Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=magazine.jungle.co.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://magazine.jungle.co.kr/ | 200 OK Content-Length: 121662 Content-Type: text/html | malicious |
Page code contains blacklisted domain: jungle.co.kr ...[470 bytes skipped]... otocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>µðÀÚÀÎÁ¤±Û - ¸Å°ÅÁø</title> <link rel="shortcut icon" href="http://magazine.jungle.co.kr/favicon1.ico" type="image/x-icon"> <link rel="icon" href="http://magazine.jungle.co.kr/favicon1.ico" type="image/x-icon"> <!--metahttp-equiv="Content-Type"content="text/html;charset=euc-kr"--> <link rel="stylesheet" href="../css/magazin.css" type="text/css"> <link rel="stylesheet" href="../css/magazine.css" type="text/css"> <link href="../css/calendarCon.css" rel="stylesheet" type="text/css"> <script src="/js/calenda ...[147461 bytes skipped]... Malicious iFrame found. size: 120x70 src: http://jungle.co.kr/include/verysign_ÀÎÁõ.asp This URL is marked by Google as suspicious <iframe src="http://jungle.co.kr/include/verysign_ÀÎÁõ.asp" frameborder="0" marginheight="0" marginwidth="0" width="120" height="70" align="right" scrolling="no"> Malicious iFrame found. size: 0x0 style: hidden src: http://publish.jungle.co.kr/ucc/publish_ucc_action.asp This URL is marked by Google as suspicious <iframe src= "http://publish.jungle.co.kr/ucc/publish_ucc_action.asp" name="hidden_frm" frameborder="0" height="0" marginheight="0" marginwidth="0" scrolling="yes" src="" width="0" topmargin="0" style="display:none;"> Malicious iFrame found. size: 0x0 style: hidden src: http://jungle.co.kr/xml/newsstand_news.asp This URL is marked by Google as suspicious <iframe src= "http://jungle.co.kr/xml/newsstand_news.asp" name="hidden_frm" frameborder="0" height="0" marginheight="0" marginwidth="0" scrolling="yes" src="" width="0" topmargin="0" style="display:none;"> Malicious iFrame found. size: 0x0 style: hidden src: http://jungle.co.kr/xml/newsstand.asp This URL is marked by Google as suspicious <iframe src= "http://jungle.co.kr/xml/newsstand.asp" name="hidden_frm" frameborder="0" height="0" marginheight="0" marginwidth="0" scrolling="yes" src="" width="0" topmargin="0" style="display:none;"> Malicious iFrame found. size: 0x0 style: hidden src: http://publish.jungle.co.kr/newjob/publish/publish_action_2007.asp This URL is marked by Google as suspicious <iframe src= "http://publish.jungle.co.kr/newjob/publish/publish_action_2007.asp" name="hidden_frm" frameborder="0" height="0" marginheight="0" marginwidth="0" scrolling="yes" src="" width="0" topmargin="0" style="display:none;"> | ||
http://magazine.jungle.co.kr/js/calendarCon.js | 200 OK Content-Length: 10083 Content-Type: application/x-javascript | clean |
http://magazine.jungle.co.kr/js/calendar.js | 200 OK Content-Length: 22484 Content-Type: application/x-javascript | clean |
http://adsvr.jungle.co.kr:8080/js.kti/jungle/main@m1 | 200 OK Content-Length: 264 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: imgjungle.jungle.co.kr document.write('<a href="http://adsvr.jungle.co.kr:8080/click.kti/jungle/main@m1?ads_no=2252&cmp_no=612&img_no=2277" target="_blank">');
document.write('<img src="http://imgjungle.jungle.co.kr/ads/0530privacy_605x70.gif" width="605" height="70" border="0"></a>'); Decoded script: <a href="http://adsvr.jungle.co.kr:8080/click.kti/jungle/main@m1?ads_no=2252&cmp_no=612&img_no=2277" target="_blank"><img src="http://imgjungle.jungle.co.kr/ads/0530privacy_605x70.gif" width="605" height="70" border="0"></a> | ||
http://adsvr.jungle.co.kr:8080/js.kti/jungle/p1@100x385?tgpFr=32 | 200 OK Content-Length: 0 Content-Type: text/plain | clean |
http://adsvr.jungle.co.kr:8080/test404page.js | 404 Not Found Content-Length: 278 Content-Type: text/html | clean |
http://adsvr.jungle.co.kr:8080/js.kti/jungle/main@P2 | 200 OK Content-Length: 0 Content-Type: text/plain | clean |
http://adsvr.jungle.co.kr:8080/js.kti/jungle/main@p4 | 200 OK Content-Length: 0 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: magazine.jungle.co.kr
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 08 Jun 2014 22:37:11 GMT
Server: Microsoft-IIS/6.0
Content-Length: 121662
Content-Type: text/html; Charset=euc-KR
Set-Cookie: ASPSESSIONIDCCTQTQTS=NJOHOIGCGLMDJFMJBKCCBLAL; path=/
X-Powered-By: ASP.NET
...121662 bytes of data.
GET / HTTP/1.1
Host: magazine.jungle.co.kr
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 08 Jun 2014 22:37:11 GMT
Server: Microsoft-IIS/6.0
Content-Length: 121662
Content-Type: text/html; Charset=euc-KR
Set-Cookie: ASPSESSIONIDCCTQTQTS=NJOHOIGCGLMDJFMJBKCCBLAL; path=/
X-Powered-By: ASP.NET
...121662 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: magazine.jungle.co.kr
Referer: http://www.google.com/search?q=magazine.jungle.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: magazine.jungle.co.kr
Referer: http://www.google.com/search?q=magazine.jungle.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.