New scan:

Malware Scanner report for wowlotto.co.kr

Malicious/Suspicious/Total urls checked
0/0/20
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/12/12
12 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://wowlotto.co.kr/
200 OK
Content-Length: 8313
Content-Type: text/html
clean
http://wowlotto.co.kr/jscss/jquery-1.4.2.min.js
200 OK
Content-Length: 72174
Content-Type: application/x-javascript
clean
http://wowlotto.co.kr/jscss/script.js
200 OK
Content-Length: 10321
Content-Type: application/x-javascript
clean
http://wowlotto.co.kr/jscss/flash.js
200 OK
Content-Length: 885
Content-Type: application/x-javascript
clean
http://wowlotto.co.kr/vip/vip_unse.htm
200 OK
Content-Length: 7131
Content-Type: text/html
clean
http://wowlotto.co.kr/vip/vip_cartoon.htm
200 OK
Content-Length: 7134
Content-Type: text/html
clean
http://wowlotto.co.kr/index.htm
200 OK
Content-Length: 27763
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 0x0     
src: http://goo.gl/fc9js

<iframe src="http://goo.gl/fc9js" name="pwb2" width="0" height="0" scrolling="no" frameborder="no">

Hidden iFrame found.
size: 0x0     
src: http://goo.gl/95wku

<iframe src="http://goo.gl/95wku" name="pwb1" width="0" height="0" scrolling="no" frameborder="no">

http://wowlotto.co.kr/vip/creator_vip.htm
200 OK
Content-Length: 12124
Content-Type: text/html
clean
http://wowlotto.co.kr/combination/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 05 Oct 2014 11:40:04 GMT
Location: creator_perfect.htm
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.0
Content-Length: 0
Content-Type: text/html
X-Pad: avoid browser bug
X-Powered-By: PHP/5.2.0
clean
http://wowlotto.co.kr/combination/creator_perfect.htm
200 OK
Content-Length: 11916
Content-Type: text/html
clean
http://wowlotto.co.kr/analysis/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 05 Oct 2014 11:40:06 GMT
Location: case1.htm
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.0
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.0
clean
http://wowlotto.co.kr/analysis/case1.htm
200 OK
Content-Length: 289034
Content-Type: text/html
clean
http://wowlotto.co.kr/board/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 05 Oct 2014 11:40:12 GMT
Location: list.htm?board_seq=2&category_seq=3
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.0
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.0
clean
http://wowlotto.co.kr/board/list.htm?board_seq=2&category_seq=3
200 OK
Content-Length: 25557
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 0x0     
src: http://goo.gl/fc9js

<iframe src="http://goo.gl/fc9js" name="pwb2" width="0" height="0" scrolling="no" frameborder="no">

Hidden iFrame found.
size: 0x0     
src: http://goo.gl/95wku

<iframe src="http://goo.gl/95wku" name="pwb1" width="0" height="0" scrolling="no" frameborder="no">

http://wowlotto.co.kr/commonsense/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 05 Oct 2014 11:40:17 GMT
Location: page1.htm
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.0
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.0
clean
http://wowlotto.co.kr/commonsense/page1.htm
200 OK
Content-Length: 28825
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 0x0     
src: http://goo.gl/95wku

<iframe src="http://goo.gl/95wku" name="pwb1" width="0" height="0" scrolling="no" frameborder="no">

Hidden iFrame found.
size: 0x0     
src: http://goo.gl/fc9js

<iframe src="http://goo.gl/fc9js" name="pwb2" width="0" height="0" scrolling="no" frameborder="no">

http://wowlotto.co.kr/customer/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 05 Oct 2014 11:40:19 GMT
Location: main.htm
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.0
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.0
clean
http://wowlotto.co.kr/customer/main.htm
200 OK
Content-Length: 19210
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 0x0     
src: http://goo.gl/95wku

<iframe src="http://goo.gl/95wku" name="pwb1" width="0" height="0" scrolling="no" frameborder="no">

Hidden iFrame found.
size: 0x0     
src: http://goo.gl/fc9js

<iframe src="http://goo.gl/fc9js" name="pwb2" width="0" height="0" scrolling="no" frameborder="no">

http://wowlotto.co.kr/customer/find_id.htm
200 OK
Content-Length: 19508
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 0x0     
src: http://goo.gl/fc9js

<iframe src="http://goo.gl/fc9js" name="pwb2" width="0" height="0" scrolling="no" frameborder="no">

Hidden iFrame found.
size: 0x0     
src: http://goo.gl/95wku

<iframe src="http://goo.gl/95wku" name="pwb1" width="0" height="0" scrolling="no" frameborder="no">

http://wowlotto.co.kr/customer/find_pw.htm
200 OK
Content-Length: 20223
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 0x0     
src: http://goo.gl/95wku

<iframe src="http://goo.gl/95wku" name="pwb1" width="0" height="0" scrolling="no" frameborder="no">

Hidden iFrame found.
size: 0x0     
src: http://goo.gl/fc9js

<iframe src="http://goo.gl/fc9js" name="pwb2" width="0" height="0" scrolling="no" frameborder="no">


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: wowlotto.co.kr

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Oct 2014 11:39:47 GMT
Pragma: no-cache
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.0
Content-Type: text/html; charset=euc-kr
Expires: Mon, 26 Jul 2008 05:00:00 GMT
Last-Modified: Sun, 05 Oct 2014 11:39:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
X-Died: timeout at scan.pm line 1546.
X-Powered-By: PHP/5.2.0
Second query (visit from search engine):
GET / HTTP/1.1
Host: wowlotto.co.kr
Referer: http://www.google.com/search?q=wowlotto.co.kr

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=wowlotto.co.kr

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wowlotto.co.kr/

Result: wowlotto.co.kr is not infected or malware details are not published yet.