ZeroCERT Team

Report

Result
Link
Whois
Reference

*Date : 2017.06.11 15:54
*Site : http://www.sbw.or.kr
*Title :
*Info : 121.254.231.226, KR(, Korea, Republic of)
*Check url : 35 counts
*Loading time : 16.494445sec
*Reference
  - MANGOSCAN : not found
  - VIRUSTOTAL : URL Hash not found, FILE Hash not found
  - Google SafeBrowsing(GSB) : sbw.or.kr is not found
*Result
(1) Suspicious url(NULL) - 6count
(2) user information check - 5count
(3) user cookie check - 3count
(4) Apache Struts2 S2-045(CVE-2017-5638) : not vulnerable. - 1count
(5) Apache Struts2 S2-032(CVE-2016-3081) : not vulnerable. - 1count
(6) https://www.yahoo.com/' + url + ' - 1count

Public Link : http://zerocert.org/?code=0e5b65cfb0fd19bd330aa4dd6c938d63de73fc0177a32db37b82e296460c5890

*Latest detected Domain

이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
Relation domain not found
Relation ip not found
same Domain not found
same IP not found
same IP bands not found
same ASN not found

http://www.sbw.or.kr
  [Location] http://www.yahoo.com
    [Location] https://www.yahoo.com/
      -> user information check
      -> user cookie check
      [script(*)] https://beap-bc.yahoo.com/yi?bv=1.0.0&bs=(136scouq1(gid$KxeBFTk4LjF9gGKKWTznS1hgMTAuMgAAAACQSFnV,st$1497163595575892,si$4452051,sp$2023538075,pv$1,v$2.0))&t=J_3-D_3&al=(as$125mrfh6h,aid$ZHPMD2KKamo-,cr$-1,ct$25,at$H,eob$gd1_match_id=-1:ypos=FPAD)
      [script(*)] https://na.ads.yahoo.com/yax/banner?ve=1&tt=1&si=85525561&asz=300x250&u=https://www.yahoo.com/&gdAdId=u7DMD2KKamo-&gdUuid=KxeBFTk4LjF9gGKKWTznS1hgMTAuMgAAAACQSFnV&gdSt=1497163595575892&publisher_blob=seg:0;pt:1;ver:megastrm;layout:default|KxeBFTk4LjF9gGKKWTznS1hgMTAuMgAAAACQSFnV|2023538075|LREC|1497163595.512107|2-9-20:ysd:1&pub_redirect=https://beap-bc.yahoo.com/yc/YnY9MS4wLjAmYnM9KDE3aWliMXJvZChnaWQkS3hlQkZUazRMakY5Z0dLS1dUem5TMWhnTVRBdU1nQUFBQUNRU0ZuVixzdCQxNDk3MTYzNTk1NTc1ODkyLHNpJDQ0NTIwNTEsc3AkMjAyMzUzODA3NSxjdCQyNSx5YngkaHZ3Q3pKZFVyMXg4YkJvTF9TZ3hqUSxsbmckZW4tdXMsY3IkNDYwMDYxNTU1MSx2JDIuMCxhaWQkdTdETUQyS0thbW8tLGJpJDIzMzIwODQ1NTEsbW1lJDk4MTUxMDQyOTc0MDU1NjE4OTQsciQwLHlvbyQxLGFncCQzNTU4NjY0MDUxLGFwJExSRUMpKQ/2/*&K=1
        [script(*)] https://na.ads.yahoo.com/yax///pagead2.googlesyndication.com/pagead/js/adsbygoogle.js  -> Offline
        [frame] https://na.ads.yahoo.com/
        [frame] https://ads.yahoo.com/get-user-id?ver=2&n=38544&ts=1497163595&sig=869db70a391eab57
      [script(*)] https://www.yahoo.com/' + url + ' -> Malware url  -> Offline
      [script(*)] https://beap-bc.yahoo.com/yi?bv=1.0.0&bs=(136scouq1(gid$KxeBFTk4LjF9gGKKWTznS1hgMTAuMgAAAACQSFnV,st$1497163595575892,si$4452051,sp$2023538075,pv$1,v$2.0))&t=J_3-D_3&al=(as$13a3sr16k,aid$u7DMD2KKamo-,bi$2332084551,agp$3558664051,cr$4600615551,ct$25,at$H,eob$gd1_match_id=-1:ypos=LREC)
      [script(*)] https://beap-bc.yahoo.com/yi?bv=1.0.0&bs=(136scouq1(gid$KxeBFTk4LjF9gGKKWTznS1hgMTAuMgAAAACQSFnV,st$1497163595575892,si$4452051,sp$2023538075,pv$1,v$2.0))&t=J_3-D_3&al=(as$1250lhrgh,aid$Eu7MD2KKamo-,cr$-1,ct$25,at$H,eob$gd1_match_id=-1:ypos=MAST)
      [script(*)] https://beap-bc.yahoo.com/yi?bv=1.0.0&bs=(136scouq1(gid$KxeBFTk4LjF9gGKKWTznS1hgMTAuMgAAAACQSFnV,st$1497163595575892,si$4452051,sp$2023538075,pv$1,v$2.0))&t=J_3-D_3
      [script] https://s.yimg.com/rq/darla/2-9-20/js/g-r-min.js
        -> user information check
      [script] https://s.yimg.com/zz/combo?yui:/3.18.0/yui/yui-min.js&/ss/rapid-3.42.1.js&/os/mit/td/aperollup-min-0f7afcb9_desktop_advance.js
        -> user information check
        -> user cookie check
        [script(*)] http://www.tumblr.com/share/
          -> Suspicious url(NULL)
          [Location] https://www.tumblr.com/share/
            -> Suspicious url(NULL)
            [Location] https://www.tumblr.com/widgets/share/tool?shareSource=legacy&canonicalUrl=&url=http%3A%2F%2Fwww.tumblr.com%2Fshare%2F
        [script] http://www.w3.org/TR/SVG11/feature#BasicStructure
      [script] https://s.yimg.com/zz/combo?&&/os/mit/td/td-applet-stream-atomic-2.0.762/r-min.js&/os/mit/td/td-applet-mega-header-1.0.518/r-min.js&/os/mit/td/td-applet-viewer-0.1.2579/r-min.js&/os/mit/td/td-applet-navlinks-atomic-0.0.90/r-min.js&/os/mit/td/td-applet-fp-utils-0.1.282/r-min.js&/os/mit/td/td-applet-breakingnews-atomic-0.0.49/r-min.js
        -> user information check
        -> user cookie check
        [frame] https://s.yimg.com/zz/).reference(t.getPath(!1,[  -> Offline
      [script] https://s.yimg.com/zz/combo?/os/yaft/yaft-0.3.11.min.js&/os/yaft/yaft-report-0.3.11.min.js&/os/yaft/yaft-plugin-aftnoad-0.1.5.min.js&os/yaft/yaft-plugin-perfmarks-0.1.5.min.js
        -> user information check
        [script(*)] http://www.w3.org/2000/svg
          [Location] http://www.w3.org/2000/svg.html
      [script] http://tracking.financial-review.net/strapwork/?cwnm5rhl&ad=33502158354&creative=33502158354&device=c&network=n&pubid=ak0n.pYGBTvCuwg--
        -> Suspicious url(NULL)
        [Location] http://tracking.wealthdaily.io/5295685f-ffba-40c3-a90f-78555272140a?ad=&creative=33502158354&device=c&network=n&pubid=$ak0n.pYGBTvCuwg--
          -> Suspicious url(NULL)
          [Location] https://www.binaryuno.com/cmpn/3-steps-2015/?coc=233&subc=wRCCQ1UCQOIKTM06H31PD5CG¶mc=5295685f-ffba-40c3-a90f-78555272140a¶mf=33502158354
            [frame] http://www.googletagmanager.com/ns.html?id=GTM-MT4RVR
            [script] http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
            [script] https://b8e026ae03f1b8ce32ec-073c97c64346f6554c6476c556567180.ssl.cf5.rackcdn.com/js/jquery.placeholder.js
            [script] http://trends.revcontent.com/seg.js.php
            [script] https://www.binaryuno.com/wp-content/themes/BinaryUno/js/timezone2cookie.js
      [script] http://tracking.financial-review.net/strapwork/?er95sqol&ad=33307534388&creative=33307534388&device=c&network=n&pubid=ak0n.pYGBTvCuwg--
        -> Suspicious url(NULL)
        [Location] http://tracking.dailyinvestor.co/a8ad6abe-c1cf-4d2e-b9a4-255b2167ab3e?ad=&creative=33307534388&device=c&network=n&pubid=$ak0n.pYGBTvCuwg--
          -> Suspicious url(NULL)
          [Location] https://www.toroption.com/?coc=2232&subc=w3RE5879TJB5EM061JJ695EO¶mc=n¶mf=a8ad6abe-c1cf-4d2e-b9a4-255b2167ab3e  -> Offline
      [write] http://l.yimg.com/rq/darla/2-9-20  -> Offline

*Country

211.169.73.65 (, Republic of Korea)

*Whois
query : sbw.or.kr

# KOREAN(UTF8)

도메인이름 : sbw.or.kr
등록인 : 서부종합사회복지관
등록인 주소 : 제주 제주시 한림읍 한림리 1266
등록인 우편번호 : 695932
책임자 : 안원식
책임자 전자우편 : daamoa@hanmail.net
책임자 전화번호 : 064-796-9091
등록일 : 2004. 08. 18.
최근 정보 변경일 : 2022. 03. 14.
사용 종료일 : 2028. 08. 18.
정보공개여부 : Y
등록대행자 : (주)아사달(http://www.asadal.co.kr)
DNSSEC : 미서명

1차 네임서버 정보
호스트이름 : ns1.anyline.co.kr
IP 주소 : 211.169.73.4

2차 네임서버 정보
호스트이름 : ns2.anyline.co.kr
IP 주소 : 211.169.73.5

네임서버 이름이 .kr이 아닌 경우는 IP주소가 보이지 않습니다.

# ENGLISH

Domain Name : sbw.or.kr
Registrant : seobu
Registrant Address : Korea, 1266
Registrant Zip Code : 695932
Administrative Contact(AC) : ..
AC E-Mail : daamoa@hanmail.net
AC Phone Number : 064-796-9091
Registered Date : 2004. 08. 18.
Last Updated Date : 2022. 03. 14.
Expiration Date : 2028. 08. 18.
Publishes : Y
Authorized Agency : Asadal, Inc.(http://www.asadal.co.kr)
DNSSEC : unsigned

Primary Name Server
Host Name : ns1.anyline.co.kr
IP Address : 211.169.73.4

Secondary Name Server
Host Name : ns2.anyline.co.kr
IP Address : 211.169.73.5

- KISA/KRNIC WHOIS Service -

Website Check

Report