Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rndauction.co.kr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://rndauction.co.kr/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Tue, 27 Jan 2015 04:00:32 GMT Location: http://rndauction.co.kr/main Server: Microsoft-IIS/6.0 Content-Length: 149 Content-Type: text/html P3P: CP=ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC Set-Cookie: PUID=719F069C196B41EE8C42AD5A8721CF86; domain=rndauction.co.kr; path=/ Set-Cookie: ASPSESSIONIDQCBRSTQA=MEOBGENCLLDGPMMAFIFIGMDE; path=/ | clean |
http://rndauction.co.kr/main | HTTP/1.1 301 Moved Permanently Date: Tue, 27 Jan 2015 04:00:34 GMT Location: http://rndauction.co.kr/main/ Server: Microsoft-IIS/6.0 Content-Length: 175 Content-Type: text/html | clean |
http://rndauction.co.kr/main/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Tue, 27 Jan 2015 04:00:36 GMT Location: /main/main_real.asp Server: Microsoft-IIS/6.0 Content-Length: 140 Content-Type: text/html P3P: CP=ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC Set-Cookie: PUID=689B72BB97AC494683D67F08EA2ACC45; domain=rndauction.co.kr; path=/ Set-Cookie: ASPSESSIONIDQCBRSTQA=AFOBGENCJEGHLIAFLMJJMJPG; path=/ | clean |
http://rndauction.co.kr/main/main_real.asp | 200 OK Content-Length: 28330 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.d-mama.co.kr <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>¾Ë¾Øµð¿Á¼Ç(¿ÀǸ¶ÄÏ) - ½Å·Ú¿Í °í°´ °¨µ¿À» ½ÇõÇÏ´Â ¼îÇθô</title> <meta http-equiv="Content-Type" content="text/html; charset=euc-kr" /> <meta http-equiv="page-exit" content="blendtrans(duration=0.2)" /><!-- ceobiz --> <meta http-equiv="page-enter" content="blendtrans(duration=0.2)" ...[4231 bytes skipped]... Hidden iFrame found. size: 0x0 src: http://www.isseco.com/popup/index.html <iframe src=http://www.isseco.com/popup/index.html width=0 height=0> Malicious iFrame found. size: 0x0 src: http://www.d-mama.co.kr/popup\index.html This URL is marked by Google as suspicious <iframe src=http://www.d-mama.co.kr/popup\index.html width=0 height=0> | ||
http://rndauction.co.kr/jscript/common.js | 200 OK Content-Length: 22680 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/embed.js | 200 OK Content-Length: 2953 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/ajax.js | 200 OK Content-Length: 2356 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/json.js | 200 OK Content-Length: 5093 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/rollover.js | 200 OK Content-Length: 1033 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/user_func.js | 200 OK Content-Length: 2552 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/sns.js | 200 OK Content-Length: 3789 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/popup_main.js.asp | 404 Not Found Content-Length: 1466 Content-Type: text/html | clean |
http://rndauction.co.kr/test404page.js | 404 Not Found Content-Length: 1466 Content-Type: text/html | clean |
http://rndauction.co.kr/jscript/cookie.js | 200 OK Content-Length: 1022 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/floating.js | 200 OK Content-Length: 3636 Content-Type: application/x-javascript | clean |
http://rndauction.co.kr/jscript/left_floating.js | 200 OK Content-Length: 3732 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rndauction.co.kr
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Tue, 27 Jan 2015 04:00:32 GMT
Location: http://rndauction.co.kr/main
Server: Microsoft-IIS/6.0
Content-Length: 149
Content-Type: text/html
P3P: CP=ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC
Set-Cookie: PUID=719F069C196B41EE8C42AD5A8721CF86; domain=rndauction.co.kr; path=/
Set-Cookie: ASPSESSIONIDQCBRSTQA=MEOBGENCLLDGPMMAFIFIGMDE; path=/
...149 bytes of data.
GET / HTTP/1.1
Host: rndauction.co.kr
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Tue, 27 Jan 2015 04:00:32 GMT
Location: http://rndauction.co.kr/main
Server: Microsoft-IIS/6.0
Content-Length: 149
Content-Type: text/html
P3P: CP=ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC
Set-Cookie: PUID=719F069C196B41EE8C42AD5A8721CF86; domain=rndauction.co.kr; path=/
Set-Cookie: ASPSESSIONIDQCBRSTQA=MEOBGENCLLDGPMMAFIFIGMDE; path=/
...149 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rndauction.co.kr
Referer: http://www.google.com/search?q=rndauction.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rndauction.co.kr
Referer: http://www.google.com/search?q=rndauction.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.