Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2020.09.15 07:05
*Site : http://takesupport.us/
*Title : Take Support - Download Software
*Info : 107.180.50.187, US(Scottsdale, United States)
*Check url : 21 counts
*Loading time : 20.298314sec
*Reference
  - VIRUSTOTAL : URL Hash 2020-09-14 10:03:11 3/79,  FILE Hash not found
  - Google SafeBrowsing(GSB) : takesupport.us is not found
*Result
 (1) Suspicious url(NULL) - 2count
 (2) http://www.ammyy.com/AA_v3.exe - 1count
 (3) user tracking code (google-analytics.com) - 1count
 (4) user information check - 1count
 (5) EXE File Signatures - 1count
 (6) (+) MD5 : revosetup.exe (8f11f6f501842000335db691143ffb9f) - 1count


Public Link : http://zerocert.org/?code=181227801564bfa9b9da5d2e67b64bbdd8fb9384f3359af7550b1f08ca43245c

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 2020/09/15 악성URL 삽입된 적이 있습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain : takesupport.us → 1cnts [Node View]
  • Relation ip : 107.180.50.187 → 1cnts [Node View]
  • same Domain not found
  • same IP not found
  • same IP bands: 107.180.50.x 3cnts
  • same ASN : AS26496 312cnts

http://takesupport.us/
  [script] https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js
  [script] https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js
  [script] http://takesupport.us/js/jquery.js
  [script] http://takesupport.us/js/bootstrap.min.js
  [script] http://takesupport.us/js/docs.js
  [script] http://files.downloadnow-1.com/s/software/15/78/11/40/iobituninstaller.exe?token=1501172997_e06e00de40610dc9347d0014a23dd53e&fileName=iobituninstaller.exe  -> Offline
  [exe] https://download.teamviewer.com/download/TeamViewer_Setup.exe
    [Location] https://dl.teamviewer.com/download/TeamViewer_Setup.exe
      -> Suspicious url(NULL)
      [Location] https://dl.teamviewer.com/download/download/version_15x/TeamViewer_Setup.exe
  [exe] http://takesupport.us/assets/AA_v3.exe  -> Offline
  [exe] http://download3.showmypc.com/ShowMyPC3515.exe  -> Offline
  [exe] http://takesupport.us/assets/gta.exe  -> Offline?
  [exe] http://www.ammyy.com/AA_v3.exe -> Malware url
    [Location] https://www.ammyy.com/AA_v3.exe
      -> Suspicious url(NULL)
      [Location] http://www.ammyy.com/en/downloads.html
        [Location] https://www.ammyy.com/en/downloads.html
          -> user tracking code (google-analytics.com)
          [script(*)] http://www.google-analytics.com/ga.js
            -> user information check
  [exe] http://takesupport.us/assets/revosetup.exe
    -> (+) MD5 : revosetup.exe (8f11f6f501842000335db691143ffb9f)
    -> EXE File Signatures
    [script] http://schemas.microsoft.com/SMI/2005/WindowsSettings  -> Offline
    [script] http://ts-ocsp.ws.symantec.com0  -> Offline?
*Country
takesupport.us - US, 107.180.50.187 (Scottsdale, United States)



*Whois
Domain Name: takesupport.us
Registry Domain ID: D49792163-US
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: whois.godaddy.com
Updated Date: 2020-05-28T11:18:59Z
Creation Date: 2015-05-23T14:23:42Z
Registry Expiry Date: 2021-05-22T23:59:59Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Registry Registrant ID: C49792159-US
Registrant Name: Nugetech Solutions LLC
Registrant Organization:
Registrant Street: 357 twelve oaks drive
Registrant Street:
Registrant Street:
Registrant City: winter springs
Registrant State/Province: Florida
Registrant Postal Code: 32708
Registrant Country: us
Registrant Phone: +1.5165138377
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: nugetechsolutions@gmail.com
Registrant Application Purpose: P1
Registrant Nexus Category: C11
Registry Admin ID: C49792161-US
Admin Name: Nugetech Solutions LLC
Admin Organization:
Admin Street: 357 twelve oaks drive
Admin Street:
Admin Street:
Admin City: winter springs
Admin State/Province: Florida
Admin Postal Code: 32708
Admin Country: us
Admin Phone: +1.5165138377
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: nugetechsolutions@gmail.com
Admin Application Purpose: P1
Admin Nexus Category: C11
Registry Tech ID: C49792160-US
Tech Name: Nugetech Solutions LLC
Tech Organization:
Tech Street: 357 twelve oaks drive
Tech Street:
Tech Street:
Tech City: winter springs
Tech State/Province: Florida
Tech Postal Code: 32708
Tech Country: us
Tech Phone: +1.5165138377
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: nugetechsolutions@gmail.com
Tech Application Purpose: P1
Tech Nexus Category: C11
Name Server: ns54.domaincontrol.com
Name Server: ns53.domaincontrol.com
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2020-09-22T03:52:29Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

Registry Services, LLC, the Registry Administrator for .US, has collected this information for the WHOIS database through a .US-Accredited Registrar. This information is provided to you for informational purposes only and is designed to assist persons in determining contents of a domain name registration record in the registry database. Registry Services, LLC makes this information available to you "as is" and does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data: (1) to allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone; (2) in contravention of any applicable data and privacy protection laws; or (3) to enable high volume, automated, electronic processes that apply to the registry (or its systems). Compilation, repackaging, dissemination, or other use of the WHOIS database in its entirety, or of a substantial portion thereof, is not allowed without our prior written permission. We reserve the right to modify or change these conditions at any time without prior or subsequent notification of any kind. By executing this query, in any manner whatsoever, you agree to abide by these terms. NOTE: FAILURE TO LOCATE A RECORD IN THE WHOIS DATABASE IS NOT INDICATIVE OF THE AVAILABILITY OF A DOMAIN NAME. All domain names are subject to certain additional domain name registration rules. For details, please visit our site at www.whois.us.

*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

- Today malware detected : 1185 counts