Report - junfac.com/shop/images/.x/anexo-comprovante01569.scr

Report Overview

Visited public
2025-02-18 11:50:31
Tags
URL
junfac.com/shop/images/.x/anexo-comprovante01569.scr
Finishing URL
junfac.com/shop/images/.x/anexo-comprovante01569.scr
IP / ASN
210.114.23.245
#4766 Korea Telecom
Title
카페24

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
junfac.com	unknown	2005-01-26	2014-07-08	2023-12-15	1.4 kB	6.2 kB	210.114.23.245
img.echosting.cafe24.com	114779	1999-05-21	2017-01-29	2025-02-14	453 B	19 kB	23.36.76.170
m-img.cafe24.com	unknown	1999-05-21	2012-12-06	2025-02-11	464 B	3.3 kB	114.207.244.220

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-02-18 11:50:03	low	Client IP	210.114.23.245	ET HUNTING HTTP request for resource ending in .scr

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

URL IP Response Size

junfac.com/shop/images/.x/anexo-comprovante01569.scr

210.114.23.245

301 Moved Permanently

166 B

URL User Request GET HTTP/2
junfac.com/shop/images/.x/anexo-comprovante01569.scr
IP
210.114.23.245:443
ASN
#4766 Korea Telecom

Certificate
IssuerLet's Encrypt
Subjectjunfac.com
Fingerprint20:73:C9:3F:49:5B:43:AE:08:35:8E:A1:2C:EC:DE:40:51:EC:5A:33
ValiditySun, 02 Feb 2025 15:30:24 GMT - Sat, 03 May 2025 15:30:23 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /shop/images/.x/anexo-comprovante01569.scr HTTP/1.1
Host: junfac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Tue, 18 Feb 2025 11:50:03 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://junfac.com/shop/images/.x/anexo-comprovante01569.scr

junfac.com/shop/images/.x/anexo-comprovante01569.scr

210.114.23.245

404 Not Found

1.9 kB

URL User Request GET HTTP/2
junfac.com/shop/images/.x/anexo-comprovante01569.scr
IP
210.114.23.245:443
ASN
#4766 Korea Telecom

Certificate
IssuerLet's Encrypt
Subjectjunfac.com
Fingerprint20:73:C9:3F:49:5B:43:AE:08:35:8E:A1:2C:EC:DE:40:51:EC:5A:33
ValiditySun, 02 Feb 2025 15:30:24 GMT - Sat, 03 May 2025 15:30:23 GMT

File type
gzip compressed data, from Unix
Size
1.9 kB (1909 bytes)
Hash
67b21541b399d6bf28de3681a8e73a4d
08c67c8757a70f6f35cf9815b650db4e8fd7a9db
aed29f5e90ae546e4e646ec5f3fc8d5d9fe3faeae1a9c57cf413330413ba82f3

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /shop/images/.x/anexo-comprovante01569.scr HTTP/1.1
Host: junfac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 18 Feb 2025 11:50:04 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
x-hurl: /shop/images/.x/anexo-comprovante01569.scrgmade7view_pcNOwebpagent_pc
x-cache: MISS
x-hits: 0
x-anigif: webp
X-Firefox-Spdy: h2

img.echosting.cafe24.com/ec/image_admin/img_404.png

23.36.76.170

200 OK

18 kB

URL GET HTTP/2
img.echosting.cafe24.com/ec/image_admin/img_404.png
IP
23.36.76.170:443
ASN
#20940 Akamai International B.V.

Requested by
https://junfac.com/shop/images/.x/anexo-comprovante01569.scr
Certificate
IssuerLet's Encrypt
Subjectakamai.poxo.com
Fingerprint36:05:25:6E:02:87:75:A3:70:74:BA:E5:6F:8B:3E:72:86:60:3A:F7
ValiditySun, 05 Jan 2025 23:50:50 GMT - Sat, 05 Apr 2025 23:50:49 GMT

File type
PNG image data, 222 x 128, 8-bit/color RGBA, non-interlaced
Size
18 kB (18197 bytes)
Hash
cec54ac4d5190c0ce3abf1de29a7954c
8093517c692edb6812b1d4ca5f52610b4330ae20
272d0a7b675405073cbee1bfaef46693ab261f6994a334c477dfe9a3303ebeef

HTTP Headers

GET /ec/image_admin/img_404.png HTTP/1.1
Host: img.echosting.cafe24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://junfac.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "cec54ac4d5190c0ce3abf1de29a7954c:1702501292.709408"
last-modified: Wed, 13 Dec 2023 04:12:55 GMT
server: AkamaiNetStorage
content-length: 18197
date: Tue, 18 Feb 2025 11:50:04 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control: max-age=604800
X-Firefox-Spdy: h2

m-img.cafe24.com/images/template/ec/logo_cafe24_global_new.svg

114.207.244.220

200 OK

3.0 kB

URL GET HTTP/1.1
m-img.cafe24.com/images/template/ec/logo_cafe24_global_new.svg
IP
114.207.244.220:443
ASN
#9318 SK Broadband Co Ltd

Requested by
https://junfac.com/shop/images/.x/anexo-comprovante01569.scr
Certificate
IssuerSectigo Limited
Subject*.cafe24.com
Fingerprint62:64:6C:5B:2A:A2:C0:B0:BF:DE:46:6E:93:AE:A0:77:90:BB:2A:5F
ValidityMon, 26 Aug 2024 00:00:00 GMT - Fri, 05 Sep 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.0 kB (2997 bytes)
Hash
18bb5fb8f97d4be63b542a27902e5bbd
b5232e37fcd02ae6c9cd472c44ab5891675b4d69
8e21b45272b43a730648ef32dbc33246ccdb7d0c691fb8d8015a6841ec6661cc

HTTP Headers

GET /images/template/ec/logo_cafe24_global_new.svg HTTP/1.1
Host: m-img.cafe24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://junfac.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.9.6
Date: Tue, 18 Feb 2025 11:50:06 GMT
Content-Type: image/svg+xml
Content-Length: 2997
Connection: keep-alive
Last-Modified: Tue, 19 Dec 2023 07:14:42 GMT
ETag: "658142e2-bb5"
Expires: Tue, 25 Feb 2025 11:50:06 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

junfac.com/favicon.ico

210.114.23.245

404 Not Found

3.4 kB

URL GET HTTP/2
junfac.com/favicon.ico
IP
210.114.23.245:443
ASN
#4766 Korea Telecom

Requested by
https://junfac.com/shop/images/.x/anexo-comprovante01569.scr
Certificate
IssuerLet's Encrypt
Subjectjunfac.com
Fingerprint20:73:C9:3F:49:5B:43:AE:08:35:8E:A1:2C:EC:DE:40:51:EC:5A:33
ValiditySun, 02 Feb 2025 15:30:24 GMT - Sat, 03 May 2025 15:30:23 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3401), with no line terminators
Size
3.4 kB (3415 bytes)
Hash
58864153e2c458e91692ccce14735b5f
ed01a9652cdc005363789a070032f3f77cf52425
62c7e9f9a1f29b5f1bb5355210e080d93a7eea04118b77db22cd1d47ab45a3e4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: junfac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://junfac.com/shop/images/.x/anexo-comprovante01569.scr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: openresty
date: Tue, 18 Feb 2025 11:50:04 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"6683e36e-d57"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (5)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers