Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP IT

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2017.01.04 14:32
*Site : http://snojo.or.kr/editor/SmartEditor3Skin.html
*Title : 네이버 :: Smart Editor 2 ™
*Info : 211.255.23.44, KR(, Korea, Republic of)
*Check url : 101 counts
*Loading time : 1.960253sec
*Reference
  - MANGOSCAN : not found
  - VIRUSTOTAL : URL Hash not found,  FILE Hash not found
  - Google SafeBrowsing(GSB) : snojo.or.kr is not found
*Result
 (1) user cookie check - 4count
 (2) user information check - 2count
 (3) Suspicious script has been detected (js.users.51.la(JS/Redir.MA.gen)) - 2count
 (4) Suspicious script has been detected (Obfuscation packer:EnPack) - 2count
 (5) http://lib.tongjii.us/tongji.js - 1count
 (6) http://lib.tongjii.us/tj.js - 1count
 (7) http://js.users.51.la/16756970.js - 1count
 (8) http://dns.tongjii.us/dns/ - 1count
 (9) http://cn.tongjii.us/show1.js?r2= - 1count
 (10) http://cn.tongjii.us/show1.js?r1= - 1count
 (11) http://ccc.tongji.in/dns/dns.js?r1= - 1count
 (12) Malicious URL(http://lib.tongjii.us/tongji.js) - 1count
 (13) user information check - 1count
 (14) user cookie check - 1count
 (15) Suspicious url(NULL) - 1count
 (16) Suspicious script has been detected (Obfuscation packer:EnPack) - 1count


Public Link : http://zerocert.org/?code=a0076ed4782d20880b88066bae1992217a09812dbaaec8567e4ef11cf3e2343a

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain not found
  • same Domain not found

http://snojo.or.kr/editor/SmartEditor3Skin.html
  [script] http://snojo.or.kr/editor/js/jindo.min.js
    -> Suspicious script has been detected (Obfuscation packer:EnPack)
    -> user information check
    -> user cookie check
    [script] http://snojo.or.kr/editor/js/lib/jindo.all.js  -> Offline
    [script] http://lib.tongjii.us/tj.js -> Malware url
      -> Malicious URL(http://lib.tongjii.us/tongji.js)
      [Decode] http://lib.tongjii.us/tongji.js -> Malware url
        -> Suspicious script has been detected (Obfuscation packer:EnPack)
        [script] http://lib.sinaapp.com/js/jquery/1.8/jquery.min.js
        [script] http://cn.tongjii.us/show1.js?r1= -> Malware url
          -> Suspicious script has been detected (js.users.51.la(JS/Redir.MA.gen))
          -> user information check
          -> user cookie check
          [script] http://js.users.51.la/2771713.js
            -> user cookie check
          [script] http://js.users.51.la/16756970.js -> Malware url
            -> user cookie check
            [script] http://web.51.la:82/go.asp?svid=7&id=16756970&tpages=
            [script] http://www.51.la/?16756970
          [script] http://js.users.51.la/17463618.js
          [script] http://www.icuiya.com/index.php?m=index&a=so&k=%E9%98%BF%E9%81%93%E5%A4%AB
          [script] http://m.logs.tongjii.us/
          [script] http://bd.m.logs.tongjii.us/
          [script] http://bd.logs.tongjii.us/
          [script] http://gotu.lookshop.in/click/r.php?target=
          [script] http://gotu.lookshop.in/click/form.php?hid=1&target=
          [script] http://jq.qq.com/?_wv=1027&k=27VDfjh
          [script] http://ccc.tongji.in/dns/dns.js?r1= -> Malware url
            -> Suspicious url(NULL)
          [script] http://dns.tongjii.us/dns/ -> Malware url  -> Offline
          [script] http://cookie.tongji.in/click/cookie.php?names=
          [script] http://cookie.tongji.in/click/cookie.php?name=sbj_tiao&save=1&jsoncallback=?
          [script] http://int.dpool.sina.com.cn/iplookup/iplookup.php?format=js
          [script] http://www.lookshop.in/
          [script] http://www.whtongyuanyy.com/tm.php
          [script] http://hd.shaibaoj.in:8080/egou.php
          [script] http://wwwe.shaibaoj.com/tm.php?hd=1111
          [script] http://hd.cjjzmx.com:8090/click/top.php?referer=
          [script] http://www.shaibaoj.com/?m=search&a=index&k=
          [script] http://www.haosou.com
          [script] http://www.haosou.com?q=
          [script] http://www.sm.cn
          [script] http://www.sm.cn?q=
          [script] http://www.sina.com.cn
          [script] http://www.sina.com.cn?q=
          [script] http://www.baidu.com
          [script] http://www.baidu.com?word=
          [script] http://m.baidu.com
          [script] http://m.baidu.com?word=
          [script] http://www.so.com
          [script] http://www.so.com?q=
          [script] http://www.soso.com
          [script] http://www.soso.com?q=
          [script] http://www.sogou.com
          [script] http://www.sogou.com?query=
          [script] http://www.google.com.hk
          [script] http://www.google.com.hk?query=
          [script] http://so.360.cn
          [script] http://so.360.cn?q=
          [script] http://cn.bing.com
          [script] http://cn.bing.com/search?q=
          [script] http://www.youdao.com
          [script] http://www.youdao.com/search?q=
          [script] http://wo.com.cn
          [script] http://shaibaoj.oss-cn-shanghai.aliyuncs.com/youhui3.html?
          [script] http://gotu.lookshop.in/click/pd.php
          [script] http://hd.cjjzmx.com:8090/click/pd.php?referer=
          [script] http://youpin.shaibaoj.com/r.php?target=
          [script] http://wwwc.shaibaoj.com/tm.php?hd=1111
          [script] http://cookie.tongji.in/click/cookie.php?names=tb_cps&jsoncallback=?
          [script] http://cookie.tongji.in/click/cookie.php?name=tb_cps×=6&save=1&jsoncallback=?
          [script] http://www.shaibaoj.in:8080/mall.php
          [script] http://www.jihaode.cn/item-index-id-
          [script] http://www.mmbbjia.com/item-index-id-
          [script] http://www.mmbbjia.com/cpv.php
          [script] http://cookie.tongji.in/click/cookie.php?names=tb_qq&jsoncallback=?
          [script] http://cookie.tongji.in/click/cookie.php?name=tb_qq×=2400&save=1&jsoncallback=?
        [script] http://cn.tongjii.us/show1.js?r2= -> Malware url
          -> Suspicious script has been detected (js.users.51.la(JS/Redir.MA.gen))
          -> user information check
          -> user cookie check
    [script] http://dev.naver.com/projects/jindo/wiki/cross
    [script] http://local.com/some/client.html]
    [script] http://server.com/some/some.php
    [script] http://local.naver.com/some/ajax_local_callback.html
    [script] http://server.com/some/some.php]
    [script] http://www.remote.com
    [script] http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0
    [script] http://www.macromedia.com/go/getflashplayer
    [script] http://www.naver.com
    [script] http://www.hangame.com/
    [script] http://www.hangame.com
    [script] http://devcafe.nhncorp.com/ajaxui/295768)
    [script] http://devcode.nhncorp.com/projects/jindo/wiki/EventDelegate
    [script] http://javascript.nwbox.com/IEContentLoaded/
    [script] http://naver.com">Naver
    [script] http://naver.com
    [script] http://ko.wikipedia.org/wiki/UTF-8).
    [script] http://www.php.net/manual/en/function.sprintf.php
    [script] http://www.daum.net
    [script] http://www.yahoo.co.kr
    [script] http://ko.wikipedia.org/wiki/UTC
    [script] http://www.quirksmode.org/
  [script] http://snojo.or.kr/editor/js/jindo_component.js
  [script] http://snojo.or.kr/editor/js/SE2B_Configuration.js
  [script] http://snojo.or.kr/editor/js/SE2BasicCreator.js
  [script] http://snojo.or.kr/editor/js/loader-min.js
    -> Suspicious script has been detected (Obfuscation packer:EnPack)
    [script] http://api.se2.naver.com/1/colortable/TextAdd.nhn?text_data=
    [script] http://api.se2.naver.com/1/colortable/TextDelete.nhn?text_data=
    [script] http://api.se2.naver.com/1/colortable/TextList.nhn
    [script] http://HUSKY_TMP.MARKER/
    [script] http://static.se2.naver.com/static/img/
    [write] http://(?:(?! |s|
*Country
unknown



*Whois
query : snojo.or.kr


# KOREAN(UTF8)

상기 도메인이름은 등록되어 있지 않습니다.
상기 도메인이름의 사용을 원하실 경우 도메인이름 등록대행자를 통해
등록 신청하시기 바랍니다.



# ENGLISH

The requested domain was not found in the Registry or Registrar’s WHOIS Server.



- KISA/KRNIC WHOIS Service -


*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

[Info] Changing api service domain address (center.zerocert.org -> cert.zero.camp), API Reference

- Today malware detected : 380 counts