Help
RSS
API
Feed
Maltego
Contact
Domain > gobest.co.kr
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Files that talk to gobest.co.kr
MD5
A/V
85f4a8ac6e1b95cc13d14d15832579fa
[
HW32.Packed.D8C7
] [
Virus.Win32.Sality!O
] [
Trojan.Win32.DownLoader17.dycszx
] [
Trojan.Injector!WdGw5JoVyWA
] [
Win32.Trojan.Inject.Auto
] [
Trojan.DownLoader17.27430
] [
BehavesLike.Win32.Backdoor.dc
] [
Trojan.Heur.FU.EDBFD2
] [
Trojan:Win32/Toga!rfn
] [
Trojan/Win32.Banki
] [
Artemis!85F4A8AC6E1B
] [
Trojan.Win32.Injector.BBYK
] [
Backdoor.Bot
] [
W32/BBYK!tr
] [
Inject3.LKB
]
DNS Resolutions
Date
IP Address
2024-11-02
1.234.39.55
(
ClassC
)
Port 80
HTTP/1.1 200 OKServer: nginxDate: Wed, 01 Nov 2023 15:24:52 GMTContent-Type: text/htmlContent-Length: 1576Connection: keep-aliveVary: Accept-EncodingExpires: Thu, 01 Jan 1970 00:00:01 GMTCache-Control html xmlnshttp://www.w3.org/1999/xhtml xml:langko langko>head>meta http-equivContent-Type contenttext/html; charsetutf-8 />style typetext/css>body { width:100%; height:100%; } .wrap { position:fixed; top:50%; left:50%; margin:-185px 0 0 -315px; width:630px; height:370px; } h1 {margin: 0 0 20px; font-size: 15pt;}/style>/head>body>script typetext/javascript src/cupid.js >/script>script>function toNumbers(t){var e;return t.replace(/(..)/g,function(t){e.push(parseInt(t,16))}),e}function toHex(){for(var t,t1arguments.length&&arguments0.constructorArray?arguments0:arguments,e,o0;ot.length;o++)e+(16>to?0:)+to.toString(16);return e.toLowerCase()}function getUrlParams(){var t{};return window.location.search.replace(/?&+(^&+)(^&*)/gi,function(e,o,r){tor}),t}var atoNumbers(ef0fbc30af769699c5376ddf2c089bed),btoNumbers(689c4d6de93693bc2e166d68d215af1a),ctoNumbers(5901a0b5375f014abbe0cae1c4e0b267),nownew Date,timenow.getTime();time+864e5,now.setTime(time),document.cookieCUPID+toHex(slowAES.decrypt(c,2,a,b))+; expires+now.toUTCString()+; path/,oParamsgetUrlParams(),nCkattempt0,oParams.ckattempt&&(nCkattemptparseInt(oParams.ckattempt)),nCkattempt3&&(location.hrefhttp://gobest.co.kr/?ckattempt1);/script>div classwrap>div aligncenter>h1>자동등록방지를 위해 보안절차를 거치고 있습니다./h1>p>Please prove that you are human./p>form action/___verify methodPOST>input typesubmit value OK >/form>/div>/div>/body>/html>
Port 443
HTTP/1.1 200 OKServer: nginxDate: Wed, 01 Nov 2023 15:24:53 GMTContent-Type: text/htmlContent-Length: 1577Connection: keep-aliveVary: Accept-EncodingExpires: Thu, 01 Jan 1970 00:00:01 GMTCache-Control html xmlnshttp://www.w3.org/1999/xhtml xml:langko langko>head>meta http-equivContent-Type contenttext/html; charsetutf-8 />style typetext/css>body { width:100%; height:100%; } .wrap { position:fixed; top:50%; left:50%; margin:-185px 0 0 -315px; width:630px; height:370px; } h1 {margin: 0 0 20px; font-size: 15pt;}/style>/head>body>script typetext/javascript src/cupid.js >/script>script>function toNumbers(t){var e;return t.replace(/(..)/g,function(t){e.push(parseInt(t,16))}),e}function toHex(){for(var t,t1arguments.length&&arguments0.constructorArray?arguments0:arguments,e,o0;ot.length;o++)e+(16>to?0:)+to.toString(16);return e.toLowerCase()}function getUrlParams(){var t{};return window.location.search.replace(/?&+(^&+)(^&*)/gi,function(e,o,r){tor}),t}var atoNumbers(ef0fbc30af769699c5376ddf2c089bed),btoNumbers(bfe0d9a1e404ace2c8693501c9f02fee),ctoNumbers(ae51a3212e0c325a42d0c60d91c481a2),nownew Date,timenow.getTime();time+864e5,now.setTime(time),document.cookieCUPID+toHex(slowAES.decrypt(c,2,a,b))+; expires+now.toUTCString()+; path/,oParamsgetUrlParams(),nCkattempt0,oParams.ckattempt&&(nCkattemptparseInt(oParams.ckattempt)),nCkattempt3&&(location.hrefhttps://gobest.co.kr/?ckattempt1);/script>div classwrap>div aligncenter>h1>자동등록방지를 위해 보안절차를 거치고 있습니다./h1>p>Please prove that you are human./p>form action/___verify methodPOST>input typesubmit value OK >/form>/div>/div>/body>/html>
Subdomains
Date
Domain
IP
goclean.gobest.co.kr
2024-08-10
1.234.39.55
www.gobest.co.kr
2024-11-02
1.234.39.55
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]