9kH.js
            [script] https://static.xx.fbcdn.net/rsrc.php/v3ibIg4/yQ/l/en_US/GFA_kRwai_I.js
        [script] http://platform.twitter.com/widgets.js
      [script] http://ie7-js.googlecode.com/svn/version/2.1(beta4)/IE9.js  -> Offline
      [script] http://css3-mediaqueries-js.googlecode.com/svn/trunk/css3-mediaqueries.js  -> Offline
      [script] http://geumsanginseng.com/wp-content/plugins/kboard/template/js/script.js?ver=5.2
        (-) a6072c659cd3e163c426e37240545a1a
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [script] http://geumsanginseng.com/wp-includes/js/wp-embed.min.js?ver=4.7.5
        (-) b798ec093f92f940e1a0d6fd8bf85b46
        -> user information check
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
      [write] http://geumsanginseng.com/wp-includes/js/wp-emoji-release.min.js?ver=4.7.5
        (-) 5ee89076f796aeeacab28effd037ffa2
        -> user information check
        -> Suspicious script has been detected (Obfuscation:URL.161101)
        -> Malicious URL(http://134.249.116.78/jquery.js)
        [script] http://www.w3.org/TR/SVG11/feature#Image
          [Location] http://www.w3.org/TR/SVG11/feature.html
          [script] http://www.w3.org/TR/SVG11/style/expanders.js
      [write] http://geumsanginseng.com/wp-admin/admin-post.php
        -> Suspicious url(NULL)
      [write] http://geumsanginseng.com/wp-admin/admin-ajax.php
        -> Suspicious url(NULL)
      [write] http://geumsanginseng.com/wp-content/plugins/kboard
        [Location] http://geumsanginseng.com/wp-content/plugins/kboard/
          -> Suspicious url(NULL)
*Country
unknown



*Whois
query : kggc.kr


# KOREAN(UTF8)

상기 도메인이름은 등록되어 있지 않습니다.
상기 도메인이름의 사용을 원하실 경우 도메인이름 등록대행자를 통해
등록 신청하시기 바랍니다.



# ENGLISH

The requested domain was not found in the Registry or Registrar’s WHOIS Server.



- KISA/KRNIC WHOIS Service -


*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

[Info] Changing api service domain address (center.zerocert.org -> cert.zero.camp), API Reference

- Today malware detected : 187 counts