Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP IT

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2015.06.18 07:40
*Site : http://ohncyr.com.ne.kr/index.html
*Title :
*Info : 211.119.245.165, KR(, Korea, Republic of)
*Check url : 35 counts
*Loading time : 3.276092sec
*Google SafeBrowsing(GSB) : ohncyr.com.ne.kr is Not found
*Result
 (1) EXE File Signatures - 6count
 (2) APK File Signatures - 1count
 (3) http://elantrasantrope.ru/nightparty.html - 1count
 (4) ZIP File Signatures - 1count
 (5) Suspicious script has been detected (http://) - 1count
 (6) Suspicious script has been detected (eval(unescape(?))) - 1count
 (7) Suspicious script has been detected (document.write(unescape(?))) - 1count


http://zerocert.org/?code=77bd89aeceaa2f22f3d87bbf610db4071bfa99f8388c3defba58fc2fe67b244a

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain not found
  • Relation ip not found
  • same Domain not found
  • same IP : 199.59.243.228 3cnts
  • same IP bands: 199.59.243.x 4cnts
  • same ASN : 32350cnts

http://ohncyr.com.ne.kr/index.html
    -> Suspicious script has been detected (http://)
    -> Suspicious script has been detected (document.write(unescape(?)))
    -> Suspicious script has been detected (eval(unescape(?)))
  [Location] http://chanjuri.ivyro.net
    [Location] http://chanjuri.ivyro.net/gongzis.htm
    [Location] http://chanjuri.ivyro.net/gong.htm
    [Location] http://chanjuri.ivyro.net/up.htm
      [Location] http://chanjuri.ivyro.net/up10.htm
      [Location] http://chanjuri.ivyro.net/up11.htm
      [Location] http://chanjuri.ivyro.net/wbgm.html
        [script] http://chanjuri.ivyro.net/
    [Location] http://chanjuri.ivyro.net/0-1.htm
      [Location] http://chanjuri.ivyro.net/up-1.htm
        [apk] http://chanjuri.ivyro.net/SendAnywherePro.apk
          -> (+) SendAnywherePro.apk / 3f43ccc6f08de4fb2ffade31242fc0ce
          -> ZIP File Signatures
          -> APK File Signatures
        [exe] http://chanjuri.ivyro.net/GoClean.exe
          -> (+) GoClean.exe / b92f097df7a5d619fedf3b29e0bb9d40
          -> EXE File Signatures
        [exe] http://chanjuri.ivyro.net/Rnfqb.exe
        [exe] http://chanjuri.ivyro.net/winrar.exe
          -> (+) winrar.exe / 989bf1db75131c582890d81b3430e1af
          -> EXE File Signatures
        [exe] http://chanjuri.ivyro.net/wavepad.exe
          -> (+) wavepad.exe / b57eecc50d628f9f30d50cafd9751082
          -> EXE File Signatures
        [exe] http://chanjuri.ivyro.net/spell.exe
          -> (+) spell.exe / 742dbdb00611692742393fab6adae3ab / Virustotal : 2009-11-28 03:18:15 2/41
          -> EXE File Signatures
      [Location] http://chanjuri.ivyro.net/indexxx.html
        [Location] http://chanjuri.ivyro.net/left1.htm
          [script] http://www.sarang.org/sogae/ynj/soyori_main.htm  -> Offline
          [script] http://www.korea-stock.com/cgi-bin/detail.cgi  -> Offline?
          [exe] http://chanjuri.ivyro.net/radio.exe  -> Offline
          [exe] http://chanjuri.ivyro.net/exradio.exe  -> Offline
          [exe] http://chanjuri.ivyro.net/Sound.exe
            -> (+) Sound.exe / 899911b650c447ab464ff3c893e1917e
            -> EXE File Signatures
        [Location] http://chanjuri.ivyro.net/aaa1.htm
          [frame] http://bible.godpia.com/iframe/sear_online_ifr.asp
            [script] http://bible.godpia.com/js/ajaxForm_091223.js
            [script] http://newbible.godpia.com/Main.asp#byMenuItem=red_010_01m&personid=&BIBLE_KD=
            [script] http://bible.godpia.com/popup.asp
          [script] http://www.godpia.com/player/play.asp?mode=check&i=173&d=sarang&t=total_vod&play_name=vod_link&db_idx=
            [script] http://www.godpia.com
          [script] http://www.godpia.com/player/conf_.asp?mode=check&play_name=  -> Offline
          [exe] http://chanjuri.ivyro.net/Favorites.exe
            -> (+) Favorites.exe / 7d332a45fec6b5467043464d6fe40083 / Virustotal : 2014-02-07 12:44:28 1/48
            -> EXE File Signatures
          [exe] http://www.pcany.net/download/host/program_kr/PCAny_Setup.exe  -> Offline
  [ascii] http://elantrasantrope.ru/nightparty.html -> Malware url  -> Offline
*Country
ohncyr.com.ne.kr - US, 199.59.243.228 (, United States)



*Whois
query : com.ne.kr


# KOREAN(UTF8)

도메인이름 : com.ne.kr
등록인 : 사이버21
책임자 : 사이버21
책임자 전자우편 : guider@gmail.com
등록일 : 2016. 11. 16.
최근 정보 변경일 : 2024. 04. 17.
사용 종료일 : 2031. 11. 16.
정보공개여부 : N
등록대행자 : 메가존(주)(http://HOSTING.KR)
DNSSEC : 미서명
등록정보 보호 : clientTransferProhibited

1차 네임서버 정보
호스트이름 : ns1.bodis.com

2차 네임서버 정보
호스트이름 : ns2.bodis.com

네임서버 이름이 .kr이 아닌 경우는 IP주소가 보이지 않습니다.


# ENGLISH

Domain Name : com.ne.kr
Registrant : CYBER21
Administrative Contact(AC) : CYBER21
AC E-Mail : guider@gmail.com
Registered Date : 2016. 11. 16.
Last Updated Date : 2024. 04. 17.
Expiration Date : 2031. 11. 16.
Publishes : N
Authorized Agency : Megazone(http://HOSTING.KR)
DNSSEC : unsigned
Domain Status : clientTransferProhibited

Primary Name Server
Host Name : ns1.bodis.com

Secondary Name Server
Host Name : ns2.bodis.com


- KISA/KRNIC WHOIS Service -


*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

[Info] Changing api service domain address (center.zerocert.org -> cert.zero.camp), API Reference