Scanned pages/files
Request | Server response | Status |
http://emkorea.sendpage.co.kr/ | 200 OK Content-Length: 38808 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://emkorea.softimpact.co.kr/conf/inc_config.php <iframe style="display: none" border=0 src="http://emkorea.softimpact.co.kr/conf/inc_config.php" frameborder=0> | ||
http://emkorea.sendpage.co.kr/common/kuiflashvars.js | 200 OK Content-Length: 2071 Content-Type: application/x-javascript | clean |
http://emkorea.sendpage.co.kr/common/main_js.js | 200 OK Content-Length: 21750 Content-Type: application/x-javascript | clean |
http://emkorea.sendpage.co.kr/common/tabpanelgroup.js | 200 OK Content-Length: 630 Content-Type: application/x-javascript | clean |
http://code.jquery.com/jquery-1.11.0.min.js | 200 OK Content-Length: 96381 Content-Type: application/x-javascript | clean |
http://code.jquery.com/jquery-migrate-1.2.1.min.js | 200 OK Content-Length: 7199 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/jquery-ui.js | 200 OK Content-Length: 300169 Content-Type: text/javascript | clean |
http://emkorea.sendpage.co.kr/common/js_rolling.js | 200 OK Content-Length: 8857 Content-Type: application/x-javascript | clean |
http://emkorea.sendpage.co.kr/common/jquery.rolling.js | 200 OK Content-Length: 12918 Content-Type: application/x-javascript | clean |
http://emkorea.sendpage.co.kr/common/slides.min.jquery.js | 200 OK Content-Length: 6742 Content-Type: application/x-javascript | clean |
http://emkorea.sendpage.co.kr/common/jquery.droppy.js | 200 OK Content-Length: 1773 Content-Type: application/x-javascript | clean |
http://emkorea.sendpage.co.kr/sub.asp?maincode=-507 | 200 OK Content-Length: 27408 Content-Type: text/html | clean |
http://emkorea.sendpage.co.kr/sub.asp?maincode=451&sub_sequence=&sub_sub_sequence= | HTTP/1.1 302 Object moved Cache-Control: private Date: Fri, 16 May 2014 09:12:43 GMT Location: /sub.asp?maincode=451&sub_sequence=457&sub_sub_sequence= Server: Microsoft-IIS/7.5 Content-Length: 158 Content-Type: text/html; Charset=utf-8 P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Set-Cookie: ASPSESSIONIDCCDDASQD=MIFIJJICDPAPNAFLLAGDBPAB; path=/ X-Powered-By: ASP.NET | clean |
http://emkorea.sendpage.co.kr/sub.asp?maincode=451&sub_sequence=457&sub_sub_sequence= | 200 OK Content-Length: 20733 Content-Type: text/html | clean |
http://emkorea.sendpage.co.kr/test404page.js | 404 Not Found Content-Length: 5355 Content-Type: text/html | clean |
http://emkorea.sendpage.co.kr/sub.asp?maincode=451&sub_sequence=460&sub_sub_sequence= | HTTP/1.1 302 Object moved Cache-Control: private Date: Fri, 16 May 2014 09:12:46 GMT Location: /sub.asp?maincode=451&sub_sequence=460&sub_sub_sequence=&exec=list&strBoardID=kui_460 Server: Microsoft-IIS/7.5 Content-Length: 195 Content-Type: text/html; Charset=utf-8 P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Set-Cookie: ASPSESSIONIDCCDDASQD=BJFIJJICODINAHBOELHJIKCI; path=/ X-Powered-By: ASP.NET | clean |
http://emkorea.sendpage.co.kr/sub.asp?maincode=451&sub_sequence=460&sub_sub_sequence=&exec=list&strboardid=kui_460 | 200 OK Content-Length: 145618 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: emkorea.sendpage.co.kr
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 16 May 2014 09:12:26 GMT
Server: Microsoft-IIS/7.5
Content-Length: 38808
Content-Type: text/html; Charset=utf-8
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: ASPSESSIONIDCCDDASQD=JHFIJJICLKHEGKGJPLAAHDCN; path=/
X-Powered-By: ASP.NET
...38808 bytes of data.
GET / HTTP/1.1
Host: emkorea.sendpage.co.kr
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 16 May 2014 09:12:26 GMT
Server: Microsoft-IIS/7.5
Content-Length: 38808
Content-Type: text/html; Charset=utf-8
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: ASPSESSIONIDCCDDASQD=JHFIJJICLKHEGKGJPLAAHDCN; path=/
X-Powered-By: ASP.NET
...38808 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: emkorea.sendpage.co.kr
Referer: http://www.google.com/search?q=emkorea.sendpage.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: emkorea.sendpage.co.kr
Referer: http://www.google.com/search?q=emkorea.sendpage.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=emkorea.sendpage.co.kr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://emkorea.sendpage.co.kr/
Result: emkorea.sendpage.co.kr is not infected or malware details are not published yet.
Result: emkorea.sendpage.co.kr is not infected or malware details are not published yet.