member.naverdigital.com
Open in
urlscan Pro
188.114.96.3
Malicious Activity!
Public Scan
Effective URL: https://member.naverdigital.com/user2/help/myinfo/confirm.php
Submission: On May 01 via manual from KR — Scanned from NL
Summary
TLS certificate: Issued by E1 on March 14th 2024. Valid for: 3 months.
This is the only time member.naverdigital.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Naver (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 125.209.226.239 125.209.226.239 | 23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.) | |
1 | 203.104.162.225 203.104.162.225 | 23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.) | |
16 | 3 |
ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)
static.nid.naver.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
naverdigital.com
member.naverdigital.com |
155 KB |
4 |
naver.com
static.nid.naver.com — Cisco Umbrella Rank: 40520 lcs.naver.com — Cisco Umbrella Rank: 30699 |
9 KB |
16 | 2 |
Domain | Requested by | |
---|---|---|
12 | member.naverdigital.com |
member.naverdigital.com
|
3 | static.nid.naver.com |
member.naverdigital.com
|
1 | lcs.naver.com | |
16 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
nid.naver.com |
www.naver.com |
policy.naver.com |
help.naver.com |
www.navercorp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
naverdigital.com E1 |
2024-03-14 - 2024-06-12 |
3 months | crt.sh |
*.nid.naver.com Sectigo RSA Organization Validation Secure Server CA |
2023-12-12 - 2025-01-11 |
a year | crt.sh |
*.naver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2024-02-27 - 2025-03-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://member.naverdigital.com/user2/help/myinfo/confirm.php
Frame ID: B34D0136D0CD4D3E2CF4343A0BBC56F7
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://member.naverdigital.com/user2/help/myinfo/confirm.php
HTTP 307
https://member.naverdigital.com/user2/help/myinfo/confirm.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: 주메뉴로 바로가기
Search URL Search Domain Scan URL
Title: 본문으로 바로가기
Search URL Search Domain Scan URL
Title: NAVER
Search URL Search Domain Scan URL
Title: 내정보
Search URL Search Domain Scan URL
Title: 보안설정
Search URL Search Domain Scan URL
Title: 개인정보처리방침
Search URL Search Domain Scan URL
Title: 책임의 한계와 법적 고지
Search URL Search Domain Scan URL
Title: 회원정보 고객센터
Search URL Search Domain Scan URL
Title: NAVER
Search URL Search Domain Scan URL
Title: NAVER Corp.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://member.naverdigital.com/user2/help/myinfo/confirm.php
HTTP 307
https://member.naverdigital.com/user2/help/myinfo/confirm.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
confirm.php
member.naverdigital.com/user2/help/myinfo/ Redirect Chain
|
47 KB 48 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
help_member.css
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
226 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clickcr.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lcs_nclicks.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
44 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
commonUtil.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lua.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rsaAll.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
passwdAjax.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clickcrD.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.resize.js
member.naverdigital.com/user2/help/myinfo/pwconfirm/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_u_skip.png
static.nid.naver.com/images/web/user/ |
967 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pc_sp_txt_shape.png
static.nid.naver.com/images/ui/myinfo/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ci_naver.png
static.nid.naver.com/images/web/user/ |
560 B 735 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
member.naverdigital.com/ |
310 B 683 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
lcs.naver.com/ |
43 B 499 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Naver (Online)177 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery number| nclkMaxDepth string| ccsrv string| nclkModule string| nsc string| g_pid string| g_sid object| nclkImg function| clickcr function| nclks function| nclks_clsnm function| nclks_chk function| nclks_if function| nclks_select function| nclk function| nclk_proxy function| nclk_v2 function| lcs_do function| lcs_do_gdid function| lcs_get_lpid function| lcs_update_lpid string| lcs_version function| isValid_corp_no function| isValid_bizr_no function| isValid_uniq_no function| isValid_socno function| isValid_fgnno function| isValid_id function| isValid_passwd function| isValid_passwd_ajax function| isValid_email function| isValid_email_myinfo function| isValid_pswdEmail function| isValid_email_local function| isValid_email2 function| isValid_name function| isValid_ForeignName function| isValid_Passport function| isXP function| isXPSP2 function| isIE7 function| isIE8 function| isIE function| isHangul function| checkSpace function| winOpenAtCenter function| winOpenAtCenter2 function| window_resize function| resizePopup function| resizeToBodySize function| setCookie function| getCookie boolean| next_go object| cur_val function| moveNext boolean| nextGo object| curVal function| moveNextNoCheckNum function| num_only function| trim function| containsCharsOnly function| isNumeric object| db string| agent boolean| busy function| check_num function| check_num_ajax function| check_num_ajax2 function| toggleObject function| toggleSingleObj function| toggleObjectForPopUp function| displayObj function| hiddenObj function| checkUninterruptNumber function| checkSameNumber number| lua_cnt object| lua_bi object| lua_sDate string| ERROR_NO_VALUE string| ERROR_NOT_ENOUGH_LENGTH string| ERROR_AUTH_REQUIRED string| ERROR_AGREE_REQUIRED string| ERROR_ID_REQUIRED string| ERROR_PSWD1_REQUIRED string| ERROR_PSWD2_REQUIRED string| ERROR_NAME_REQUIRED string| ERROR_NAME_FORMAT string| ERROR_DATE_FORMAT string| INFO_CHECK_POINT_10 string| INFO_CHECK_POINT_20 string| INFO_CHECK_POINT_30 string| INFO_CHECK_POINT_40 string| INFO_CHECK_POINT_50 string| INFO_CHECK_POINT_60 string| INFO_CHECK_POINT_70 string| INFO_CHECK_POINT_80 string| INFO_CHECK_POINT_90 string| INFO_CHECK_POINT_SU string| INFO_CHECK_POINT_SUBMIT string| INFO_CHECK_POINT_RETRY string| ERROR_NO_VALUE_SEX string| ERROR_NO_VALUE_NAME string| ERROR_NO_VALUE_YEAR string| ERROR_NO_VALUE_MONTH string| ERROR_NO_VALUE_DAY string| ERROR_NO_VALUE_DATE string| ERROR_NO_VALUE_PHONENO string| ERROR_NO_VALUE_EMAIL string| ERROR_NO_VALUE_AUTHNO string| ERROR_NO_VALUE_AGREE1 string| ERROR_NO_VALUE_CAPTCHA string| ERROR_FORMAT_ID string| ERROR_FORMAT_PSWD1 string| ERROR_FORMAT_PSWD2 string| ERROR_FORMAT_NAME string| ERROR_FORMAT_YEAR string| ERROR_FORMAT_MONTH string| ERROR_FORMAT_DAY string| ERROR_FORMAT_DATE string| ERROR_FORMAT_PHONENO string| ERROR_FORMAT_EMAIL string| ERROR_FORMAT_AUTHNO string| ERROR_JOIN_SUBMIT string| SUCCESS_JOIN_SUBMIT function| lua_do function| lua_do2 function| lua_setValues function| lua_getBrowser function| lua_getOS function| lua_getlanguage function| lua_getCookieEnabled function| lua_getTime function| lua_getAgent object| gnb_option function| gnbClose function| setContainerHeight function| clearDocs string| url_login string| url_nologin boolean| isshift boolean| isCapslock number| pswdlevel number| focuswhere boolean| pwdstat function| getXmlHttp function| getAjaxResult function| checkpwd_login function| checkpwd_nologin function| sendLevel function| showhelpmsg function| capslock function| showCapslock function| checkShiftUp function| checkShiftDown function| checkShiftDownNoMsg function| show function| hide function| mainSubmit function| createRsaKey function| getLenChar function| reset function| convertDiv function| hideCapsLock object| ncd string| tagList string| menu function| showMenu function| addResizeListener function| removeResizeListener string| ua number| cur_container_height number| min_container_height number| header_height number| footer_height function| changeContentSize string| lcs_SerName1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.naver.com/ | Name: NNB Value: FKIHQD2LAUZGM |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lcs.naver.com
member.naverdigital.com
static.nid.naver.com
125.209.226.239
188.114.96.3
203.104.162.225
161ddce728615bd31a9c34fbb1cd047a4fe165e30cb86f826d1c856a956016ca
326563f7904e43af49eaaf79934acf49b692fb66d10db05e18df823a8703aa82
33a33cf3674727913f5b78b7e001145895dd002259271854d8df3a40472ff78b
383b038cf3099d6eec1303bbb4dbe77dfda1a426e5d41d92802a0be3356cd332
5471874de9c87186047cdebcea17471d74229c2c31608773a0e591a8ea75d61b
58730f842267e35a5526afd726a1268e98accd4cce470ddb8865768cd15bb42b
6003564f429abedfebb834b923045bc9de62861e232abd089cae66f6fe177359
67bef5d26af42c5a7842ecd98bf3df205cf8de0270802b34a2380de4eb517d46
745a905aa4ad8b4bb8930d502005122f5816ef65d221b0956ba2c0fab5350790
9e87a105b59e75e4e448c6007b53ba7bbad7d2cb840cdbdeb0e272a023631540
a4ce065bd4de565480b20a8cb948ec9723ff2bc859ab313566914533d09c8a51
ced53a2293c0ff81be6e80a74a8d6abec661936048828637b6653097781b6e1f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f7ca655e8f8cb5dd0aa2efd0444c2b47c84cbf85397d32194ff4e445588087f2
fd38ea5606027922a3202e65a2656f9f9b237062cd3d36a154f557b9462dea7a