documentfile.bigcareersgroup.com Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u46523569.ct.sendgrid.net/ls/click?upn=u001.flTHYrfZpSGGdBP3w-2Bd47qKl5Nt9zrCIy3D5nNEz1hJU6g6I6kBtiTZuQ-2Fuex1Q1k3j1F40K-2...
Effective URL:
https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/
Submission: On September 06 via manual (September 6th 2024, 8:32:49 am UTC) from KR — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 14 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is documentfile.bigcareersgroup.com.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.

This is the only time documentfile.bigcareersgroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.60 167.89.123.60	11377 (SENDGRID) (SENDGRID)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:486... 2001:4860:4860::8888	15169 (GOOGLE) (GOOGLE)
1 3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:89a::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
14	11

1 167.89.123.60 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x60.outbound-mail.sendgrid.net

u46523569.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

documentfile.bigcareersgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4860::8888 (United States)

ASN15169 (GOOGLE, US)

dns.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

documentfile.bigcareersgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:89a::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f100.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	bigcareersgroup.com 1 redirects documentfile.bigcareersgroup.com	137 KB
2	gstatic.com t3.gstatic.com	1 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10	18 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508	30 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	24 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 4280	265 KB
1	dns.google dns.google — Cisco Umbrella Rank: 470	470 B
1	sendgrid.net 1 redirects u46523569.ct.sendgrid.net	277 B
0	lguplus.co.kr Failed www.lguplus.co.kr Failed
14	11

	Domain	Requested by
5	documentfile.bigcareersgroup.com	1 redirects documentfile.bigcareersgroup.com
2	t3.gstatic.com
2	www.google.com	2 redirects
1	stackpath.bootstrapcdn.com	documentfile.bigcareersgroup.com
1	ajax.googleapis.com	documentfile.bigcareersgroup.com
1	maxcdn.bootstrapcdn.com	documentfile.bigcareersgroup.com
1	cdnjs.cloudflare.com	documentfile.bigcareersgroup.com
1	code.jquery.com	documentfile.bigcareersgroup.com
1	res.cloudinary.com	documentfile.bigcareersgroup.com
1	dns.google	documentfile.bigcareersgroup.com
1	u46523569.ct.sendgrid.net	1 redirects
0	www.lguplus.co.kr Failed	documentfile.bigcareersgroup.com
14	12

This site contains no links.

Subject Issuer	Validity	Valid
bigcareersgroup.com WE1	`2024-07-11` - `2024-10-09`	3 months	crt.sh
dns.google WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/
Frame ID: 14E5FD4D0179C8260BC966AB9DBC24B7
Requests: 16 HTTP requests in this frame

Frame: https://www.lguplus.co.kr/
Frame ID: B05F8ACA3C371C8453608E2E1FD7B441
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Documents Portal Login - lguplus.co.kr

Page URL History Show full URLs

https://u46523569.ct.sendgrid.net/ls/click?upn=u001.flTHYrfZpSGGdBP3w-2Bd47qKl5Nt9zrCIy3D5nNEz1hJU6g6I6kBtiTZu... HTTP 302
https://documentfile.bigcareersgroup.com/message.html Page URL
https://documentfile.bigcareersgroup.com/file.jsp?account=procit@lguplus.co.kr HTTP 302
https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

79 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

493 kB
Transfer

968 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u46523569.ct.sendgrid.net/ls/click?upn=u001.flTHYrfZpSGGdBP3w-2Bd47qKl5Nt9zrCIy3D5nNEz1hJU6g6I6kBtiTZuQ-2Fuex1Q1k3j1F40K-2FXhJ4anBwmyDFD2bDPhp9Pg9Ip1O5WUgO-2BIwPudFzeH4kSbKT1QRe5-2BsQuZ0_lhM-2FEtVrzQCikgRnQ-2BpzPTW05iSA0ZrJ3WrQu9EFor1E-2Bhouo5nt-2BYlZkvFcwO8io805AgoFuuI57PtVrYucB-2FOaaRKW12wray6SUZUdCG55qDIDPTv5DNDrmyS02vLoCvgjh3ER0uFatxhyqDkSnLIo8ibQB-2BEEh4LL5fA0RXmkvHfoeLuOEQTjCsBVXE6OtC2UvD417yNZVCRtA2-2Bw7c8PlTxfl3Caak2iOBBwbM9Za456sHTJ-2FdJb63Up-2BTGKlo9AhnT5F2w6PU2-2BpySn4-2FoskpmhvzieX4PE2cxspObJv-2Bpsyt5zOoVapGWOVskglLA0aRyXtfBBIE7FkXiNrwWs1Sp-2Bx-2F4lAUGMZMMyL62IRMvXxMm-2FphUT4jfVUdZ2xL-2BJh75t6apga2LdIVaqf5IsyyIG6KFgxabW-2B9A71EQSifzScp7uksWS5HYDHZFGpyCVV-2FxXRvbzpr19IeIpV2Cl4sBl0S-2FNz6I-2BROW6Jd-2FCmvjUKSm6N8nJ5X7YqWCtnQMUP13qK-2F0pIe5d-2BQ1CSZ8SXrSRR-2BzW-2BkJOb5Okm-2B4EZKWFVBa-2FI2-2Fldefh76Y1GdkfQ-2FTICEBDn7ARYccsnGEY5pRKdzmVKYhEQRGdOfXC6XoKzLVkQukPINN3UChBD4wQCKaPvuf7vO1O2DnKRJOL9rwonSQQTWPCLWc-2BqjtwVP2k4ubdrHuV5AD5oagbvYb2syNso6WXKpYH4-2FOfqWO5zFv3jYdKbSKSGcIRHVUVSeVM4ytg4AXb8uGQV6mnKRQZD7uPMfD4Q1o8UDLisu5e6XUtnv0CzsuDu98WFI85bEDTpMhrbMWkFdzfgKI1EgbzKf1W8eM1OJHoQw95kPY3IN8NoO1qor3U5bk7bX6LF8maxOSAdtGCMVT4h-2BrCHwIIwNrc5jfZGjvWadscbQ-3D-3D HTTP 302
https://documentfile.bigcareersgroup.com/message.html Page URL
https://documentfile.bigcareersgroup.com/file.jsp?account=procit@lguplus.co.kr HTTP 302
https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u46523569.ct.sendgrid.net/ls/click?upn=u001.flTHYrfZpSGGdBP3w-2Bd47qKl5Nt9zrCIy3D5nNEz1hJU6g6I6kBtiTZuQ-2Fuex1Q1k3j1F40K-2FXhJ4anBwmyDFD2bDPhp9Pg9Ip1O5WUgO-2BIwPudFzeH4kSbKT1QRe5-2BsQuZ0_lhM-2FEtVrzQCikgRnQ-2BpzPTW05iSA0ZrJ3WrQu9EFor1E-2Bhouo5nt-2BYlZkvFcwO8io805AgoFuuI57PtVrYucB-2FOaaRKW12wray6SUZUdCG55qDIDPTv5DNDrmyS02vLoCvgjh3ER0uFatxhyqDkSnLIo8ibQB-2BEEh4LL5fA0RXmkvHfoeLuOEQTjCsBVXE6OtC2UvD417yNZVCRtA2-2Bw7c8PlTxfl3Caak2iOBBwbM9Za456sHTJ-2FdJb63Up-2BTGKlo9AhnT5F2w6PU2-2BpySn4-2FoskpmhvzieX4PE2cxspObJv-2Bpsyt5zOoVapGWOVskglLA0aRyXtfBBIE7FkXiNrwWs1Sp-2Bx-2F4lAUGMZMMyL62IRMvXxMm-2FphUT4jfVUdZ2xL-2BJh75t6apga2LdIVaqf5IsyyIG6KFgxabW-2B9A71EQSifzScp7uksWS5HYDHZFGpyCVV-2FxXRvbzpr19IeIpV2Cl4sBl0S-2FNz6I-2BROW6Jd-2FCmvjUKSm6N8nJ5X7YqWCtnQMUP13qK-2F0pIe5d-2BQ1CSZ8SXrSRR-2BzW-2BkJOb5Okm-2B4EZKWFVBa-2FI2-2Fldefh76Y1GdkfQ-2FTICEBDn7ARYccsnGEY5pRKdzmVKYhEQRGdOfXC6XoKzLVkQukPINN3UChBD4wQCKaPvuf7vO1O2DnKRJOL9rwonSQQTWPCLWc-2BqjtwVP2k4ubdrHuV5AD5oagbvYb2syNso6WXKpYH4-2FOfqWO5zFv3jYdKbSKSGcIRHVUVSeVM4ytg4AXb8uGQV6mnKRQZD7uPMfD4Q1o8UDLisu5e6XUtnv0CzsuDu98WFI85bEDTpMhrbMWkFdzfgKI1EgbzKf1W8eM1OJHoQw95kPY3IN8NoO1qor3U5bk7bX6LF8maxOSAdtGCMVT4h-2BrCHwIIwNrc5jfZGjvWadscbQ-3D-3D HTTP 302
https://documentfile.bigcareersgroup.com/message.html

Request Chain 14

https://www.google.com/s2/favicons?domain=lguplus.co.kr HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16

Request Chain 15

https://www.google.com/s2/favicons?domain=lguplus.co.kr HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16

14 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

message.html Show response
documentfile.bigcareersgroup.com/
Redirect Chain

https://u46523569.ct.sendgrid.net/ls/click?upn=u001.flTHYrfZpSGGdBP3w-2Bd47qKl5Nt9zrCIy3D5nNEz1hJU6g6I6kBtiTZuQ-2Fuex1Q1k3j1F40K-2FXhJ4anBwmyDFD2bDPhp9Pg9Ip1O5WUgO-2BIwPudFzeH4kSbKT1QRe5-2BsQuZ0_lh...
https://documentfile.bigcareersgroup.com/message.html

18 KB
6 KB

318ms
217ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://documentfile.bigcareersgroup.com/message.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2180ae863f28a3b0ddab793c16881028f1e8a0454f14b5a37c39f8d8cda51e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bed1c357dae5c3e-FRA
content-encoding: br
content-type: text/html
date: Fri, 06 Sep 2024 08:32:44 GMT
last-modified: Fri, 06 Sep 2024 05:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8iLA4o88k%2FyDZBrWkkBoKUAatAoK%2BR%2BvUXfXYy96aOPoqRnr1O6u7Sv8iPbzTrSUBYWAM%2BbqKpqdFa9oaafOC5sbtSeJXCtPYVmriOACs31N3FRS7pOF4tQaW2Hl%2F4bqtpptvj34uCrOAZ%2FEvZsXUVDsT5hIcJy17ZQQkU5wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Connection: keep-alive
Content-Length: 97
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Sep 2024 08:32:44 GMT
Location: https://documentfile.bigcareersgroup.com/message.html#procit@lguplus.co.kr
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 resolve Show response
dns.google/ 232 B
470 B 491ms
399ms Fetch
application/json 2001:4860:4860::8888
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dns.google/resolve?name=lguplus.co.kr

Requested by

Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/message.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4860::8888 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

4dea614a886eafb54af80d5404a3e95dcc3973ea1dceda36902d1e67d6e85890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://documentfile.bigcareersgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Sep 2024 08:32:45 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
expires: Fri, 06 Sep 2024 08:32:45 GMT

GET
H2 200 favicon.ico
documentfile.bigcareersgroup.com/ 21 KB
8 KB 59ms
58ms Other
image/x-icon 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://documentfile.bigcareersgroup.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08

Request headers

Referer: https://documentfile.bigcareersgroup.com/message.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 21:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1202
etag: W/"21630-1722633898000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6xVyiUSr2LA2sMcGE0wFMbVMoieAGtpIBPmdp9c8MbfNhikZQPdAhU2uciaIjPjmfYxBtFPk9AK%2FXtBgpK3aLA5W%2BsH5lrwdLXqsVFoHd1luR6J%2F7PMdtA7rrpGUcJ2syg2%2FDRqFd45U4yagnaVQX8jwoT4duQmVF8G9eHxkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8bed1c376f5e5c3e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request 10582.0.jsp Show response
documentfile.bigcareersgroup.com/
Redirect Chain

https://documentfile.bigcareersgroup.com/file.jsp?account=procit@lguplus.co.kr
https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/

339 KB
122 KB

260ms
260ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/
Requested by: Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/message.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014b9520d8c2c1c1483a484ff2c90470a87193b0c93f201cc2ba3e67a8ffce36

Request headers

Referer: https://documentfile.bigcareersgroup.com/message.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bed1c3be827372e-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 06 Sep 2024 08:32:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CufXNI88j1XWJD4emO5%2FRCMBdXuruGUTUwsnoIl2H7k0PT6d4%2F7EgFkV0HlxNIlrXCmfdp1N9V9dEZgQr5IviUWgfUmwt%2Bz0EFAOENwl9Ke9Bg7d5nyTBMcsIbIff3yJmfmfpoW3K6c70FfFVMtwctoggw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bed1c3a7eb3372e-FRA
content-type: text/html;charset=UTF-8
date: Fri, 06 Sep 2024 08:32:45 GMT
location: 10582.0.jsp?&file:///C:/Users/Home/Downloads/#procit@lguplus.co.kr
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8A1YnWz2vAkqC%2FFeKe2DYSMxxIhxzPaglLgKPqKePspautKGGHpo5jHglSRca57pK9GGsYNgDDnyyrrLWxrzoed9F1KRxPyNWzaz1Xo5%2BLygc0On2DBt1YGkjW9DPEBZWoXiJ28CaMeL3eY2lYf1lXKojg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 404 favicons
documentfile.bigcareersgroup.com/images/ 781 B
781 B 136ms
135ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documentfile.bigcareersgroup.com/images/favicons
Requested by: Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d431e8906d7fc723c7e14b942c1a6d3b93057cca49d5dc2a37329ff115d203d7

Request headers

Referer: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5w9MQg7hxtagX4dp6njonIMomGabq4yyrU9y1nzrZlIG6uYNsUBGy2bhZaexy2cGBIrdzbxOiJZ23LYbAjbnS01N29XhJ95iDkb7noFg7INqDBhf80Eriu1n7jESbwD3DtgPVGoPdgejJR0Zzc%2B25Ad%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
content-language: de
cf-ray: 8bed1c3fcd19372e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Statement_m78dzz.png
res.cloudinary.com/dpxani0fz/image/upload/v1720361382/ 264 KB
265 KB 203ms
46ms Image
image/png 2a02:26f0:3500:89a::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dpxani0fz/image/upload/v1720361382/Statement_m78dzz.png

Requested by

Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:89a::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

1e4d9f5629e7c5cb2bab44ca4c774028d9d05a619231f940e20fc263fecdf4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://documentfile.bigcareersgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sun, 07 Jul 2024 14:09:43 GMT
server: Cloudinary
etag: "ca8074805a1fcbc170ffeaaf90d09b8a"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-akam;dur=6;start=2024-09-06T08:32:46.202Z;desc=hit,rtt;dur=38,content-info;desc="width=2868,height=1664,bytes=270383,o=1,ef=(17)"
accept-ranges: bytes
timing-allow-origin: *
content-length: 270383
x-request-id: 3d498114518960e34ae9e8778402342d

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 55 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 396ms
48ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://documentfile.bigcareersgroup.com/
Origin: https://documentfile.bigcareersgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1461254
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 23856
x-served-by: cache-lga21984-LGA, cache-mxp6922-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1725611566.484294,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44450, 412

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 95ms
50ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://documentfile.bigcareersgroup.com/
Origin: https://documentfile.bigcareersgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1207605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4whFkFzzDVpC96v2AEqgCyh31VjU6neFw68ad7sdWsFiuzTUPuczne3mBMJ24gl2H3Mimu0uvFWcKSwwPvoq%2Bv%2Fq%2Fs2wZh3aZf09oOr48EgpreowDImERyGdDAJgjpnSr4ULWCJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bed1c409e69905b-FRA
expires: Wed, 27 Aug 2025 08:32:46 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 105ms
60ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://documentfile.bigcareersgroup.com/
Origin: https://documentfile.bigcareersgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4209
cdn-cachedat: 03/18/2024 12:46:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8913263a553dfac89c1d16fe4fc76668
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8bed1c40ac3930d2-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://documentfile.bigcareersgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 12:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Sep 2025 12:27:26 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
16 KB 103ms
56ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: documentfile.bigcareersgroup.com
URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://documentfile.bigcareersgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 963492
cdn-cachedat: 08/04/2024 20:14:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d111e32d511363007c6323c1993605f3
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8bed1c40ac3f35fa-FRA
cdn-requestpullsuccess: True

GET /
www.lguplus.co.kr/ Frame B05F 0
0

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=lguplus.co.kr
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16

602 B
1 KB

147ms
50ms

Image
image/png

2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16

Protocol

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6277f9e511ee848ac5322e1e1dc9c836026cde8c0232e33c3a9c1db4c7bf8a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://documentfile.bigcareersgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.lguplus.com/static/pc-static/favicon_16_lgu.ico
expires: Fri, 13 Sep 2024 08:32:46 GMT

Redirect headers

date: Fri, 06 Sep 2024 08:32:46 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
expires: Fri, 06 Sep 2024 09:02:46 GMT

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=lguplus.co.kr
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16

602 B
0

0ms
0ms

Other
image/png

2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16

Protocol

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6277f9e511ee848ac5322e1e1dc9c836026cde8c0232e33c3a9c1db4c7bf8a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://documentfile.bigcareersgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:32:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.lguplus.com/static/pc-static/favicon_16_lgu.ico
expires: Fri, 13 Sep 2024 08:32:46 GMT

Redirect headers

date: Fri, 06 Sep 2024 08:32:46 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lguplus.co.kr&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
expires: Fri, 06 Sep 2024 09:02:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.lguplus.co.kr
URL: https://www.lguplus.co.kr/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			documentfile.bigcareersgroup.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: DC12D82E99E82FD4D79B3C1395C6A1E5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://documentfile.bigcareersgroup.com/images/favicons Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://documentfile.bigcareersgroup.com/10582.0.jsp?&file:///C:/Users/Home/Downloads/#procit@lguplus.co.kr Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
dns.google
documentfile.bigcareersgroup.com
maxcdn.bootstrapcdn.com
res.cloudinary.com
stackpath.bootstrapcdn.com
t3.gstatic.com
u46523569.ct.sendgrid.net
www.google.com
www.lguplus.co.kr
www.lguplus.co.kr
104.17.24.14
104.18.10.207
104.18.11.207
167.89.123.60
172.217.23.100
188.114.97.3
2001:4860:4860::8888
2a00:1450:4001:81d::200a
2a00:1450:4001:830::2004
2a02:26f0:3500:89a::523
2a04:4e42:600::649
2a06:98c1:3120::3
014b9520d8c2c1c1483a484ff2c90470a87193b0c93f201cc2ba3e67a8ffce36
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1e4d9f5629e7c5cb2bab44ca4c774028d9d05a619231f940e20fc263fecdf4d8
2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2
4dea614a886eafb54af80d5404a3e95dcc3973ea1dceda36902d1e67d6e85890
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b
64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b6277f9e511ee848ac5322e1e1dc9c836026cde8c0232e33c3a9c1db4c7bf8a7
d2180ae863f28a3b0ddab793c16881028f1e8a0454f14b5a37c39f8d8cda51e6
d431e8906d7fc723c7e14b942c1a6d3b93057cca49d5dc2a37329ff115d203d7
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

documentfile.bigcareersgroup.com Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

50 %IPv6

11 Domains

12 Subdomains

11 IPs

4 Countries

493 kBTransfer

968 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

documentfile.bigcareersgroup.com Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

493 kB
Transfer

968 kB
Size

1
Cookies

14 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!