urlscan.io logo urlscan.io
SecurityTrails logo

www905.panda8911.co.kr Open in urlscan Pro
119.205.233.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://me2.do/GcjJBQai
Effective URL: http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd...
Submission: On July 31 via manual from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 119.205.233.91, located in Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is www905.panda8911.co.kr.
This is the only time www905.panda8911.co.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 125.209.210.90 23576 (NHN-AS-KR...)
2 119.205.233.91 4766 (KIXS-AS-K...)
1 2.18.233.157 16625 (AKAMAI-AS)
3 2
Apex Domain
Subdomains		 Transfer
2 panda8911.co.kr
www905.panda8911.co.kr
4 KB
1 pstatic.net
ssl.pstatic.net
27 KB
1 me2.do
me2.do
413 B
3 3
Domain Requested by
2 www905.panda8911.co.kr www905.panda8911.co.kr
1 ssl.pstatic.net www905.panda8911.co.kr
1 me2.do 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
ssl.pstatic.net
GeoTrust RSA CA 2018		 2021-04-01 -
2022-04-05		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
Frame ID: 446EA0F0CC5843B24BE05A5DFF3496F0
Requests: 2 HTTP requests in this frame

Frame: http://www905.panda8911.co.kr/PostList.naver?blogId=eventbom&widgetTypeCall=true&categoryNo=60&directAccess=true
Frame ID: BF12895DCDBC6F51319657871612267B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://me2.do/GcjJBQai HTTP 307
    http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

30 kB
Transfer

99 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://me2.do/GcjJBQai HTTP 307
    http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www905.panda8911.co.kr/
Redirect Chain
  • https://me2.do/GcjJBQai
  • http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
Protocol
HTTP/1.1
Server
119.205.233.91 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
376298730c9680d85b9a6db99a944c5b8463409aa0533e093ce23753a27f7edc

Request headers

Host
www905.panda8911.co.kr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.12.1
Date
Sat, 31 Jul 2021 16:06:56 GMT
Content-Type
text/html;
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
P3P
CP='NOI DSP COR IVAa OUR BUS IND UNI COM NAV INT'
Set-Cookie
PHPSESSID=u3h693sr0c41o9015g7fpvbeh0; expires=Sat, 31-Jul-2021 18:06:56 GMT; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache

Redirect headers

Date
Sat, 31 Jul 2021 16:06:55 GMT
Server
Apache
Pragma
No-cache
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Location
http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
Content-Length
0
Referrer-Policy
unsafe-url
Connection
close
Content-Type
text/html;charset=UTF-8
Frameset-584146299_https.js
ssl.pstatic.net/t.static.blog/mylog/versioning/ 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.pstatic.net/t.static.blog/mylog/versioning/Frameset-584146299_https.js
Requested by
Host: www905.panda8911.co.kr
URL: http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.233.157 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-157.deploy.static.akamaitechnologies.com
Software
Testa/5.1.1 /
Resource Hash
8f181795a59282016e351652c63d105ac13d395c2922b616cd568e459d4dd3fd

Request headers

Referer
http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 16:06:58 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 01:11:09 GMT
server
Testa/5.1.1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=26993675
content-length
27179
expires
Thu, 09 Jun 2022 02:21:33 GMT
PostList.naver
www905.panda8911.co.kr/ Frame BF12 		571 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www905.panda8911.co.kr/PostList.naver?blogId=eventbom&widgetTypeCall=true&categoryNo=60&directAccess=true
Requested by
Host: www905.panda8911.co.kr
URL: http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
Protocol
HTTP/1.1
Server
119.205.233.91 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
f1fcb9aeff61cc7415661e9927cea51664771fe031d4f52ef124ee55d64ad297

Request headers

Host
www905.panda8911.co.kr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
PHPSESSID=u3h693sr0c41o9015g7fpvbeh0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www905.panda8911.co.kr/?module=QgsEl9UpDuPu4qy6LpmwLF7&pull=esZWqu7&while=D9SvvqB2R9&todo=jFCSazj&pac=2dc910dd97f38dedd6dbe7cfe54b434b

Response headers

Server
nginx/1.12.1
Date
Sat, 31 Jul 2021 16:06:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Vary
Accept-Encoding
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| IS_IE boolean| IS_FF boolean| IS_OP boolean| IS_SF boolean| IS_CH object| separate string| topLevelDomain string| secondLevelDomain undefined| FramesetTitleController undefined| FramesetUrlController undefined| FramesetMusicController object| nhn object| jindo string| prop function| $Jindo function| $ function| $Class function| cssquery function| $$ function| $Agent function| $A function| $Ajax function| $H function| $Json function| $Cookie function| $Element function| $Fn function| $Event function| $ElementList function| $S function| $Document function| $Form function| $Template function| $Date function| $Window object| jsMVC string| photoContent string| postContent string| videoId string| thumbnail string| inKey string| movieFileSize string| playTime string| screenSize string| blogId string| blogURL string| eventCnt object| g_ShareObject undefined| oFramesetTitleController undefined| oFramesetUrlController undefined| oFramesetMusicController undefined| sTitle undefined| topFrameAlert undefined| topFrameConfirm

1 Cookies

Domain/Path Name / Value
www905.panda8911.co.kr/ Name: PHPSESSID
Value: u3h693sr0c41o9015g7fpvbeh0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

me2.do
ssl.pstatic.net
www905.panda8911.co.kr
119.205.233.91
125.209.210.90
2.18.233.157
376298730c9680d85b9a6db99a944c5b8463409aa0533e093ce23753a27f7edc
8f181795a59282016e351652c63d105ac13d395c2922b616cd568e459d4dd3fd
f1fcb9aeff61cc7415661e9927cea51664771fe031d4f52ef124ee55d64ad297