Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hanmunlove.pe.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hanmunlove.pe.kr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 03:30:45 GMT
Server: Microsoft-IIS/5.0
Content-Type: text/html
X-Powered-By: PHP/4.3.10
GET / HTTP/1.1
Host: hanmunlove.pe.kr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 03:30:45 GMT
Server: Microsoft-IIS/5.0
Content-Type: text/html
X-Powered-By: PHP/4.3.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: hanmunlove.pe.kr
Referer: http://www.google.com/search?q=hanmunlove.pe.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hanmunlove.pe.kr
Referer: http://www.google.com/search?q=hanmunlove.pe.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://hanmunlove.pe.kr/ | 200 OK Content-Length: 61202 Content-Type: text/html | clean |
http://hanmunlove.pe.kr/test404page.js | 200 OK Content-Length: 1004 Content-Type: text/html | clean |
http://counter.pe.kr?TVRNek5EYzBOemd4TXc9PQ==/ | HTTP/1.1 200 OK Connection: close Date: Sun, 28 Dec 2014 16:21:31 GMT Server: Apache Content-Length: 208 Content-Type: text/html P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Set-Cookie: visit_today=done; expires=Mon, 29-Dec-2014 15:00:00 GMT X-Powered-By: PHP/5.2.17 | clean |
http://sk-7mobile.com/index.php?agent_id=revive | 200 OK Content-Length: 50071 Content-Type: text/html | clean |
http://sk-7mobile.com/js/jquery-1.8.3.min.js | 200 OK Content-Length: 93637 Content-Type: application/javascript | clean |
http://sk-7mobile.com/js/jquery.menu.js | 200 OK Content-Length: 2930 Content-Type: application/javascript | clean |
http://sk-7mobile.com/js/common.js | 200 OK Content-Length: 14491 Content-Type: application/javascript | clean |
http://sk-7mobile.com/js/wrest.js | 200 OK Content-Length: 11096 Content-Type: application/javascript | clean |
http://sk-7mobile.com/js/common_myebheidi.js | 200 OK Content-Length: 6803 Content-Type: application/javascript | clean |
http://sk-7mobile.com/skin/shop/mobileshop/banner_effect_file/js/jquery-1.4.4.js | 200 OK Content-Length: 190363 Content-Type: application/javascript | clean |
http://sk-7mobile.com/skin/shop/mobileshop/banner_effect_file/js/banner.js | 200 OK Content-Length: 23855 Content-Type: application/javascript | clean |
http://sk-7mobile.com/js/sns.js | 200 OK Content-Length: 559 Content-Type: application/javascript | clean |
http://counter.pe.kr?TVRNek5EYzBOemd4TXc9PQ==/test404page.js | HTTP/1.1 200 OK Connection: close Date: Sun, 28 Dec 2014 16:21:47 GMT Server: Apache Content-Length: 208 Content-Type: text/html P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Set-Cookie: visit_today=done; expires=Mon, 29-Dec-2014 15:00:00 GMT X-Powered-By: PHP/5.2.17 | clean |
http://sk-7mobile.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 28 Dec 2014 03:31:12 GMT Location: http://html.gethompy.com/404.html?id=iamwebdy Server: Apache Content-Type: text/html; charset=iso-8859-1 | clean |
http://html.gethompy.com/404.html?id=iamwebdy | 200 OK Content-Length: 2958 Content-Type: text/html | clean |
http://html.gethompy.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 28 Dec 2014 03:31:14 GMT Location: http://html.gethompy.com/error/error_request.php Server: nginx/1.4.3p1 Content-Length: 299 Content-Type: text/html; charset=iso-8859-1 | clean |
http://html.gethompy.com/error/error_request.php | 200 OK Content-Length: 211 Content-Type: text/html | clean |