urlscan.io logo urlscan.io
SecurityTrails logo

www.ozmailer.com Open in urlscan Pro
222.122.20.36  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.ozmailer.com/oele/ut.php?U=1rdzh4_7r4os_mx9m7q
Submission: On June 29 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 222.122.20.36, located in Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is www.ozmailer.com.
This is the only time www.ozmailer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete download 2 MB
Size: 2 MB (1836847 bytes, 25% done)
Downloaded from: https://etc.genstarmate.com/upload/downLoad/[AYK]%20%EC%9D%B8%EC%B2%9C%20%EB%A3%A8%EC%9B%90%EC%8B%9C%ED%8B%B0%20%EC%95%A8%EB%A6%AC%EC%8A%A4%EB%B9%8C%20IM_0515.pdf

Domain & IP information

IP Address AS Autonomous System
1 222.122.20.36 4766 (KIXS-AS-K...)
1 115.88.161.145 3786 (LGDACOM L...)
2 2
Apex Domain
Subdomains		 Transfer
1 genstarmate.com
etc.genstarmate.com
1 ozmailer.com
www.ozmailer.com
1 KB
2 2
Domain Requested by
1 etc.genstarmate.com www.ozmailer.com
1 www.ozmailer.com
2 2

This site contains no links.

Subject Issuer Validity Valid
*.genstarmate.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-19 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Frame: https://etc.genstarmate.com/upload/downLoad/[AYK]%20%EC%9D%B8%EC%B2%9C%20%EB%A3%A8%EC%9B%90%EC%8B%9C%ED%8B%B0%20%EC%95%A8%EB%A6%AC%EC%8A%A4%EB%B9%8C%20IM_0515.pdf
Frame ID: 821A30C168E8A94F5B90715CC20132C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

.

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ut.php
www.ozmailer.com/oele/ 		862 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ozmailer.com/oele/ut.php?U=1rdzh4_7r4os_mx9m7q
Protocol
HTTP/1.1
Server
222.122.20.36 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
www.ozmailer.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 / PHP/5.6.13
Resource Hash
b44f4d069522d37b2813a624cfc48421fbfb2963b8606a962db156e332907cd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
862
Content-Type
text/html
Date
Thu, 29 Jun 2023 04:42:43 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
X-Powered-By
PHP/5.6.13
[AYK]%20%EC%9D%B8%EC%B2%9C%20%EB%A3%A8%EC%9B%90%EC%8B%9C%ED%8B%B0%20%EC%95%A8%EB%A6%AC%EC%8A%A4%EB%B9%8C%20IM_0515.pdf
etc.genstarmate.com/upload/downLoad/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://etc.genstarmate.com/upload/downLoad/[AYK]%20%EC%9D%B8%EC%B2%9C%20%EB%A3%A8%EC%9B%90%EC%8B%9C%ED%8B%B0%20%EC%95%A8%EB%A6%AC%EC%8A%A4%EB%B9%8C%20IM_0515.pdf
Requested by
Host: www.ozmailer.com
URL: http://www.ozmailer.com/oele/ut.php?U=1rdzh4_7r4os_mx9m7q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
115.88.161.145 Pyeongtaek-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
mail.mpre.co.kr
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer
http://www.ozmailer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
1836847
Content-Type
application/pdf
Date
Thu, 29 Jun 2023 04:42:46 GMT
ETag
"6c3a36f01daad91:0"
Last-Modified
Thu, 29 Jun 2023 00:09:14 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| target_url string| error_msg

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

etc.genstarmate.com
www.ozmailer.com
115.88.161.145
222.122.20.36
b44f4d069522d37b2813a624cfc48421fbfb2963b8606a962db156e332907cd9