Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hollywooddiet.cwo.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hollywooddiet.cwo.kr/ | 200 OK Content-Length: 2421 Content-Type: text/html | clean |
http://hollywooddiet.cwo.kr/_core/js/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/x-javascript | clean |
http://hollywooddiet.cwo.kr/_core/js/sys.js?nFlag=201412 | 200 OK Content-Length: 19387 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getId(id)
{ return document.getElementById(id); } function goHref(url) { location.href = url; } function chkIdValue(id) { if (id == '') return false; if (!getTypeCheck(id,"abcdefghijklmnopqrstuvwxyz1234567890_-")) return false; return true; } function chkFnameValue(file) { if (file == '') return false; if (!getTypeCheck(file,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-")) ret html += ' </div>'; html += '</div>'; getId('_overLayer_').innerHTML = html; getId('_overLayer_').className = ''; document.body.style.overflow = 'hidden'; } function crLayerClose() { getId('_overLayer_').className = 'hide'; document.body.style.overflow = 'auto'; } Antivirus reports:
| ||
http://hollywooddiet.cwo.kr/layouts/bluebDesign/_main.js?nFlag=201412 | 200 OK Content-Length: 22960 Content-Type: application/x-javascript | clean |
http://hollywooddiet.cwo.kr/pages/_main.js?nFlag=201412 | 200 OK Content-Length: 29 Content-Type: application/x-javascript | clean |
http://hollywooddiet.cwo.kr/layouts/bluebDesign/_lib/jquery-ui.min.js?nFlag=201412 | 200 OK Content-Length: 201875 Content-Type: application/x-javascript | clean |
http://hollywooddiet.cwo.kr/test404page.js | 404 Not Found Content-Length: 354 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hollywooddiet.cwo.kr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 27 Dec 2014 16:46:51 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS) DAV/2 PHP/5.2.14 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Vary: Host
Content-Type: text/html;charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=39d644c361c11990eb738e8f6f454bca; path=/
X-Died: timeout at scan.pm line 1566.
X-Powered-By: PHP/5.2.14
GET / HTTP/1.1
Host: hollywooddiet.cwo.kr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 27 Dec 2014 16:46:51 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS) DAV/2 PHP/5.2.14 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Vary: Host
Content-Type: text/html;charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=39d644c361c11990eb738e8f6f454bca; path=/
X-Died: timeout at scan.pm line 1566.
X-Powered-By: PHP/5.2.14
Second query (visit from search engine):
GET / HTTP/1.1
Host: hollywooddiet.cwo.kr
Referer: http://www.google.com/search?q=hollywooddiet.cwo.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hollywooddiet.cwo.kr
Referer: http://www.google.com/search?q=hollywooddiet.cwo.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.