ZeroCERT Team

Report

Result
Link
Whois
Reference

*Date : 2016.05.10 19:21
*Site : http://tdisk.co.kr
*Title : ★티디스크- 최신무료다운! 초고속! 국내최저가!★
*Info : 121.78.186.169, KR(Seoul, Korea, Republic of)
*Check url : 151 counts
*Loading time : 19.993279sec
*Google SafeBrowsing(GSB) : tdisk.co.kr is Not found
*Result
(1) user information check - 18count
(2) Suspicious script has been detected (Space & Horizontal Tab) - 11count
(3) user tracking code (google-analytics.com) - 8count
(4) Suspicious url(NULL) - 7count
(5) user cookie check - 6count
(6) Suspicious script has been detected (Space & Horizontal Tab) - 2count
(7) user cookie check - 2count
(8) CAB File Signatures - 2count
(9) http://smsmaster.co.kr/mcash_va/js/click2/cdn.php - 1count
(10) http://smsmaster.co.kr/mcash_va/js/click2/as.php - 1count
(11) user tracking code (google-analytics.com) - 1count
(12) user information check - 1count
(13) Suspicious script has been detected (document.write(unescape(?))) - 1count
(14) SWF File Signatures - 1count

http://zerocert.org/?code=4ef3253aad08f1c601648271217eb594f638992016565984818189800221e15c

*Latest detected Domain

이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
Relation domain not found
Relation ip not found
same Domain not found
same IP not found
same IP bands not found
same ASN not found

http://tdisk.co.kr
    -> (+) tdisk.co.kr / b3b61639202d98a2982ff5683a720f49
    -> Suspicious script has been detected (Space & Horizontal Tab)
  [script] http://smsmaster.co.kr/mcash_va/js/click2/cdn.php -> Malware url
    -> Suspicious script has been detected (document.write(unescape(?)))
    -> user cookie check
    [script] http://smsmaster.co.kr/mcash_va/js/click2/as.php -> Malware url  -> Offline
    [frame(*)] http://smsmaster.co.kr/mcash%5Fva/js/click2/as.php
  [Location] http://tdisk.co.kr/main/index.php
    -> (+) index.php / f91018b8b79c374c807e6899b150c895
    -> Suspicious script has been detected (Space & Horizontal Tab)
    -> user tracking code (google-analytics.com)
    -> user information check
    -> user cookie check
    [script(*)] http://www.google-analytics.com/ga.js
      -> user information check
    [location] http://tdisk.co.kr/main/charge.php?doc=point
    [script] http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
      -> user information check
    [script] http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/m.tdisk&layout=button_count&show_faces=false&width=300&action=like&colorscheme=light&height=30
      -> Suspicious url(NULL)
      [Location] https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fm.tdisk&layout=button_count&show_faces=false&width=300&action=like&colorscheme=light&height=30
    [script] http://wimg.tdisk.co.kr/td_top/bottom_banner.gif?a=201605
    [script] http://wimg.tdisk.co.kr/td_top/bottom_banner3.gif?a=201605
    [frame] http://tdisk.co.kr/main/popup/popup_141202.html
      -> (+) popup_141202.html / 48c0f112c6bb12e4be8f34a4a0e8b9a1
      -> Suspicious script has been detected (Space & Horizontal Tab)
      [script] http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd  -> Offline?
      [script] http://www.w3.org/1999/xhtml
        [Location] http://www.w3.org/1999/xhtml/
      [script] http://wimg.tdisk.co.kr/event/comeback/event_main.jpg)  -> Offline
    [frame] http://tdisk.co.kr/main/main_banner.php
      -> (+) main_banner.php / 97d75167520ecbd9d8c42f45728cc9ef
      -> Suspicious script has been detected (Space & Horizontal Tab)
      -> user information check
      [script] http://tdisk.co.kr/main/js/tdiskjjj.js
      [script] http://www.tdisk.co.kr/main/event.php?doc=150430_event
        -> user tracking code (google-analytics.com)
        -> user information check
        [frame] http://www.tdisk.co.kr/main/event/reply4.html?type=grandfather
        [script] http://www.tdisk.co.kr/main/js/basic_sh.php
        [script] http://www.tdisk.co.kr/main/js/httpRequest.php
        [script] http://www.tdisk.co.kr/main/js/rolling1.php
        [script] http://www.tdisk.co.kr/default/js/script2.php
        [script] http://www.tdisk.co.kr/default/js/jquery-1.4.3.min.php
        [script] http://www.tdisk.co.kr/main/js/popjs.php
        [script] http://www.tdisk.co.kr/main/js/mask.php
        [script] http://www.tdisk.co.kr/main/js/join.php
        [script] http://www.tdisk.co.kr/tdisk_html/js/header.js
        [script] http://www.tdisk.co.kr/main/slb.php
        [script] http://www.tdisk.co.kr/main/js/eventjs.php
    [script] http://tdisk.co.kr/main/js/basic_sh.php
      -> user information check
      -> user cookie check
      [frame] http://tdisk.co.kr/main/popup/addShortcut.php
        (+) addShortcut.php / 41426430d12e1d482e374eaac1c98f0c
        -> Suspicious script has been detected (Space & Horizontal Tab)
        [script] http://tdisk.co.kr/main/js/basic.php
          -> user cookie check
        [script] http://tdisk.co.kr/mmsv/mmsv.js
        [script] http://tdisk.co.kr/
      [applet] http://tdisk.co.kr/main/js/+FLASHCAB+  -> Offline
      [applet] http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0
        -> Suspicious url(NULL)
        [Location] http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          -> (-) a1d85f09fad17c28b3fa3682391f59ae
          -> CAB File Signatures
    [script] http://tdisk.co.kr/main/js/httpRequest.php
      -> user information check
    [script] http://tdisk.co.kr/main/js/rolling1.php
    [script] http://tdisk.co.kr/default/js/script2.php
      [applet] http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0
        -> Suspicious url(NULL)
        [Location] http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
          -> (-) a1d85f09fad17c28b3fa3682391f59ae
          -> CAB File Signatures
    [script] http://tdisk.co.kr/default/js/jquery-1.4.3.min.php
    [script] http://tdisk.co.kr/main/js/popjs.php
      -> user cookie check
    [script] http://tdisk.co.kr/main/js/mask.php
    [script] http://tdisk.co.kr/main/js/join.php
      [script] http://www.ok-name.co.kr/oknm/okname.jsp?restCode=B001
        [Location] http://www.ok-name.co.kr/oknm/member/html/popup.html
    [script] http://tdisk.co.kr/tdisk_html/js/header.js
      [applet] http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0
        -> Suspicious url(NULL)
    [script] http://tdisk.co.kr/tdisk_html/js/jquery.cycle.all.min.js
    [script] http://tdisk.co.kr/tdisk_html/js/iepngfix_tilebg.js
    [script] http://tdisk.co.kr/main/js/storage.php
    [script] http://tdisk.co.kr/tdisk_html/js/main_banner.php
    [script] http://tdisk.co.kr/main/slb.php
      -> user information check
    [location] http://www.tdisk.co.kr/
      [Location] http://www.tdisk.co.kr/main/index.php
        (+) index.php / 13b9e4c8cc64fac5743b0f5a61e19404
        -> Suspicious script has been detected (Space & Horizontal Tab)
        -> user tracking code (google-analytics.com)
        -> user information check
        -> user cookie check
        [frame] http://www.tdisk.co.kr/main/popup/popup_141202.html
          -> (-) 48c0f112c6bb12e4be8f34a4a0e8b9a1
          -> Suspicious script has been detected (Space & Horizontal Tab)
        [frame] http://www.tdisk.co.kr/main/main_banner.php
          -> (-) 97d75167520ecbd9d8c42f45728cc9ef
          -> Suspicious script has been detected (Space & Horizontal Tab)
          -> user information check
          [script] http://www.tdisk.co.kr/main/js/tdiskjjj.js
        [script] http://www.tdisk.co.kr/tdisk_html/js/jquery.cycle.all.min.js
        [script] http://www.tdisk.co.kr/tdisk_html/js/iepngfix_tilebg.js
        [script] http://www.tdisk.co.kr/main/js/storage.php
        [script] http://www.tdisk.co.kr/tdisk_html/js/main_banner.php
    [location] http://tdisk.co.kr/main/storage.php?doc=castTable
      -> (-) 64b5cf8e8bf0048ca203afc74a2eed1b
      -> Suspicious script has been detected (Space & Horizontal Tab)
      -> user tracking code (google-analytics.com)
      -> user information check
      [script] http://tdisk.co.kr/main/js/storage_new.php
      [script] http://wimg.tdisk.co.kr/event/chart/bgtd.png)no-repeat  -> Offline
    [location] http://tdisk.co.kr/intro.php?dpy=
    [location] http://tdisk.co.kr/main/doc.php?doc=join
      -> user tracking code (google-analytics.com)
      -> user information check
    [location] http://www.tdisk.co.kr/main/charge.php?doc=point
    [location] http://www.tdisk.co.kr/main/event.php?doc=upload05
      -> user tracking code (google-analytics.com)
      -> user information check
      [frame] http://www.tdisk.co.kr/main/event/reply_upload.php?type=3
        (+) reply_upload.php / 7719dfd6c4f2b6ffb92266f78708d09f
        -> Suspicious script has been detected (Space & Horizontal Tab)
        [script] http://www.tdisk.co.kr/main/js/basic.php
          -> user cookie check
          [frame] http://www.tdisk.co.kr/main/popup/addShortcut.php
          [applet] http://www.tdisk.co.kr/main/js/+FLASHCAB+
    [location] http://www.tdisk.co.kr/main/event.php?doc=sd
      -> user tracking code (google-analytics.com)
      -> user information check
    [location] http://tdisk.co.kr/main/event.php?doc=televent
      -> (+) event.php / a96ddfb21ed788e887b2113814b7d4ac
      -> Suspicious script has been detected (Space & Horizontal Tab)
      -> user tracking code (google-analytics.com)
      -> user information check
      [script] http://tdisk.co.kr/main/js/eventjs.php
      [script] http://tdisk.co.kr/intro.php?joinid=culture
      [script] http://tdisk.co.kr/intro.php?joinid=postbox
      [script] http://wimg.tdisk.co.kr/event/130813/televent_box_bg.gif)  -> Offline
      [script] http://pay.tdisk.co.kr/MCASH_NEW/phone/mc_web.php
        -> Suspicious url(NULL)
      [script] http://pay.tdisk.co.kr/billgate/Ready_new.php
      [script] http://pay.tdisk.co.kr/MCASH_NEW/bank/paybank.php
      [script] http://pay.tdisk.co.kr/MCASH_NEW/va/step1.php
        [frame] https://www.mcash.co.kr/notice/noticeView.php?cash=va&bg=F0F0F0&wd=100%&ht=20&border=0&bcolor=highlignt&bstyle=solid&&color=000080&font=돋움&size=9&weight=bold&speed=1&delay=15
        [script] http://pay.tdisk.co.kr/MCASH_NEW/va/js/step1.js
      [script] http://pay.tdisk.co.kr/pointpark3/point.php
        [script] http://pay.tdisk.co.kr/pointpark3/js/data.js
        [script] http://pay.tdisk.co.kr/pointpark3/js/common.js
        [script] http://www.pointpark.com/html/guide/PG_provision.html
      [script] http://pay.tdisk.co.kr/INIpay41/index.php
        -> user information check
        [script] http://plugin.inicis.com/pay40_check.js
      [script] http://www.tdisk.co.kr/main/popup/mileage_step1.php
      [script] http://pay.tdisk.co.kr/MCASH_NEW/PB/pb_web.php
        [script] https://mcash.mobilians.co.kr/js/ext/ext_inc_comm.js
      [script] http://pay.tdisk.co.kr/Daoupay/Ready.php
    [script] http://www.tdisk.co.kr
    [script] http://wimg.tdisk.co.kr/td_top/top_bg.gif)  -> Offline
    [script] http://wimg.tdisk.co.kr/td_top/cate_all_bg_01.png);  -> Offline
    [script] http://wimg.tdisk.co.kr/td_top/main_bg.jpg);  -> Offline
    [script] http://wimg.tdisk.co.kr/td_top/lypop_bg3.png)  -> Offline
    [script] http://game.freechal.com/_event/NewBaduki_CBT/Default.asp  -> Offline?
    [script] http://www.tvhottv.tv/?p_id=web01
      [Location] http://www.daltv.co.kr
        -> Suspicious url(NULL)
        [Location] http://www.daltv.co.kr/default.asp
          [script] http://www.daltv.co.kr/js/plugin/plugin.min.js
            [script] http://dinbror.dk/bpopup
          [script] http://www.daltv.co.kr/js/default.js
    [script] http://as82.kr/tdisk
      [Location] http://as82.kr/tdisk/
        [Location] http://as82.kr/tdisk/start.html
    [script] http://setup.tdisk.co.kr/mmsv/Tdisk_setup.exe
    [script] http://get.daum.net/PotPlayer/v2/PotPlayerSetup.exe
    [script] http://app.gomtv.com/gomaudio/GOMAUDIOSETUP.EXE
    [script] http://copyright.tdisk.co.kr/
    [script] http://copyright.mureka.co.kr/
      [Location] http://copyright.mureka.co.kr/include/session.jsp
        [script] http://copyright.mureka.co.kr/js/liveclock.js
          [script] http://www.dynamicdrive.com
            [script] http://www.google.com/jsapi
            [script] http://www.dynamicdrive.com/ddincludes/gfeedfetcher.js
            [script] http://www.dynamicdrive.com/ddincludes/scriptsv21.js
            [script] http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
            [script] http://www.dynamicdrive.com/ddincludes/adbannerv2.js?refresh=4
            [script] http://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=dynamicdrive
          [script] http://www.wsabstract.com
      [Location] http://copyright.mureka.co.kr/main/main.jsp
        [script] http://copyright.mureka.co.kr/js/global.js
        [script] http://copyright.mureka.co.kr/js/cookie.js
          -> user cookie check
        [script] http://copyright.mureka.co.kr/js/ajaxfuc.js
        [script] http://copyright.mureka.co.kr/js/calendar.js
        [script] http://copyright.mureka.co.kr/js/prototype-1.6.0.2.js
          -> user information check
    [script] http://www.mureka.co.kr/
      [script] http://code.jquery.com/jquery-latest.js
      [script] http://www.mureka.co.kr/201507/js/mureka_script.js
      [script] http://www.mureka.co.kr/201507/js/jquery.bpopup.min.js
        -> user information check
      [script] http://www.mureka.co.kr/201507/js/jquery.slides.min.js
    [script] http://www.tdisk.co.kr/main/doc.php?doc=join_regist
      -> user tracking code (google-analytics.com)
      -> user information check
      [frame] http://www.tdisk.co.kr/main/etc/mb_agree.htm
        (+) mb_agree.htm / 8ebf1354dbeb6e13cea522a5830ad4ea
        -> Suspicious script has been detected (Space & Horizontal Tab)
      [frame] http://www.tdisk.co.kr/main/etc/mb2_agree.htm
        (+) mb2_agree.htm / 389dbea029153c6bf012166ca8929585
        -> Suspicious script has been detected (Space & Horizontal Tab)
        [script] http://www.tdisk.co.kr)서비스  -> Offline?
        [script] http://icic.sppo.go.kr/02-3480-3600)
    [script] http://wimg.tdisk.co.kr/td_top/freezone_bg.png);  -> Offline
    [script] http://klash.ggamnol.com/event/event_131017.asp?pid=tdisk&game=klash  -> Offline?
    [script] http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0
      -> Suspicious url(NULL)
    [script] http://wimg.tdisk.co.kr/popup/event_f_dc50.swf?a=541555
      -> SWF File Signatures
  [script] http://wimg.tdisk.co.kr/icon/tdisk.ico

*Country

121.78.198.182 (, Republic of Korea)

*Whois
query : tdisk.co.kr

# KOREAN(UTF8)

도메인이름 : tdisk.co.kr
등록인 : 엔티웍스
등록인 주소 : 서울특별시 금천구 가산디지털1로 171 402호
등록인 우편번호 : 08503
책임자 : 엔티웍스
책임자 전자우편 : cs.filecity@gmail.com
책임자 전화번호 : +82.216662169
등록일 : 2010. 03. 12.
최근 정보 변경일 : 2025. 03. 11.
사용 종료일 : 2026. 03. 12.
정보공개여부 : Y
등록대행자 : (주)가비아(http://www.gabia.co.kr)
DNSSEC : 미서명

1차 네임서버 정보
호스트이름 : ns.gabia.co.kr
IP 주소 : 43.201.170.100

2차 네임서버 정보
호스트이름 : ns1.gabia.co.kr
IP 주소 : 20.200.205.248

네임서버 이름이 .kr이 아닌 경우는 IP주소가 보이지 않습니다.

# ENGLISH

Domain Name : tdisk.co.kr
Registrant : ntworks
Registrant Address : 171, Gasan digital 1-ro, Geumcheon-gu, Seoul,
Registrant Zip Code : 08503
Administrative Contact(AC) : ntworks
AC E-Mail : cs.filecity@gmail.com
AC Phone Number : +82.216662169
Registered Date : 2010. 03. 12.
Last Updated Date : 2025. 03. 11.
Expiration Date : 2026. 03. 12.
Publishes : Y
Authorized Agency : Gabia, Inc.(http://www.gabia.co.kr)
DNSSEC : unsigned

Primary Name Server
Host Name : ns.gabia.co.kr
IP Address : 43.201.170.100

Secondary Name Server
Host Name : ns1.gabia.co.kr
IP Address : 20.200.205.248

- KISA/KRNIC WHOIS Service -

Website Check

Report