Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP IT

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2014.09.15 23:21
*Site : http://jwtop.net
*Info : 211.196.153.123, KR(, Korea, Republic of)
*Check url : 27 counts
*Loading time : 0sec
*Google SafeBrowsing : Not founds.
*Result
 (1) user tracking code (google-analytics.com) - 4건 발견
 (2) http://hannuri.info/popup/popup_c1.htm - 1건 발견
 (3) user information check - 1건 발견
 (4) user cookie check - 1건 발견
 (5) user cookie check - 1건 발견


http://zerocert.org/?code=8daa9e2a22b4e5063ab8ffd712337d247132f655214232eddc130ff889266bf0

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain not found
  • same Domain not found

http://jwtop.net
    -> user cookie check
  [frame] http://jwtop.net/bod/?doc=index-true.php&xrURL=http://search.daum.net/
    [swf] http://jwtop.net/bod/../swf/main_1.swf -> pass
    [swf] http://jwtop.net/bod/../swf/menu.swf -> pass
    [swf] http://jwtop.net/bod/../swf/main.swf -> pass
    [frame] http://jwtop.net/bod/../sbn.php
      [script] http://jwtop.net/js/admin.js
    [script] http://jwtop.net/bod/javascript.js
      -> user information check
      -> user cookie check
    [script] http://jwtop.net/bod/../js/dy.js
    [script] http://jwtop.net/bod/wrest.js
      [script] http://dasir.com
  [frame] http://jwtop.net/UntitledFrame-5
    [Location] http://html.eznuri.co.kr/404.html
  [script] http://hannuri.info/popup/popup_c1.htm -> Malware url
    -> user tracking code (google-analytics.com)
    [script(*)] http://www.google-analytics.com/ga.js
    [frame] http://d1vbm0eveofcle.cloudfront.net/scripts/json3.min.js
    [script] http://www.google.com/adsense/domains/caf.js -> pass
    [script] http://www.parkingcrew.net/scripts/sale_form.js
    [script] http://d1vbm0eveofcle.cloudfront.net/scripts/js3caf.js
      [script] http://dp.g.doubleclick.net/apps/domainpark/domainpark.cgi?client=
    [script] http://d1vbm0eveofcle.cloudfront.net/scripts/tier2caf.js
    [script] http://hannuri.info/scripts/feedmeCaf.php?q=&ip=106.240.229.114&max=10&hl=kr&d=hannuri.info&ron=0&adult=0
    [script] http://www.parkingcrew.net/privacy2.html
      [script] http://www.parkingcrew.com/images/header_bg.jpg
      [script] http://www.parkingcrew.com/images/base350.gif
  [script] http://hannuri.info/popup/popup_c2.htm
    -> user tracking code (google-analytics.com)
  [script] http://hannuri.info/popup/popup_c3.htm
    -> user tracking code (google-analytics.com)
  [script] http://hannuri.info/popup/popup_c4.htm
    -> user tracking code (google-analytics.com)
*Country
unknown



*Whois
No match for "JWTOP.NET".
>>> Last update of whois database: 2025-03-14T07:18:33Z <<<

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

[Info] Changing api service domain address (center.zerocert.org -> cert.zero.camp), API Reference

- Today malware detected : 160 counts