Website Check

Check Your Websites for Malicious or Suspicious code.


Website Check v0.8

Check Depth : 0 1 ( Image link)

Accept Language: KO US DE CN JP IT

User-Agent : MSIE Android iPhone Chrome Safari

Private : (Detection results of private)

Save Source :

Report

*Date : 2014.12.15 22:55
*Site : http://ceomap.co.kr
*Info : 218.145.71.155, KR(, Korea, Republic of)
*Check url : 42 counts
*Loading time : 0sec
*Google SafeBrowsing : Suspicious url
*Result
 (1) user information check - 4건 발견
 (2) Suspicious script has been detected (document.write) - 2건 발견
 (3) user cookie check - 2건 발견
 (4) Suspicious script has been detected (http://) - 2건 발견
 (5) Suspicious script has been detected (CVE-2011-2140, Adobe Flash Player) - 1건 발견
 (6) Suspicious script has been detected (CK VIP Exploit Kit) - 1건 발견
 (7) Suspicious script has been detected (CK VIP Exploit Kit #2) - 1건 발견
 (8) http://www.thecouple.co.kr/pay/kcp/cba.html - 1건 발견
 (9) http://www.koreamanse.com/shop/intro/top.gif - 1건 발견
 (10) http://www.egcho.co.kr/egc_webzine/bbs/v/index.html - 1건 발견
 (11) http://174.139.78.214/xx.exe - 1건 발견
 (12) user tracking code (51yes.com) - 1건 발견
 (13) user cookie check - 1건 발견
 (14) Suspicious script has been detected (Obfuscation packer:EnPack) - 1건 발견
 (15) Suspicious script has been detected (Flash Player version check) - 1건 발견
 (16) EXE File Signatures - 1건 발견


http://zerocert.org/?code=ff570e7b59db19f0ab65b6c1f083d542f208a09ee5bcaf4354875c8a985e5123

*Latest detected Domain
  • 이 사이트는 최근 90일 동안 악성URL 삽입된 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드 중개 역할한 적이 없습니다.
  • 이 사이트는 최근 90일 동안 악성코드를 유포한 적이 없습니다.
  • Relation domain not found
  • Relation ip not found
  • same Domain not found
  • same IP not found
  • same IP bands not found
  • same ASN not found

http://ceomap.co.kr
  [location] http://www.koreamanse.com/v2/html_file.php?file=goodsite.html&file2=default2.html
    -> user cookie check
    [swf] http://www.koreamanse.com/v2/SCRIPT  -> Offline
    [swf] http://www.koreamanse.com/v2/flash_swf/s_weather_api.swf -> pass
    [swf] http://www.koreamanse.com/v2/flash_swf/cloudtag.swf -> pass
    [script] http://www.koreamanse.com/v2/js/flash.js
      -> user cookie check
      [swf] http://www.koreamanse.com/v2/js/SCRIPT  -> Offline
      [swf] http://www.koreamanse.com/v2/js/img/banner.swf -> pass
    [script] http://www.koreamanse.com/v2/js/flash_new.js
    [script] http://www.koreamanse.com/v2/js/coupon.js
      [img] http://www.koreamanse.com/v2/js/+what+  -> Offline
    [script] http://www.koreamanse.com/v2/js/mEmbed.js
      [swf] http://www.koreamanse.com/v2/js/source.swf -> pass
    [script] http://www.koreamanse.com/v2/js/default.js
    [script] http://www.koreamanse.com/v2/js/sub_tap.js
    [script] http://www.koreamanse.com/v2/js/cate_menupan.js
    [script] http://www.koreamanse.com/v2/js/happy_member.js
    [script] http://www.koreamanse.com/v2/js/change_menu.js
    [script] http://www.koreamanse.com/v2/js/happy_main.js
      -> Suspicious script has been detected (Obfuscation packer:EnPack)
      -> user information check
      [script] http://www.koreamanse.com/shop/intro/top.gif -> Malware url
        -> Suspicious script has been detected (http://)
        [unescape] http://www.egcho.co.kr/egc_webzine/bbs/v/index.html -> Malware url
          -> (-) 76c01e83d9f57175cdebbe09ae62d97f / Virustotal : 2014-12-15 12:37:32 7/56
          -> user tracking code (51yes.com)
          -> Suspicious script has been detected (document.write)
          -> user information check
          -> user cookie check
          -> Suspicious script has been detected (CK VIP Exploit Kit)
          [swf] http://www.egcho.co.kr/egc_webzine/bbs/v/nbwm.swf -> pass
          [frame] http://www.egcho.co.kr/egc_webzine/bbs/v/ww.html
            -> (-) 458b22923d79a796f02f81be8a5c628a / Virustotal : 2014-12-15 12:20:13 7/56
            -> Suspicious script has been detected (CVE-2011-2140, Adobe Flash Player)
            [swf] http://www.egcho.co.kr/egc_webzine/bbs/v/ww.swf
            [script] http://www.egcho.co.kr/egc_webzine/bbs/v/ww.js
          [frame] http://www.egcho.co.kr/egc_webzine/bbs/v/main.html
            -> (-) 31a7704b2dd0f199bbdfd73ce8a37942
            -> Suspicious script has been detected (document.write)
            -> Suspicious script has been detected (CK VIP Exploit Kit #2)
          [script] http://count34.51yes.com/click.aspx?id=349502336&logo=1 -> pass
          [script] http://www.egcho.co.kr/egc_webzine/bbs/v/swfobject.js
            -> Suspicious script has been detected (http://)
            -> Suspicious script has been detected (Flash Player version check)
            -> user information check
            [unescape] http://www.thecouple.co.kr/pay/kcp/cba.html -> Malware url
          [script] http://www.egcho.co.kr/egc_webzine/bbs/v/jquery-1.4.2.min.js
            -> user information check
          [applet] http://www.egcho.co.kr/egc_webzine/bbs/v/+jaguar+  -> Offline
          [applet] http://www.egcho.co.kr/egc_webzine/bbs/v/+audi+  -> Offline
          [ascii] http://174.139.78.214/xx.exe -> Malware url
            -> (-) 145d70b30df8f2a1c05278a9088c13f0
            -> EXE File Signatures
      [img] http://www.koreamanse.com/v2/js/img/message/icon_messicon.gif  -> Offline
      [img] http://www.koreamanse.com/v2/js/img/binimg.gif  -> Offline
      [img] http://www.koreamanse.com/v2/js/img/message/icon_messregi.gif  -> Offline
      [script] http://www.macromedia.com/go/getflashplayer -> pass
      [script] http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0 -> pass
    [script] http://www.koreamanse.com/v2/js/searchWord.js
    [script] http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
    [img] http://www.koreamanse.com/v2/{  -> Offline
  [img] http://www.koreamanse.com/open/bestcody_click.php?number=29486
  [script] http://www.koreamanse.com/v  -> Offline
*Country
ceomap.co.kr - KR, 218.145.71.155 (Suwon, Republic of Korea)



*Whois
query : ceomap.co.kr


# KOREAN(UTF8)

도메인이름 : ceomap.co.kr
등록인 : 김상영
책임자 : 김상영
책임자 전자우편 : koreamanse7@naver.com
등록일 : 2011. 11. 10.
최근 정보 변경일 : 2023. 12. 12.
사용 종료일 : 2027. 11. 10.
정보공개여부 : N
등록대행자 : (주)후이즈(http://whois.co.kr)
DNSSEC : 미서명

1차 네임서버 정보
호스트이름 : ns.koreamanse.com

2차 네임서버 정보
호스트이름 : ns2.koreaidc.com

네임서버 이름이 .kr이 아닌 경우는 IP주소가 보이지 않습니다.


# ENGLISH

Domain Name : ceomap.co.kr
Registrant : kim sang young
Administrative Contact(AC) : kim sang young
AC E-Mail : koreamanse7@naver.com
Registered Date : 2011. 11. 10.
Last Updated Date : 2023. 12. 12.
Expiration Date : 2027. 11. 10.
Publishes : N
Authorized Agency : Whois Corp.(http://whois.co.kr)
DNSSEC : unsigned

Primary Name Server
Host Name : ns.koreamanse.com

Secondary Name Server
Host Name : ns2.koreaidc.com


- KISA/KRNIC WHOIS Service -


*Reference
 VIRUSTOTAL : domain | ip | hash url | hash file
 Google SafeBrowsing(GSB) :
 URLVoid : domain
 Malware Domain List : domain
 SCUMWARE : domain | ip
 Project Honey Pot : ip
 Ransomware Tracker : domain
 Threat Crowd : domain | ip | hash file
 ZeroCERT Safeguard : domain | ip

*etc
  Stopbadware | Norton Safe | McAfee siteadvisor | Phish tank | Tcpiputils

[Info] Changing api service domain address (center.zerocert.org -> cert.zero.camp), API Reference