Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dalmaya.cwo.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dalmaya.cwo.kr/ | 200 OK Content-Length: 28810 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
| ||
http://dalmaya.cwo.kr/./layouts/bluebDesign/_cross/js/galleryThumnailSlider.js | 200 OK Content-Length: 20707 Content-Type: application/x-javascript | clean |
http://dalmaya.cwo.kr/./ | 200 OK Content-Length: 28812 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
| ||
http://dalmaya.cwo.kr/././layouts/bluebDesign/_cross/js/galleryThumnailSlider.js | 200 OK Content-Length: 20707 Content-Type: application/x-javascript | clean |
http://dalmaya.cwo.kr/././ | 200 OK Content-Length: 28814 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
| ||
http://dalmaya.cwo.kr/./././layouts/bluebDesign/_cross/js/galleryThumnailSlider.js | 200 OK Content-Length: 20707 Content-Type: application/x-javascript | clean |
http://dalmaya.cwo.kr/./././ | 200 OK Content-Length: 28816 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
| ||
http://dalmaya.cwo.kr/././././layouts/bluebDesign/_cross/js/galleryThumnailSlider.js | 200 OK Content-Length: 20707 Content-Type: application/x-javascript | clean |
http://dalmaya.cwo.kr/././././ | 200 OK Content-Length: 28818 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
| ||
http://dalmaya.cwo.kr/./././././layouts/bluebDesign/_cross/js/galleryThumnailSlider.js | 200 OK Content-Length: 20707 Content-Type: application/x-javascript | clean |
http://dalmaya.cwo.kr/./././././ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://dalmaya.cwo.kr/test404page.js | 404 Not Found Content-Length: 348 Content-Type: text/html | clean |
http://dalmaya.cwo.kr/?r=home&_themePage=sitemap | 200 OK Content-Length: 17554 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
| ||
http://dalmaya.cwo.kr/./?mod=mypage | 200 OK Content-Length: 508 Content-Type: text/html | clean |
http://dalmaya.cwo.kr/./?mod=join | 200 OK Content-Length: 45663 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var flashvars = {}; flashvars.textLogo = 'ë¬ë§ì¼ë·ì»´'; flashvars.textLogoSub = 'ì´ ì¸ìì ë®ìê²ë¤ì ë¤ ëª¨ì¬ë¼!'; flashvars.textLogoSize = '40'; flashvars.textLogoColor = '0xffffff'; flashvars.textLogoSpace = '-4'; flashvars.subtextLogoSize = '12'; flashvars.subtextLogoColor = '0xffffff'; flashvars.subtextLogoSpace = '0'; flashvars.subtextLogoFont = 'nanumgothic'; flashvars.siteHome = './'; var params = {}; params.menu = "false"; params.wmode = "transparent"; params.quality ="high"; var attributes = {}; attributes.id = "logoFlashVal"; attributes.name = "logoFlashVal"; swfobject.embedSWF("/layouts/bluebDesign/image/flashLogo.swf", "logoFlashVal", "400", "65", "9.0.0","expressInstall.swf", flashvars, params, attributes); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dalmaya.cwo.kr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Dec 2014 15:25:58 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS) DAV/2 PHP/5.2.14 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Vary: Host
Content-Type: text/html;charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=48a626a42b65bc1a8b3b3644472ff95a; path=/
X-Powered-By: PHP/5.2.14
GET / HTTP/1.1
Host: dalmaya.cwo.kr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Dec 2014 15:25:58 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS) DAV/2 PHP/5.2.14 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Vary: Host
Content-Type: text/html;charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=48a626a42b65bc1a8b3b3644472ff95a; path=/
X-Powered-By: PHP/5.2.14
Second query (visit from search engine):
GET / HTTP/1.1
Host: dalmaya.cwo.kr
Referer: http://www.google.com/search?q=dalmaya.cwo.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dalmaya.cwo.kr
Referer: http://www.google.com/search?q=dalmaya.cwo.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.