script.theprimead.co.kr
Open in
urlscan Pro
117.52.89.137
Public Scan
Effective URL: http://script.theprimead.co.kr/passback_url_5.php?mCode=557&pb_url=http%3A%2F%2Fclick.dotmap.co.kr%2F%3Fpf_code%3D1003331009531...
Submission: On December 15 via api from IT — Scanned from IT
Summary
This is the only time script.theprimead.co.kr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.124.228.27 13.124.228.27 | 16509 (AMAZON-02) (AMAZON-02) | |
1 4 | 117.52.89.137 117.52.89.137 | 3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation) | |
1 | 2a00:1450:400... 2a00:1450:400d:80c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 184.51.8.54 184.51.8.54 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 103.105.156.218 103.105.156.218 | 9639 (WIDERPLAN...) (WIDERPLANET-AS-KR Wider Planet) | |
1 | 103.105.156.200 103.105.156.200 | 9639 (WIDERPLAN...) (WIDERPLANET-AS-KR Wider Planet) | |
8 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-124-228-27.ap-northeast-2.compute.amazonaws.com
post-blog.com |
ASN3786 (LGDACOM LG DACOM Corporation, KR)
script.theprimead.co.kr |
ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-54.deploy.static.akamaitechnologies.com
cdn-aitg.widerplanet.com |
ASN9639 (WIDERPLANET-AS-KR Wider Planet, KR)
astg.widerplanet.com |
ASN9639 (WIDERPLANET-AS-KR Wider Planet, KR)
adtg.widerplanet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
theprimead.co.kr
1 redirects
script.theprimead.co.kr |
10 KB |
3 |
widerplanet.com
cdn-aitg.widerplanet.com — Cisco Umbrella Rank: 30126 astg.widerplanet.com — Cisco Umbrella Rank: 28984 adtg.widerplanet.com — Cisco Umbrella Rank: 160119 |
7 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304 |
34 KB |
1 |
post-blog.com
1 redirects
post-blog.com |
418 B |
0 |
hearina.com
Failed
blackhole.hearina.com Failed |
|
8 | 5 |
Domain | Requested by | |
---|---|---|
4 | script.theprimead.co.kr |
1 redirects
script.theprimead.co.kr
ajax.googleapis.com |
1 | adtg.widerplanet.com |
ajax.googleapis.com
|
1 | astg.widerplanet.com |
cdn-aitg.widerplanet.com
|
1 | cdn-aitg.widerplanet.com |
script.theprimead.co.kr
|
1 | ajax.googleapis.com |
script.theprimead.co.kr
|
1 | post-blog.com | 1 redirects |
0 | blackhole.hearina.com Failed |
ajax.googleapis.com
|
8 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.widerplanet.com Go Daddy Secure Certificate Authority - G2 |
2022-08-07 - 2023-09-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://script.theprimead.co.kr/passback_url_5.php?mCode=557&pb_url=http%3A%2F%2Fclick.dotmap.co.kr%2F%3Fpf_code%3D100333100953100696
Frame ID: 00594BEDD9F8E09C3B1C8D3AD70E0C34
Requests: 7 HTTP requests in this frame
Frame:
https://astg.widerplanet.com/delivery/storage
Frame ID: 0019C501652FDDB593657B77416C8883
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
DocumentPage URL History Show full URLs
-
http://post-blog.com/
HTTP 302
http://script.theprimead.co.kr/getSiteMatch_script_mobile.php?jsoncallback=aaa&_NMNP_=557&pb_url=http://cli... HTTP 302
http://script.theprimead.co.kr/passback_url_5.php?mCode=557&pb_url=http%3A%2F%2Fclick.dotmap.co.kr%2F%3Fpf_... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://post-blog.com/
HTTP 302
http://script.theprimead.co.kr/getSiteMatch_script_mobile.php?jsoncallback=aaa&_NMNP_=557&pb_url=http://click.dotmap.co.kr/?pf_code=100333100953100696 HTTP 302
http://script.theprimead.co.kr/passback_url_5.php?mCode=557&pb_url=http%3A%2F%2Fclick.dotmap.co.kr%2F%3Fpf_code%3D100333100953100696 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
passback_url_5.php
script.theprimead.co.kr/ Redirect Chain
|
995 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adr.js
cdn-aitg.widerplanet.com/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
primeBridge1.js
script.theprimead.co.kr/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage
astg.widerplanet.com/delivery/ Frame 0019 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adw.php
adtg.widerplanet.com/delivery/ |
2 B 947 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getSiteMatch_script_mobile2.php
script.theprimead.co.kr/ |
301 B 610 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
blackhole.hearina.com/returnattack/gid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- blackhole.hearina.com
- URL
- http://blackhole.hearina.com/returnattack/gid/?midx=557&rnd=687103
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| WiderPlanetAdRenderer object| initPrimeAd function| _pppClose boolean| isSetPrimeAd string| w_passback string| w_category string| w_page_location object| WiderPlanetAdRendererVar5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
script.theprimead.co.kr/ | Name: 1:3b1_0 Value: 1:3b1_0_to_10:8077 |
|
.widerplanet.com/ | Name: OAID_S Value: s1671134091.1829 |
|
.widerplanet.com/ | Name: OAID Value: 30d35e61ae634fce5f8c712c3c6662c3 |
|
.widerplanet.com/ | Name: OAIDT Value: S |
|
.widerplanet.com/ | Name: TGSID Value: rmy7bf#539335ecb6b7bd1961f9c99617ebc1cc |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adtg.widerplanet.com
ajax.googleapis.com
astg.widerplanet.com
blackhole.hearina.com
cdn-aitg.widerplanet.com
post-blog.com
script.theprimead.co.kr
blackhole.hearina.com
103.105.156.200
103.105.156.218
117.52.89.137
13.124.228.27
184.51.8.54
2a00:1450:400d:80c::200a
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
14399216476779658f2a9b10b052751f378f3837cb4394487b98923907f778ee
57e4c08a645e474a5cc2d46a6bf94127ff65595024b7b595d44828216fb2cbd3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
90db70e496ef140375f9fabdf16ef7e78b59707d9e41d181c2687583a31a52f7
acbe643af24e24d11be2578ff8f9f1d442bd5ffd92093ac21f27c22f6e41b4ea
e270f53080812a5da2b2e937ce48dbc794f3442b872f1f2003e3bdd2d2d901dc