| | 125.60.33.42 | 200 OK | 205 B |
URL User Request GET HTTP/1.1IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash1468e14da727eb74a0b106f59233f0d2 1df686a3901add264d9f597a4d02fce00aaa25df d641626976a4ea71f3995346ff0b5b001dc64089cbee41f9ba92e792cb9d04ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 18 Apr 2024 06:12:45 GMT
Server: Apache
Location: https://125.60.33.42/
Content-Length: 205
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| | 125.60.33.42 | 200 OK | 38 kB |
URL User Request GET HTTP/1.1IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (349), with CRLF, LF line terminators Hash45739d758de0109abde2f347f4efe921 0515ed8d3f7b6219f89f11213c44a6b8d81017a8 8730c73021bbbcba3f61741d395af0dae576d7498869aacfcbbf0d3ee741b8e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:47 GMT
Server: Apache
Set-Cookie: SCOUTER=z4uahq9frssa33; Expires=Tue, 06-May-2092 09:26:54 GMT; Path=/
JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4; Path=/; Secure; HttpOnly
Content-Language: en-US
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| 125.60.33.42/resources/korea/css/common/webfonts.css?version=20240109_1 | 125.60.33.42 | 200 OK | 44 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/common/webfonts.css?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (438), with CRLF line terminators Hash1251f9fa8a1980bb551b0100266e00e1 4fd85cc2aec01e46e54bce3ac65a63a6bcdf1f11 09f62eff5da65430835ca384bd211de863c90101604b5e42ebe9514c6f3f699d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/common/webfonts.css?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:48 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "aa41-5dec806ee50f3"
Accept-Ranges: bytes
Content-Length: 43585
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 125.60.33.42/resources/korea/css/common/common.css?version=20240109_1 | 125.60.33.42 | 200 OK | 7.2 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/common/common.css?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (460), with CRLF line terminators Hashdaa6c12ee412b6a20a6b1fb6c49e2daf 82f3ee9c7e84744ccd2322a261f3d4a56276da3a f5ec6662b2a35a8ba2b56289dcaab4ad82782650039430d248ddc1e9ff3eb1d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/common/common.css?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:48 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "1c4c-5dec806ee4923"
Accept-Ranges: bytes
Content-Length: 7244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 125.60.33.42/resources/js/pages/common-handler.js | 125.60.33.42 | 200 OK | 6.3 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/pages/common-handler.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashfb9e4bf5e7bba53208b10936e610bd4b 4c78a1db8ee0908ef1827ac288cb010c291cb518 152dde7f6960b2247b01bb5e98602350ab624ccba36400e5a8daa68d7661862a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/pages/common-handler.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:28 GMT
ETag: "18aa-5006846cd1f00"
Accept-Ranges: bytes
Content-Length: 6314
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1 | 125.60.33.42 | 200 OK | 19 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (314), with CRLF line terminators Hash052074a24e036c0228e37a10a753ce6f bacb10bb7f8282d1a7e3f54ccbead5dde2849301 9c15659f61d648150d7d2f26839693639f608790d13dafdf01bb093df5f43b50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/common/kmail.css?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:48 GMT
Server: Apache
Last-Modified: Tue, 03 Jan 2023 07:51:44 GMT
ETag: "4afc-5f15756d4947f"
Accept-Ranges: bytes
Content-Length: 19196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 125.60.33.42/resources/js/common/ext/adapter/ext/ext-base.js | 125.60.33.42 | 200 OK | 36 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/common/ext/adapter/ext/ext-base.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (35688), with CRLF line terminators Hash7a1b4797331f7301bbda0d4deb9f39a2 9708f60f2a0082a308db10dbcb55a378bb12fd62 d3899c9f3835ad95b815ef8e61e4249c2bc27549f79b752efe50e04681c8f6c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/common/ext/adapter/ext/ext-base.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:48 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:30 GMT
ETag: "8c02-5006846eba380"
Accept-Ranges: bytes
Content-Length: 35842
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/js/jquery/core/jquery.bxslider.min.js | 125.60.33.42 | 200 OK | 19 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/js/jquery/core/jquery.bxslider.min.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19040) Hash697d69a48e5356f7106e38c09f7f19e0 b57160771fa597a5b56c5b12756c693e4829be07 bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/js/jquery/core/jquery.bxslider.min.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Mon, 01 Jul 2019 08:05:49 GMT
ETag: "4b9f-58c9a189c3689"
Accept-Ranges: bytes
Content-Length: 19359
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/css/common/animate.css?version=20240109_1 | 125.60.33.42 | 200 OK | 81 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/common/animate.css?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (460) Hashc48f69c5ef93e086aea739689d212267 42eb6391752258d4526a0579bc087762fa8fc6ec 7329503dec4318f28b9ebe4079434298ab758c5bafe36a75112d070cfc515b85
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/common/animate.css?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:48 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:42 GMT
ETag: "13dd0-58cad7c132f02"
Accept-Ranges: bytes
Content-Length: 81360
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 125.60.33.42/resources/korea/js/jquery/core/jquery.easing.1.3.js | 125.60.33.42 | 200 OK | 8.1 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/js/jquery/core/jquery.easing.1.3.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hashfda90b1dc57361e85475db0285695ceb 90c914dac634a23a8f6ac2bbde34f91d17b81584 73d066fdcf0ef3de55c490a4105672112f64f5df30b4029d95c96441c4a1a886
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/js/jquery/core/jquery.easing.1.3.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Mon, 01 Jul 2019 08:05:49 GMT
ETag: "1f80-58c9a189c32a1"
Accept-Ranges: bytes
Content-Length: 8064
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/css/common/webfonts.css | 125.60.33.42 | 200 OK | 44 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/common/webfonts.css IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (438), with CRLF line terminators Hash1251f9fa8a1980bb551b0100266e00e1 4fd85cc2aec01e46e54bce3ac65a63a6bcdf1f11 09f62eff5da65430835ca384bd211de863c90101604b5e42ebe9514c6f3f699d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/common/webfonts.css HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/common.css?version=20240109_1
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "aa41-5dec806ee50f3"
Accept-Ranges: bytes
Content-Length: 43585
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 125.60.33.42/resources/korea/js/kmail.js?version=20240109_1 | 125.60.33.42 | 200 OK | 9.0 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/js/kmail.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash0bdca66a108d1204c0f46a27a3201ce8 d67384a82c9e8c3638b0829b7ba501c86e79b662 8646c924ca13afef35f2abaf2f49c28cdafdbc7928db6d17b0dc4ccce368d426
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/js/kmail.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2022 03:07:32 GMT
ETag: "2341-5ebfb713f23d5"
Accept-Ranges: bytes
Content-Length: 9025
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/js/pages/login/detectmobilebrowser.js?version=20240109_1 | 125.60.33.42 | 200 OK | 2.2 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/pages/login/detectmobilebrowser.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2065) Hashac2a48bd8ac1e5592c1c5d048b5b0693 9f1938b336b77eb7fee51c77dfbc4ff20d399b00 f6072019ba53a652c426b2621fb6e94a4cbc3fba6f5c0a7106a1960156e2e83f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/pages/login/detectmobilebrowser.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Fri, 22 Jan 2021 02:14:09 GMT
ETag: "8a3-5b973be560013"
Accept-Ranges: bytes
Content-Length: 2211
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/js/pages/login/makePCookie.js?version=20240109_1 | 125.60.33.42 | 200 OK | 2.1 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/pages/login/makePCookie.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeC source, ASCII text, with CRLF line terminators Hashf8390d3b55162452f9c1a91f853262cf 18c95091f31165f2b9491db42094987a6996c538 8f0fab966d19d845243b023e29cc9ebfb549cf9a3905ea1c7b143b37e7264c6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/pages/login/makePCookie.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:28 GMT
ETag: "80e-5006846cd1f00"
Accept-Ranges: bytes
Content-Length: 2062
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/js/pages/login/login.js?version=20240109_1 | 125.60.33.42 | 200 OK | 23 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/pages/login/login.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (525), with CRLF line terminators Hash13cd99d71af5998008aaa067c9b8761c bdb31f13808e31fb1216fa462fa8cc0f9e605f2b be0eeb62164c178a1f1a9689b2b855f60797b84e6af7eb8a5272c979fbb71dec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/pages/login/login.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2023 03:02:37 GMT
ETag: "5a1e-601fc03317a6c"
Accept-Ranges: bytes
Content-Length: 23070
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/js/jquery/core/jquery-2.2.4.min.js | 125.60.33.42 | 200 OK | 86 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/js/jquery/core/jquery-2.2.4.min.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/js/jquery/core/jquery-2.2.4.min.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Mon, 01 Jul 2019 08:05:49 GMT
ETag: "14e4a-58c9a189c32a1"
Accept-Ranges: bytes
Content-Length: 85578
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/js/pages/common/commons-util.js?version=20240109_1 | 125.60.33.42 | 200 OK | 17 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/pages/common/commons-util.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash193ed46bd7b21b40953115820bc2e92e 718157b2e0691181c01c71137b75b605e25ccc12 f474ba007a4da52d7d03bd021ce70b5060b43612a6c8c3a7a8b333b82d6df12c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/pages/common/commons-util.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:28 GMT
ETag: "4309-5006846cd1f00"
Accept-Ranges: bytes
Content-Length: 17161
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/ats/astx2.min.js?version=20240109_1 | 125.60.33.42 | 200 OK | 16 kB |
URL GET HTTP/1.1125.60.33.42/resources/ats/astx2.min.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (556) Hash73372fa4994309dc406dabbc84e0e31b 58dc9e8eb3c5f2b5e69960be1ebff74fb365f521 44866c7289e912c05011bb861ff9849a78a155753f9a759c76a2b7e79c9ae9c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/ats/astx2.min.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Tue, 21 Mar 2017 09:17:46 GMT
ETag: "4045-54b3a1defe280"
Accept-Ranges: bytes
Content-Length: 16453
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/js/common/ext/ext-all-ko.js | 125.60.33.42 | 200 OK | 859 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/common/ext/ext-all-ko.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (391) Size859 kB (859102 bytes) Hasha4db3627bc4880b1ae1692389e3cb120 6bce055db3d38771f1b0bca3ae4b5c9bb7bc69ef dadb959fda086322a86123b08ef08c5228537534616a9c91b0944dc694062b8d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/common/ext/ext-all-ko.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:48 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:30 GMT
ETag: "d1bde-5006846eba380"
Accept-Ranges: bytes
Content-Length: 859102
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/ats/astx2_ml.min.js?version=20240109_1 | 125.60.33.42 | 200 OK | 58 B |
URL GET HTTP/1.1125.60.33.42/resources/ats/astx2_ml.min.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hash1182826fe92faa5e7cb364b991e0833b 3d1590351b1835892277afa888b16ead50efb64b b7148b328a0cf42de199da8476ec287ee74972e75688b9f02286936c355743fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/ats/astx2_ml.min.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Tue, 21 Mar 2017 09:17:46 GMT
ETag: "3a-54b3a1defe280"
Accept-Ranges: bytes
Content-Length: 58
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/ats/astx2_jq.min.js?version=20240109_1 | 125.60.33.42 | 200 OK | 426 B |
URL GET HTTP/1.1125.60.33.42/resources/ats/astx2_jq.min.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (402) Hashdfee739ba8aa884b4e7fffaa40799fbc ad0ee0b81be4f3eb8c6569029be9daf9a9983491 dd405607c1cf1a4cb38b189cc2237bae8b5aa15fe94211dfb1adcce8748bd115
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/ats/astx2_jq.min.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Tue, 21 Mar 2017 09:17:46 GMT
ETag: "1aa-54b3a1defe280"
Accept-Ranges: bytes
Content-Length: 426
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/js/jquery/core/jquery-ui.custom.js | 125.60.33.42 | 200 OK | 437 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/js/jquery/core/jquery-ui.custom.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (840) Size437 kB (436715 bytes) Hash788cf60e084eeb11e2275996d0087c9b 5a03f4b4c38014d7c74e07f4fc6e52b1cc5ff17e 1e2fd75a5d3d40ad6a2e9cecf772976b804c6e8a97d336e064856147094b9741
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/js/jquery/core/jquery-ui.custom.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:49 GMT
Server: Apache
Last-Modified: Mon, 01 Jul 2019 08:05:49 GMT
ETag: "6a9eb-58c9a189c2eb9"
Accept-Ranges: bytes
Content-Length: 436715
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/pluginfree/js/nppfs-1.11.0.js?version=20240109_1 | 125.60.33.42 | 200 OK | 186 kB |
URL GET HTTP/1.1125.60.33.42/resources/pluginfree/js/nppfs-1.11.0.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (59548), with CRLF line terminators Size186 kB (185871 bytes) Hashe4fd2de5789a16ffc70eec8c56bfe184 0dcc0ceca9c72d352233bed0dc9df1cecfea5da1 43ab957921f4a120d7e11d191b6e11edd1c3b7ca358d8a18d02539f2b3e817d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/pluginfree/js/nppfs-1.11.0.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 01:49:47 GMT
ETag: "2d60f-57607635b0971"
Accept-Ranges: bytes
Content-Length: 185871
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/softforum/anySign4PCInterface.js?version=20240109_1 | 125.60.33.42 | 200 OK | 173 kB |
URL GET HTTP/1.1125.60.33.42/softforum/anySign4PCInterface.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5285) Size173 kB (173410 bytes) Hash17cc6d6c5145eeee86f072f6298f2eed a7e1d7b897c34c948a34c9b57e90bd1e46535bd7 fc8a388db8702e197e8138184b4dccc19536859ac3694216f900838ac9500244
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /softforum/anySign4PCInterface.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:50 GMT
Server: Apache
Last-Modified: Tue, 09 Jan 2024 07:18:05 GMT
ETag: "2a562-60e7e1d9f7aa0"
Accept-Ranges: bytes
Content-Length: 173410
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/theme/default/images/pages/main/qr.png | 125.60.33.42 | 200 OK | 23 kB |
URL GET HTTP/1.1125.60.33.42/resources/theme/default/images/pages/main/qr.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 138 x 137, 8-bit/color RGB, interlaced Hash6be9204b41685f949404a8ead1142fbd acfbc6328c6c5bfd5c88cf14d18f9dda4a29e2cc d10268ffa28d0cfb8871081bc97d58cc086ccf04e04146196a9499423e815af2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/theme/default/images/pages/main/qr.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Wed, 23 Dec 2020 05:40:58 GMT
ETag: "5b77-5b71b22bb5854"
Accept-Ranges: bytes
Content-Length: 23415
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/202404/b4ad9eb482a8d49328a910c9bdb79ea2.png | 125.60.33.42 | 200 OK | 53 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/202404/b4ad9eb482a8d49328a910c9bdb79ea2.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash129c3af35c1717acdc3970bb32b64a54 34dc48dbb1b67b51190700820a274ed89acc50c5 f7452b5c853f2a4227ee0673b16fa84e4839e93927bd0b8d5ee4b37d208671d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/202404/b4ad9eb482a8d49328a910c9bdb79ea2.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 06:04:44 GMT
ETag: "cf2c-61658bf64e7fc"
Accept-Ranges: bytes
Content-Length: 53036
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/202404/783351a04b0caa53fdd23de4c198cc14.png | 125.60.33.42 | 200 OK | 52 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/202404/783351a04b0caa53fdd23de4c198cc14.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash2d4c6d2c7044b83d8bb2dc7f203887f1 156b4a9ea56f7649066636aef408bba24b167547 16055db250219aa9fd02f4926f54d1e4cca4ab45c839d1fd23a338e0cb5a3c8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/202404/783351a04b0caa53fdd23de4c198cc14.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 06:04:44 GMT
ETag: "cd12-61658bf650354"
Accept-Ranges: bytes
Content-Length: 52498
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/theme/default/images/pages/main/button_ok.png | 125.60.33.42 | 200 OK | 1.3 kB |
URL GET HTTP/1.1125.60.33.42/resources/theme/default/images/pages/main/button_ok.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 60 x 32, 8-bit/color RGB, non-interlaced Hash78a4f25280402b7d22ed45393617cb45 42c2ead35dd05bc4e1dd151c3be6870c0397e384 9c35ef7ad031ef10017d1d8438839d609682bc818cf22d1e9e6d9585b6d93261
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/theme/default/images/pages/main/button_ok.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Mon, 18 Dec 2017 04:14:42 GMT
ETag: "529-5609596ec1080"
Accept-Ranges: bytes
Content-Length: 1321
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/softforum/AnySign4PC/css/common.css | 125.60.33.42 | 200 OK | 41 kB |
URL GET HTTP/1.1125.60.33.42/softforum/AnySign4PC/css/common.css IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1379) Hash4a2fa9482bae9ed7f109fc9f69f2caad 34f70631d0ac2c8b13712f3e6d5272e127191e03 23717faf6fa3ca52c3912571a509ac9337c7abdc33deb2d792fa143d49849fc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /softforum/AnySign4PC/css/common.css HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Thu, 28 May 2020 00:33:06 GMT
ETag: "9f39-5a6aa78e184e2"
Accept-Ranges: bytes
Content-Length: 40761
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
|
|
| 125.60.33.42/softforum/AnySign4PC/ext/SecureProto.js | 125.60.33.42 | 200 OK | 18 kB |
URL GET HTTP/1.1125.60.33.42/softforum/AnySign4PC/ext/SecureProto.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash787505f73155d479e3520366483b0c6f bac5d31d014e68a30106d56a180c1d590861fca3 6d3bc49ecc3b695b452f122feb62d8ef983d761d0a268a7af754063a4650faf2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /softforum/AnySign4PC/ext/SecureProto.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Fri, 15 Dec 2017 08:13:47 GMT
ETag: "44b7-5605c946d44c0"
Accept-Ranges: bytes
Content-Length: 17591
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 125.60.33.42/resources/korea/202404/e325c7dfdb01064a5b3b5782e1acd9f8.png | 125.60.33.42 | 200 OK | 60 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/202404/e325c7dfdb01064a5b3b5782e1acd9f8.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 672 x 192, 8-bit/color RGBA, non-interlaced Hash36512ecfec8416f6af0c2a02bb5ddb99 e97109530fe19c1c5fb7198d358f4ad8c5ebe571 840a71318146da08d05c2aa3f0697514b8e34bec140ddc346f66c1b4d1698a53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/202404/e325c7dfdb01064a5b3b5782e1acd9f8.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 06:04:44 GMT
ETag: "eb0a-61658bf652e4c"
Accept-Ranges: bytes
Content-Length: 60170
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/11/d1ab7cd1ade025a2a3b1aee3aef2249a.png | 27.101.217.76 | 200 OK | 54 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/11/d1ab7cd1ade025a2a3b1aee3aef2249a.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hashfc371ae777fcda128bd71aefa2cdf48a f3fc6f33c62e4481c156f3758f20fc6ca6831fc6 21d609e0134aaca26e6808eafbabb9d98e00e41b4f69e0dd7d05f5c617717ede
GET /newsWeb/resources/attaches/2024.04/11/d1ab7cd1ade025a2a3b1aee3aef2249a.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: JBCS httpd
Last-Modified: Thu, 11 Apr 2024 05:53:07 GMT
ETag: "d277-615cbc4f4c3ee"
Accept-Ranges: bytes
Content-Length: 53879
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/17/750e2df4a70f4fd855038926ca5c88f4.png | 27.101.217.76 | 200 OK | 45 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/17/750e2df4a70f4fd855038926ca5c88f4.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash08823c3778cba0dd1e81ff5068e27e5c a491b100ec767217ec33cc8dc73ae06352077b38 f1b6ac8a50a6838d3e5f59b1358dc46c02091b408d6524049a7af5ae635b186b
GET /newsWeb/resources/attaches/2024.04/17/750e2df4a70f4fd855038926ca5c88f4.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: JBCS httpd
Last-Modified: Wed, 17 Apr 2024 04:09:11 GMT
ETag: "af09-61643044c7e0a"
Accept-Ranges: bytes
Content-Length: 44809
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/theme/default/images/pages/main/button_close.png | 125.60.33.42 | 200 OK | 1.2 kB |
URL GET HTTP/1.1125.60.33.42/resources/theme/default/images/pages/main/button_close.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 58 x 32, 8-bit/color RGB, non-interlaced Hashf76c71253438ca28d5fd2f89b4a8acad c860cb5a1afb15d12db1e62ecb0248bd0e9cc716 734cb3e8c74d5f9390518a20cb83c40c72eef12d177a9686e97d84ebe7a174ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/theme/default/images/pages/main/button_close.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: Apache
Last-Modified: Mon, 18 Dec 2017 04:14:42 GMT
ETag: "4cc-5609596ec1080"
Accept-Ranges: bytes
Content-Length: 1228
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/202404/1906364fc03c9c534d254138c17957e7.png | 125.60.33.42 | 200 OK | 27 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/202404/1906364fc03c9c534d254138c17957e7.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 272 x 192, 8-bit/color RGBA, non-interlaced Hashe5549196fce9ed2f0a0024c374f9997d d14bc62b12fdd22f556f3d712cbd1601ec102861 2d66fd3154f71de052f35e1b30e54e9b45ebc2c62d4504d024b436515815da50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/202404/1906364fc03c9c534d254138c17957e7.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 06:04:44 GMT
ETag: "6818-61658bf6541d4"
Accept-Ranges: bytes
Content-Length: 26648
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/202404/9ac2c083bf52e93239b5177fd4a88b7e.png | 125.60.33.42 | 200 OK | 27 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/202404/9ac2c083bf52e93239b5177fd4a88b7e.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hashc7c935e66d77dca1efa35ff9a334ddc4 94e5beed23033bc9f7fe3358cba6877880baab59 ae7952e8499558838fd5bab6addbd129119c92c6819a6bc0de96375396c694e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/202404/9ac2c083bf52e93239b5177fd4a88b7e.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 06:04:44 GMT
ETag: "6861-61658bf651ac4"
Accept-Ranges: bytes
Content-Length: 26721
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/202404/8708bbb4d03a72307e01f6e00b6360af.png | 125.60.33.42 | 200 OK | 62 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/202404/8708bbb4d03a72307e01f6e00b6360af.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 672 x 258, 8-bit/color RGBA, non-interlaced Hash79268a1a1fe4f092d55dcac632c53143 2ed4443c4992eb6e0d0024904826b33348421b2b 0f0759f410f1696c17f126c2488d280953f3763d14dd4c8f654646142a745451
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/202404/8708bbb4d03a72307e01f6e00b6360af.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 06:04:44 GMT
ETag: "f09b-61658bf64cca4"
Accept-Ranges: bytes
Content-Length: 61595
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/12/db695909a9aa5dfdc0e784b49aa87efc.png | 27.101.217.76 | 200 OK | 34 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/12/db695909a9aa5dfdc0e784b49aa87efc.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hashf880ea7eaaf9598de846e00f8270bd4c f0f055cb72f521d595d8d04a374d732cb64209de d7f64c488d07d3cbb8acde6d558cc5f3466795b705c9bb7a44a85b6b45b0e8a4
GET /newsWeb/resources/attaches/2024.04/12/db695909a9aa5dfdc0e784b49aa87efc.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: JBCS httpd
Last-Modified: Fri, 12 Apr 2024 05:19:29 GMT
ETag: "8597-615df6a86de72"
Accept-Ranges: bytes
Content-Length: 34199
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/16/c7c63e837b6f1acb6899b8197bee178f.png | 27.101.217.76 | 200 OK | 47 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/16/c7c63e837b6f1acb6899b8197bee178f.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash66c46780cee670f7c531b13efa9e2274 8032514de005399dd426a07ea6da17b515e1da14 5f47a1803e4e6ee7e034072341dc26c3b7b1ea089044d9cc1555ff0c75d63aa2
GET /newsWeb/resources/attaches/2024.04/16/c7c63e837b6f1acb6899b8197bee178f.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: JBCS httpd
Last-Modified: Tue, 16 Apr 2024 02:12:34 GMT
ETag: "b8f0-6162d456a2b41"
Accept-Ranges: bytes
Content-Length: 47344
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/softforum/AnySign4PC/ext/AnySign4PC_min.js | 125.60.33.42 | 200 OK | 273 kB |
URL GET HTTP/1.1125.60.33.42/softforum/AnySign4PC/ext/AnySign4PC_min.js IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1011) Size273 kB (272868 bytes) Hash1bc43dc6dfe235be25ecac51ff2ef4ff 33d0d2cb44e548492c4b24d3a4022d5a3f21addb 81f70d73c535bc0f367d919fc5418cf0b35ffd423856f31ac94cb500e611806c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /softforum/AnySign4PC/ext/AnySign4PC_min.js HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Fri, 15 Dec 2017 08:13:47 GMT
ETag: "429e4-5605c946d44c0"
Accept-Ranges: bytes
Content-Length: 272868
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/12/8d972bde25c6d53b5ae4c35b6c5c640a.png | 27.101.217.76 | 200 OK | 64 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/12/8d972bde25c6d53b5ae4c35b6c5c640a.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hashc0f1c0d4e9b09bcd2eb0ced8e14e91b5 9aa5e2606f2e9f79ce948567f5d71552681ad596 96808a58f8da92dbd2d41c9eb15995ba1e3469e9eab5e25237a33414aac4df47
GET /newsWeb/resources/attaches/2024.04/12/8d972bde25c6d53b5ae4c35b6c5c640a.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: JBCS httpd
Last-Modified: Fri, 12 Apr 2024 05:19:40 GMT
ETag: "fa3c-615df6b319768"
Accept-Ranges: bytes
Content-Length: 64060
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/17/ec0629584b5ee219dc686d359fd7c034.png | 27.101.217.76 | 200 OK | 58 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/17/ec0629584b5ee219dc686d359fd7c034.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hashc48421c6fe8b26e091d3552a1d3e232c 996c16417494a6de95795fd3ca95901808f3451b abbe8316d03a3b5999c40c5678e42b8062bb3e81c2ac30f6a99c78fe4ced38af
GET /newsWeb/resources/attaches/2024.04/17/ec0629584b5ee219dc686d359fd7c034.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: JBCS httpd
Last-Modified: Wed, 17 Apr 2024 04:10:06 GMT
ETag: "e07a-616430796724a"
Accept-Ranges: bytes
Content-Length: 57466
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/16/3a2a3cd293d153448c360dc9e5a60f45.png | 27.101.217.76 | 200 OK | 58 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/16/3a2a3cd293d153448c360dc9e5a60f45.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash7ad47c51b3299b14de192ca06a2825f0 de2e9f3a3e425ecfde319f196cb85960298cd306 7fa03e848017bd3b14116d13d16c3a819615ce3b9fc4262acbac85daba189031
GET /newsWeb/resources/attaches/2024.04/16/3a2a3cd293d153448c360dc9e5a60f45.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: JBCS httpd
Last-Modified: Tue, 16 Apr 2024 02:12:45 GMT
ETag: "e21c-6162d460f681f"
Accept-Ranges: bytes
Content-Length: 57884
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/17/5a764fc2ea36d1ce071e93d1b4287e09.png | 27.101.217.76 | 200 OK | 83 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/17/5a764fc2ea36d1ce071e93d1b4287e09.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash8da830c890cb46495447f12da9799a48 184d5291b21aac4d9e2ff2ae4acbc7be22ecad98 58438a9c718304652a00a9a15fd5314d107c42db3db4ec23098404a1f40344f2
GET /newsWeb/resources/attaches/2024.04/17/5a764fc2ea36d1ce071e93d1b4287e09.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:52 GMT
Server: JBCS httpd
Last-Modified: Wed, 17 Apr 2024 04:09:54 GMT
ETag: "1432a-6164306e0d7ef"
Accept-Ranges: bytes
Content-Length: 82730
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/softforum/AnySign4PC/AnySign4PC.js?version=2024418610 | 125.60.33.42 | 200 OK | 238 kB |
URL GET HTTP/1.1125.60.33.42/softforum/AnySign4PC/AnySign4PC.js?version=2024418610 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Size238 kB (237721 bytes) Hashd785fdf3634c201c6816192bf92d817d 86fea862ff851bf638690ec055a1883e22e15bbd d29b5430a669f6f44a70cf16a26b14ed9140e6e5c6af80d2dfda753b49259b18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /softforum/AnySign4PC/AnySign4PC.js?version=2024418610 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:51 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 01:53:51 GMT
ETag: "3a099-5760771ee70bf"
Accept-Ranges: bytes
Content-Length: 237721
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/16/1d6bbd8b7f31f4683335178a5224e6a9.png | 27.101.217.76 | 200 OK | 30 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/16/1d6bbd8b7f31f4683335178a5224e6a9.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash3c02a59ba2b227df61ebfb868595c341 fc4357198e0464961bd54b72fc6eea255b568aca 4e267a03102c046eaff70ff32d704bd9f60d6966dd761d1054031656331beb19
GET /newsWeb/resources/attaches/2024.04/16/1d6bbd8b7f31f4683335178a5224e6a9.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Tue, 16 Apr 2024 02:12:24 GMT
ETag: "732a-6162d44dcf3ad"
Accept-Ranges: bytes
Content-Length: 29482
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/15/23c1e849022877c8ee1fcd8fd7a6b3ad.png | 27.101.217.76 | 200 OK | 71 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/15/23c1e849022877c8ee1fcd8fd7a6b3ad.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash72f0eb85943ec683b94a08e2c285d6d2 7a08262b3208397101e0f24d28a101a170d415eb e201dba6d8e1e22a1b3dc7c199d8c633501298b93fdf6af3fcc2326eb95bde75
GET /newsWeb/resources/attaches/2024.04/15/23c1e849022877c8ee1fcd8fd7a6b3ad.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Mon, 15 Apr 2024 04:27:25 GMT
ETag: "116a5-6161b09dc2c6c"
Accept-Ranges: bytes
Content-Length: 71333
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/js/pages/login/makePCookie.js?version=20240109_1 | 125.60.33.42 | 200 OK | 2.1 kB |
URL GET HTTP/1.1125.60.33.42/resources/js/pages/login/makePCookie.js?version=20240109_1 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeC source, ASCII text, with CRLF line terminators Hashf8390d3b55162452f9c1a91f853262cf 18c95091f31165f2b9491db42094987a6996c538 8f0fab966d19d845243b023e29cc9ebfb549cf9a3905ea1c7b143b37e7264c6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/js/pages/login/makePCookie.js?version=20240109_1 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:28 GMT
ETag: "80e-5006846cd1f00"
Accept-Ranges: bytes
Content-Length: 2062
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/15/632faf8e0261d98066a53bb982901e00.png | 27.101.217.76 | 200 OK | 57 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/15/632faf8e0261d98066a53bb982901e00.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hashf20a9ac0f6e775b00d17f6fa5928b130 67a34354c59a24946aed77a6745c201ffab21ce2 3a1dbbe0725230ac20eb9aa1c931449dcb65f60506e68505b27f4282cc4ad350
GET /newsWeb/resources/attaches/2024.04/15/632faf8e0261d98066a53bb982901e00.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Mon, 15 Apr 2024 04:27:07 GMT
ETag: "dfe1-6161b08c2d8f2"
Accept-Ranges: bytes
Content-Length: 57313
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/15/e8533da38268ac9b4cef7a17fbfeb256.png | 27.101.217.76 | 200 OK | 36 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/15/e8533da38268ac9b4cef7a17fbfeb256.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash3c86f17127aea1b63afc1194ae0165f4 11a00a81a2059fd0af8cb6d1801e9aaa2dce2dc2 3971ab1f92acb6706739a7739d9aebd881ac083a35a1ce6ebcf0220da4fb2098
GET /newsWeb/resources/attaches/2024.04/15/e8533da38268ac9b4cef7a17fbfeb256.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Mon, 15 Apr 2024 04:26:54 GMT
ETag: "8d3d-6161b0808bf35"
Accept-Ranges: bytes
Content-Length: 36157
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/12/f6824a3e96f843b9f412c0fe0e96d501.png | 27.101.217.76 | 200 OK | 32 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/12/f6824a3e96f843b9f412c0fe0e96d501.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash51d30c0f97132b5adc2c9926c03838ae c688719225fc5ec4613bf5a1f582d7de14ad9317 a305a6cea401f141686a75e8de9802e76da9d05f4564c920aed603906495c080
GET /newsWeb/resources/attaches/2024.04/12/f6824a3e96f843b9f412c0fe0e96d501.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Fri, 12 Apr 2024 05:19:16 GMT
ETag: "7b7f-615df69c1a691"
Accept-Ranges: bytes
Content-Length: 31615
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/11/c50fa7744355efae7428aeb81ce954a3.png | 27.101.217.76 | 200 OK | 46 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/11/c50fa7744355efae7428aeb81ce954a3.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hash29717595ac45320031547a86b02aac10 9178c98b309a9d40bbebd567328fd01e308cec70 a893480c8578ffc05b51274111fd1abee9965c41a752d6dbf6e7e37646ec9666
GET /newsWeb/resources/attaches/2024.04/11/c50fa7744355efae7428aeb81ce954a3.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Thu, 11 Apr 2024 05:51:55 GMT
ETag: "b473-615cbc0a83dfc"
Accept-Ranges: bytes
Content-Length: 46195
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/css/images/kmail_logo.png | 125.60.33.42 | 200 OK | 2.8 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/images/kmail_logo.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 170 x 25, 8-bit/color RGBA, non-interlaced Hash732cadcd76abd6636f9a101d1d20a2af 46d4055ee9d4918551d166abdb966e48edda6e9c f5e38223ca03cda38a0f15df7316caad4cebf7c77818a6fdd4b8380c64fd097f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/images/kmail_logo.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "af6-5dec806ecaefc"
Accept-Ranges: bytes
Content-Length: 2806
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/css/images/briefing_logo.png | 125.60.33.42 | 200 OK | 2.0 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/images/briefing_logo.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 62 x 26, 8-bit/color RGBA, non-interlaced Hash036176ce4cff20b89da7fa82a0bd1206 0f56220db225c33607c72a593ecdc28ee5ce2105 98fb16388c09d6b6b4724a9d65d207d8a18b53e0a69aa96b70d07bef3faecd21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/images/briefing_logo.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "7f7-5dec806eca72c"
Accept-Ranges: bytes
Content-Length: 2039
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/css/images/ico.png | 125.60.33.42 | 200 OK | 3.9 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/images/ico.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 81 x 45, 8-bit/color RGBA, non-interlaced Hash83e2d0ffa8c92c0631dfdb33cba91d9d d59d2dc00c39b61a4e10e2ed6ed3add1af1e63ae 3d9d2113bfa1db62bd440c5d04aa52fe475a69d34ed2733aebf3e74297d8637c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/images/ico.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "f50-5dec806ecab14"
Accept-Ranges: bytes
Content-Length: 3920
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.korea.kr/newsWeb/resources/attaches/2024.04/11/8d5029facb12b867a16e757df9fa1c9b.png | 27.101.217.76 | 200 OK | 70 kB |
URL GET HTTP/1.1www.korea.kr/newsWeb/resources/attaches/2024.04/11/8d5029facb12b867a16e757df9fa1c9b.png IP27.101.217.76:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 208 x 204, 8-bit/color RGBA, non-interlaced Hasha2ff29d2a9af8f8579829b318615e8ac b847afe971b4cfd595f0a288a0369c9daacd16a6 f79f8d9dd83f1e9b2da00ac61faa18caea3a41d71ab8d5a688bbb3da9ad5bf01
GET /newsWeb/resources/attaches/2024.04/11/8d5029facb12b867a16e757df9fa1c9b.png HTTP/1.1
Host: www.korea.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: JBCS httpd
Last-Modified: Thu, 11 Apr 2024 05:52:52 GMT
ETag: "110ac-615cbc4140334"
Accept-Ranges: bytes
Content-Length: 69804
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/css/images/login_tit_bg.jpg | 125.60.33.42 | 200 OK | 15 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/images/login_tit_bg.jpg IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 410x80, components 3 Hash4fd353b5012770e19357ac2347b13053 1a6a18969377a320a1ec3811abcfd5c7f4796bc5 8a9d8f1f554e64c56b6473a95db18c0a208894d7feaec374db3529107d711972
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/images/login_tit_bg.jpg HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "3bb7-5dec806ecb2e4"
Accept-Ranges: bytes
Content-Length: 15287
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 125.60.33.42/resources/korea/css/images/box_shadow.png | 125.60.33.42 | 200 OK | 17 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/images/box_shadow.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 1020 x 203, 8-bit/color RGBA, non-interlaced Hash5499c5df1dbd5d6e4e68e95f72d7f2be 2b07b80b69bf0195ca046eca74d28cf05a1d665d 4ca62bacbd60659f4c165419aa93f014cb2e4b48ee878641ce49cd7c02b1b025
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/images/box_shadow.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/kmail.css?version=20240109_1
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "432e-5dec806eca344"
Accept-Ranges: bytes
Content-Length: 17198
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Regular.woff2 | 125.60.33.42 | 200 OK | 196 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Regular.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 195560, version 1.0 Size196 kB (195560 bytes) Hash4e2910267e88d635a5b26172ee62786a c9da3fade5b0bcb2ca0e47bc68f1be3a6e6e9a58 85ade9c84e0fc0bb6d920ea1e3c9231590200ba0a79264968c6b9a0fb527a2fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Regular.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "2fbe8-58cad7a1b63bc"
Accept-Ranges: bytes
Content-Length: 195560
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Medium.woff2 | 125.60.33.42 | 200 OK | 196 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Medium.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 196408, version 1.0 Size196 kB (196408 bytes) Hasheb76c0603e9bb040d829fe315211423b 4d4e9ff4a9a64deb53a6d559a40875e8ea7d5fb5 302cb692a03de6e625f7272e5adfe8c75d3069eba320256c9d93572d505a88b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Medium.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "2ff38-58cad7a1b34dc"
Accept-Ranges: bytes
Content-Length: 196408
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Bold.woff2 | 125.60.33.42 | 200 OK | 198 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Bold.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 198184, version 1.0 Size198 kB (198184 bytes) Hashc18403ddf95b7cb8dd61b1f2539b11dd 5ea79c5554e921f464fb7b9fd842bd1465504752 06939e852b59474a2134e644c56e8bd2bd10f2d3997ec4afb2301e8b977b61b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Bold.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "30628-58cad7a1adeec"
Accept-Ranges: bytes
Content-Length: 198184
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFBold.woff2 | 125.60.33.42 | 200 OK | 567 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFBold.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 567332, version 1.0 Size567 kB (567332 bytes) Hash87df690de8332b747ce4d0d6c2d2e0c5 0c10d77688cd3f649b7700bf8217028ca9cc552c 8c9ba6f3290acf6978f8e222ef98d5ca7626134528be327b192f95b8ab48ca7c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/GmarketSansTTFBold.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "8a824-5dec806ed6694"
Accept-Ranges: bytes
Content-Length: 567332
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/xeicon.woff2?3ka2yj | 125.60.33.42 | 200 OK | 57 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/xeicon.woff2?3ka2yj IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 57300, version 2.19661 Hash4756796d1efd55d0844cd58f32ae70a7 d8adb594260bdad2f0a50cf674c7052195720e41 b388035f0a6c34b48927d76634f08f82af556e288c47d7674335371f2deeee8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/xeicon.woff2?3ka2yj HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:54 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "dfd4-58cad7a1bc17c"
Accept-Ranges: bytes
Content-Length: 57300
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFMedium.woff2 | 125.60.33.42 | 200 OK | 486 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFMedium.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 486356, version 1.0 Size486 kB (486356 bytes) Hash07f48dbf895a939f33cb96ba774630e6 ebc0ad7a021bf30a0254cab01d0a109f60f42953 7895fc0a61e355c0c53a5333a9dd13339023280e607e620c2f8b4b962a028609
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/GmarketSansTTFMedium.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:53 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "76bd4-5dec806ee25fb"
Accept-Ranges: bytes
Content-Length: 486356
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFBold.woff2 | 125.60.33.42 | 200 OK | 567 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFBold.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 567332, version 1.0 Size567 kB (567332 bytes) Hash87df690de8332b747ce4d0d6c2d2e0c5 0c10d77688cd3f649b7700bf8217028ca9cc552c 8c9ba6f3290acf6978f8e222ef98d5ca7626134528be327b192f95b8ab48ca7c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/GmarketSansTTFBold.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:55 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "8a824-5dec806ed6694"
Accept-Ranges: bytes
Content-Length: 567332
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Light.woff2 | 125.60.33.42 | 200 OK | 190 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Light.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 189760, version 1.0 Size190 kB (189760 bytes) Hashe67b35e51331f8ea136fa956fa4b594c f783764b6c23529cca89826f82554668719c9ee2 aacccc8381dde9f0aa6379831fc972b6e7fbebb8529a7adf6fe4e90e9840fe49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Light.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:54 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "2e540-58cad7a1afa44"
Accept-Ranges: bytes
Content-Length: 189760
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Medium.woff2 | 125.60.33.42 | 200 OK | 196 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Medium.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 196408, version 1.0 Size196 kB (196408 bytes) Hasheb76c0603e9bb040d829fe315211423b 4d4e9ff4a9a64deb53a6d559a40875e8ea7d5fb5 302cb692a03de6e625f7272e5adfe8c75d3069eba320256c9d93572d505a88b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Medium.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:54 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "2ff38-58cad7a1b34dc"
Accept-Ranges: bytes
Content-Length: 196408
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Regular.woff2 | 125.60.33.42 | 200 OK | 196 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Regular.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 195560, version 1.0 Size196 kB (195560 bytes) Hash4e2910267e88d635a5b26172ee62786a c9da3fade5b0bcb2ca0e47bc68f1be3a6e6e9a58 85ade9c84e0fc0bb6d920ea1e3c9231590200ba0a79264968c6b9a0fb527a2fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Regular.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:54 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "2fbe8-58cad7a1b63bc"
Accept-Ranges: bytes
Content-Length: 195560
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Light.woff2 | 125.60.33.42 | 200 OK | 190 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Light.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 189760, version 1.0 Size190 kB (189760 bytes) Hashe67b35e51331f8ea136fa956fa4b594c f783764b6c23529cca89826f82554668719c9ee2 aacccc8381dde9f0aa6379831fc972b6e7fbebb8529a7adf6fe4e90e9840fe49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Light.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:55 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "2e540-58cad7a1afa44"
Accept-Ranges: bytes
Content-Length: 189760
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFMedium.woff2 | 125.60.33.42 | 200 OK | 486 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/GmarketSansTTFMedium.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 486356, version 1.0 Size486 kB (486356 bytes) Hash07f48dbf895a939f33cb96ba774630e6 ebc0ad7a021bf30a0254cab01d0a109f60f42953 7895fc0a61e355c0c53a5333a9dd13339023280e607e620c2f8b4b962a028609
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/GmarketSansTTFMedium.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:55 GMT
Server: Apache
Last-Modified: Thu, 12 May 2022 03:19:34 GMT
ETag: "76bd4-5dec806ee25fb"
Accept-Ranges: bytes
Content-Length: 486356
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Bold.woff2 | 125.60.33.42 | 200 OK | 198 kB |
URL GET HTTP/1.1125.60.33.42/resources/korea/css/webfonts/NotoSansKR-Bold.woff2 IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 198184, version 1.0 Size198 kB (198184 bytes) Hashc18403ddf95b7cb8dd61b1f2539b11dd 5ea79c5554e921f464fb7b9fd842bd1465504752 06939e852b59474a2134e644c56e8bd2bd10f2d3997ec4afb2301e8b977b61b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /resources/korea/css/webfonts/NotoSansKR-Bold.woff2 HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/resources/korea/css/common/webfonts.css
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:55 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 07:13:09 GMT
ETag: "30628-58cad7a1adeec"
Accept-Ranges: bytes
Content-Length: 198184
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 125.60.33.42/favicon.ico | 125.60.33.42 | 200 OK | 36 kB |
IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hashe96aab93f062bb9f25f692d96c6b3d79 3eddee28a4d4dc872404614818a0e2dbd239c621 7668eb71ac1c270df9324e5606176cfba4ee0d169429e4d153d3a72cf086bc14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:12:56 GMT
Server: Apache
Last-Modified: Fri, 29 Dec 2017 04:44:41 GMT
ETag: "8e54-561734a67c040"
Accept-Ranges: bytes
Content-Length: 36436
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| 125.60.33.42/apple-touch-icon.png | 125.60.33.42 | 404 Not Found | 2.5 kB |
URL GET HTTP/1.1125.60.33.42/apple-touch-icon.png IP125.60.33.42:443 ASN#17841 NATIONAL INFORMATION RESOURCES SERVICE
CertificateIssuerDigiCert Inc Subject*.korea.kr Fingerprint71:0F:93:87:2F:B3:DE:0B:98:94:99:F4:91:E6:79:8F:CA:A4:E9:FA ValidityMon, 24 Jul 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash97baefc170aa38c094efac4cbf54d2cd 88f0b9934a770f1627ddea04fdcb21386aeae795 9820a8fecf89324f5f92637cf5d4cc38939cc506f2d2352e79aeeca4837d4696
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png HTTP/1.1
Host: 125.60.33.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Cookie: SCOUTER=z4uahq9frssa33; JSESSIONID=1C76137682753D2966ABF1F986519EC9.tomcat4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Thu, 18 Apr 2024 06:12:56 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 05:52:04 GMT
ETag: "995-50068455ee900"
Accept-Ranges: bytes
Content-Length: 2453
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html
|
|
| 127.0.0.1:55920/ASTX2/hello?callback=jsonpCallback171342077414120 | 0.0.0.0 | | 0 B |
URL GET 127.0.0.1:55920/ASTX2/hello?callback=jsonpCallback171342077414120 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ASTX2/hello?callback=jsonpCallback171342077414120 HTTP/1.1
Host: 127.0.0.1:55920
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 127.0.0.1:55920/ASTX2/hello?callback=jsonpCallback171342077464189 | 0.0.0.0 | | 0 B |
URL GET 127.0.0.1:55920/ASTX2/hello?callback=jsonpCallback171342077464189 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ASTX2/hello?callback=jsonpCallback171342077464189 HTTP/1.1
Host: 127.0.0.1:55920
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 127.0.0.1:55922/ASTX2/hello?callback=jsonpCallback171342077564552 | 0.0.0.0 | | 0 B |
URL GET 127.0.0.1:55922/ASTX2/hello?callback=jsonpCallback171342077564552 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ASTX2/hello?callback=jsonpCallback171342077564552 HTTP/1.1
Host: 127.0.0.1:55922
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 127.0.0.1:55920/ASTX2/hello?callback=jsonpCallback171342077364054 | 0.0.0.0 | | 0 B |
URL GET 127.0.0.1:55920/ASTX2/hello?callback=jsonpCallback171342077364054 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ASTX2/hello?callback=jsonpCallback171342077364054 HTTP/1.1
Host: 127.0.0.1:55920
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 127.0.0.1:55921/ASTX2/hello?callback=jsonpCallback171342077514534 | 0.0.0.0 | | 0 B |
URL GET 127.0.0.1:55921/ASTX2/hello?callback=jsonpCallback171342077514534 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ASTX2/hello?callback=jsonpCallback171342077514534 HTTP/1.1
Host: 127.0.0.1:55921
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://125.60.33.42/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|