urlscan.io logo urlscan.io
SecurityTrails logo

ecsr.site Open in urlscan Pro
121.254.178.232  Public Scan

Go To Rescan Add Verdict Report
URL: http://ecsr.site/
Submission: On August 05 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 121.254.178.232, located in Korea, Republic Of and belongs to LGDACOM LG DACOM Corporation, KR. The main domain is ecsr.site.
This is the only time ecsr.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 121.254.178.232 3786 (LGDACOM L...)
1 2.21.37.13 20940 (AKAMAI-ASN1)
2 2
Apex Domain
Subdomains		 Transfer
1 naver.com
blog.naver.com
1 ecsr.site
ecsr.site
928 B
2 2
Domain Requested by
1 blog.naver.com ecsr.site
1 ecsr.site
2 2

This site contains no links.

Subject Issuer Validity Valid
ssl.pstatic.net
GeoTrust RSA CA 2018		 2020-07-28 -
2021-06-01		 10 months crt.sh

This page contains 2 frames:

Primary Page: http://ecsr.site/
Frame ID: 7BD7FCCDB8B4672B66B1DF6E9D8E06D6
Requests: 1 HTTP requests in this frame

Frame: https://blog.naver.com/wkrkg
Frame ID: 023BC82CC0AEEA8D617ECBB9D564E94B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ecsr.site/ 		661 B
928 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ecsr.site/
Protocol
HTTP/1.1
Server
121.254.178.232 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
Apache/2.4.28 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.9
Resource Hash
0864c2e593dcd5f37d632e6e795851f72f466912fab809eaa0a734263b442f2b

Request headers

Host
ecsr.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 05 Aug 2020 00:47:32 GMT
Server
Apache/2.4.28 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/5.6.9
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set wkrkg
blog.naver.com/ Frame 023B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.naver.com/wkrkg
Requested by
Host: ecsr.site
URL: http://ecsr.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.37.13 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-13.deploy.static.akamaitechnologies.com
Software
nxfps /
Resource Hash

Request headers

Host
blog.naver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
frame
Referer
http://ecsr.site/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ecsr.site/

Response headers

Content-Type
text/html;charset=UTF-8
Cache-Control
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, content-type
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH
Content-Encoding
gzip
Server
nxfps
Referrer-policy
unsafe-url
Content-Length
1159
Date
Wed, 05 Aug 2020 00:47:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
JSESSIONID=60770C06551801DC21EA6A312C3336A7.jvm1; Path=/; HttpOnly

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
blog.naver.com/ Name: JSESSIONID
Value: 0376F5DDEB0F1285A55B9AD60825FE98.jvm1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.naver.com
ecsr.site
121.254.178.232
2.21.37.13
0864c2e593dcd5f37d632e6e795851f72f466912fab809eaa0a734263b442f2b