urlscan.io logo urlscan.io
SecurityTrails logo

shadowblind.net Open in urlscan Pro
115.71.254.4  Public Scan

Go To Rescan Add Verdict Report
URL: http://shadowblind.net/
Submission: On November 21 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 115.71.254.4, located in Korea, Republic Of and belongs to GNJ-AS-KR DAOU TECHNOLOGY, KR. The main domain is shadowblind.net.
This is the only time shadowblind.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 115.71.254.4 45996 (GNJ-AS-KR...)
1 2 2.18.233.157 16625 (AKAMAI-AS)
3 2
Apex Domain
Subdomains		 Transfer
2 naver.com
cafe.naver.com
352 B
2 shadowblind.net
shadowblind.net
1 KB
3 2
Domain Requested by
2 cafe.naver.com 1 redirects shadowblind.net
2 shadowblind.net shadowblind.net
3 2

This site contains no links.

Subject Issuer Validity Valid
ssl.pstatic.net
GeoTrust RSA CA 2018		 2018-07-06 -
2019-03-21		 8 months crt.sh

This page contains 3 frames:

Primary Page: http://shadowblind.net/
Frame ID: 1928CB0C99B242E03A86263E4E2B6561
Requests: 1 HTTP requests in this frame

Frame: https://cafe.naver.com/shadowrollsystem
Frame ID: 7FE9C654D53F213AE8393A683028E7F7
Requests: 1 HTTP requests in this frame

Frame: http://shadowblind.net/blank.html
Frame ID: 994A1BA54473DC9D6BEFB10D7D8B45EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cafe.naver.com/shadowrollsystem HTTP 301
  • https://cafe.naver.com/shadowrollsystem

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shadowblind.net/ 		675 B
874 B 		Document
General
Check archive.org
Download Go to
Full URL
http://shadowblind.net/
Protocol
HTTP/1.1
Server
115.71.254.4 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
kisa /
Resource Hash
82f534a5044d3e20781083dc090ee215d875a36452cf69b726b9e7339ac3bad4

Request headers

Host
shadowblind.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
kisa
Date
Wed, 21 Nov 2018 06:04:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cookie set shadowrollsystem
cafe.naver.com/ Frame 7FE9
Redirect Chain
  • http://cafe.naver.com/shadowrollsystem
  • https://cafe.naver.com/shadowrollsystem
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cafe.naver.com/shadowrollsystem
Requested by
Host: shadowblind.net
URL: http://shadowblind.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.233.157 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-157.deploy.static.akamaitechnologies.com
Software
nfront /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Host
cafe.naver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://shadowblind.net/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shadowblind.net/

Response headers

Cache-Control
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-XSS-Protection
1; mode=block
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html;charset=MS949
Referrer-Policy
unsafe-url
Server
nfront
Content-Length
27927
Date
Wed, 21 Nov 2018 06:04:46 GMT
Connection
keep-alive
Set-Cookie
nci4=""; Domain=.cafe.naver.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ nci4=9da84a66713d53e2bb55120508e382f2570ee80f4710f133c50b31f64749a44ba27274a9f555d0e19701011331c218a5496131705fe4932008ace1758d9906f0d1da314d4c4b33a9bca4d8de9edb9426594d54261a12141e390d2023262d040c2b0f202d3e653e35322a61151c3b1e50636d654e695a15606f567142647a7550774806747b587f703e4a4560487a34424d695061525d54705768252424232324ded6aba68ea99ad4d0bcd2d5cfa0cdcdcac9a6c7c5c5c6f9; Domain=.cafe.naver.com; Path=/ ncvid=#vid#_185.158.119.236MV8h; Domain=.cafe.naver.com; Expires=Mon, 09-Dec-2086 09:18:53 GMT; Path=/ ncvid=#vid#_185.158.119.236sVlc; Domain=.cafe.naver.com; Expires=Mon, 09-Dec-2086 09:18:53 GMT; Path=/ ncvid=#vid#_185.158.119.236zA4R; Domain=.cafe.naver.com; Expires=Mon, 09-Dec-2086 09:18:53 GMT; Path=/ JSESSIONID=A7C69C84906B21729217365846723A0E; Path=/; HttpOnly

Redirect headers

Location
https://cafe.naver.com/shadowrollsystem
Content-Length
0
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Vary
User-Agent
Content-Type
text/plain; charset=EUC-KR
Server
nfront
Date
Wed, 21 Nov 2018 06:04:46 GMT
Connection
keep-alive
blank.html
shadowblind.net/ Frame 994A 		14 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
http://shadowblind.net/blank.html
Requested by
Host: shadowblind.net
URL: http://shadowblind.net/
Protocol
HTTP/1.1
Server
115.71.254.4 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
kisa /
Resource Hash
b0693dc92f76e08bf1485b3dd9b514a2e31dfd6f39422a6b60edb722671dc98f

Request headers

Host
shadowblind.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://shadowblind.net/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shadowblind.net/

Response headers

Server
kisa
Date
Wed, 21 Nov 2018 06:04:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.naver.com/ Name: npic
Value: YwG2xw3o6ScRC4plbmXsEM6FmQA2Hcmu/vGWMOSd9quwi4NjNnSWx4bWbPpaxV5gCA==
.naver.com/ Name: NNB
Value: KN22RET76X2FW
cafe.naver.com/ Name: JSESSIONID
Value: 22F53AF31A549CFBE076DE7F1448507E

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cafe.naver.com
shadowblind.net
115.71.254.4
2.18.233.157
82f534a5044d3e20781083dc090ee215d875a36452cf69b726b9e7339ac3bad4
b0693dc92f76e08bf1485b3dd9b514a2e31dfd6f39422a6b60edb722671dc98f