302 Found 138 B URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer Verdict Alert OpenPhish phishing Naver
GET / HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Sep 2023 00:09:17 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
location: https://nid.navedoc.com/user2/api/route.nhn?m=routeMyInfo
content-disposition: filename=""
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Content-Length: 138
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
nid.navedoc.com/user2/api/route.nhn?m=routeMyInfo
302 Found 0 B URL User Request GET HTTP/1.1 nid.navedoc.com/user2/api/route.nhn?m=routeMyInfo
IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user2/api/route.nhn?m=routeMyInfo HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Sep 2023 00:09:18 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
location: https://nid.navedoc.com/user2/api/route?m=routePcMyInfo
content-disposition: filename="route.nhn"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
proxy-stream: true
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
nid.navedoc.com/user2/api/route?m=routePcMyInfo
302 Found 0 B URL User Request GET HTTP/1.1 nid.navedoc.com/user2/api/route?m=routePcMyInfo
IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Naver
GET /user2/api/route?m=routePcMyInfo HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Sep 2023 00:09:19 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
location: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
content-disposition: filename="route"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
proxy-stream: true
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
302 Found 138 B URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer Verdict Alert OpenPhish phishing Naver
GET / HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Sep 2023 00:09:19 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
location: https://nid.navedoc.com/user2/api/route.nhn?m=routeMyInfo
content-disposition: filename=""
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Content-Length: 138
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
200 OK 13 kB URL User Request GET HTTP/1.1 nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (488)
Hash 42bb9840ebca0ca1e18bcde600ba48a5
fa403b700a8c6d647f79d7b64d98c94a8801b820
496574e26ec429afcb45e2fa857b374b62fe22239b881ce6acf50a12a32858a0
Analyzer Verdict Alert OpenPhish phishing Naver
GET /nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:20 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
content-disposition: filename="nidlogin.login"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=utf-8
nid.navedoc.com/user2/api/route.nhn?m=routeMyInfo
302 Found 0 B URL User Request GET HTTP/1.1 nid.navedoc.com/user2/api/route.nhn?m=routeMyInfo
IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user2/api/route.nhn?m=routeMyInfo HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Sep 2023 00:09:20 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
location: https://nid.navedoc.com/user2/api/route?m=routePcMyInfo
content-disposition: filename="route.nhn"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
proxy-stream: true
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
nid.navedoc.com/login/css/global/desktop/w_20220216.css?20210812
200 OK 27 kB URL GET HTTP/1.1 nid.navedoc.com/login/css/global/desktop/w_20220216.css?20210812
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type ASCII text, with very long lines (27268), with no line terminators
Hash 989cd6da83bce8fc028712e3dea87a44
6b2c58b13a735e1a4d9f811e18d0cdd61f68edda
de1f6ef9f776adff8398700d0253745557df93c37972e8be399b11f31f408256
Analyzer Verdict Alert OpenPhish phishing Naver
GET /login/css/global/desktop/w_20220216.css?20210812 HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:21 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
accept-ranges: bytes
content-disposition: filename="w_20220216.css"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
ssl.pstatic.net/static/nid/login/m_sp_00_common_978240a6.png
200 OK 22 kB URL GET HTTP/2 ssl.pstatic.net/static/nid/login/m_sp_00_common_978240a6.png
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerDigiCert Inc
Subjectssl.pstatic.net
Fingerprint63:03:70:E5:FC:51:B9:6A:19:E3:32:6E:3D:E5:C2:2C:85:7D:AA:D5
ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT
File type PNG image data, 488 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash 978240a64630afc18684d2b835a27ae2
d4605e0721901ac73e8b9e92526c06d715e964f9
3be89f766c6a9ac418ec1c6f33dc7a24607a6e067c0731e77b8cc01fb3355bc7
GET /static/nid/login/m_sp_00_common_978240a6.png HTTP/1.1
Host: ssl.pstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 28 Oct 2021 05:48:39 GMT
server: Testa/6.1.1
accept-ranges: bytes
content-length: 21505
referrer-policy: unsafe-url
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=489779
expires: Tue, 03 Oct 2023 16:12:21 GMT
date: Thu, 28 Sep 2023 00:09:22 GMT
X-Firefox-Spdy: h2
ssl.pstatic.net/static/nid/login/m_sp_01_login_008d5216.png
200 OK 85 kB URL GET HTTP/2 ssl.pstatic.net/static/nid/login/m_sp_01_login_008d5216.png
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerDigiCert Inc
Subjectssl.pstatic.net
Fingerprint63:03:70:E5:FC:51:B9:6A:19:E3:32:6E:3D:E5:C2:2C:85:7D:AA:D5
ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT
File type PNG image data, 532 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash 008d521652f80f71b294b846c4cc8e5e
c46c493d564ad2c3cc8120b5d7cebe11398aa220
1bf14b8b72b6a63f58405cf21a1954a75b85b00c85fec19bc784d33f6c8e4a64
GET /static/nid/login/m_sp_01_login_008d5216.png HTTP/1.1
Host: ssl.pstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 12:15:27 GMT
server: Testa/6.1.1
accept-ranges: bytes
content-length: 85176
referrer-policy: unsafe-url
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=486012
expires: Tue, 03 Oct 2023 15:09:34 GMT
date: Thu, 28 Sep 2023 00:09:22 GMT
X-Firefox-Spdy: h2
nid.navedoc.com/login/js/v2/default/common_202105.js?v=20230217
200 OK 93 kB URL GET HTTP/1.1 nid.navedoc.com/login/js/v2/default/common_202105.js?v=20230217
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type Unicode text, UTF-8 (with BOM) text
Hash bd6ee60c7b888e356f5b59e6dd161d18
d4f61e175582f194ec5c00e21197be0f647207dd
ba099126428a0a55cb2940e2ae197231e4ef834f14ceb5fb07888c650f7b8192
Analyzer Verdict Alert OpenPhish phishing Naver
GET /login/js/v2/default/common_202105.js?v=20230217 HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:21 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
access-control-allow-origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
nid.navedoc.com/login/js/v2/default/default_202105.js?v=20230217
200 OK 3.4 kB URL GET HTTP/1.1 nid.navedoc.com/login/js/v2/default/default_202105.js?v=20230217
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
Hash d453ef5f1c196bd158ec06d60f686d99
fdf17524644f473e4b0666c800f424198f513091
8a0c3a54689cb1261706e14962fab257fc3f38f5985a29de0a9afdbedbe03a24
GET /login/js/v2/default/default_202105.js?v=20230217 HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:21 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
accept-ranges: bytes
content-disposition: filename="default_202105.js"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Content-Length: 3412
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
nid.navedoc.com/user2/api/route?m=routePcMyInfo
302 Found 0 B URL User Request GET HTTP/1.1 nid.navedoc.com/user2/api/route?m=routePcMyInfo
IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Naver
GET /user2/api/route?m=routePcMyInfo HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Sep 2023 00:09:21 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
location: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
content-disposition: filename="route"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
proxy-stream: true
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
200 OK 13 kB URL User Request GET HTTP/1.1 nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
IP
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (488)
Hash b3da8b1d64ce72e2be8cdc58b44e5af1
60dac4b0a3a2a091f49296138d133399ec1ab1b4
45eb65e8e77991c01b03046aca732218b265773d14892dab5b9748a5b2630040
Analyzer Verdict Alert OpenPhish phishing Naver
GET /nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:23 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
content-disposition: filename="nidlogin.login"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=utf-8
nid.navedoc.com/login/js/bvsd.1.3.9.min.js
200 OK 105 kB URL GET HTTP/1.1 nid.navedoc.com/login/js/bvsd.1.3.9.min.js
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type Unicode text, UTF-8 text, with very long lines (40264)
Size 105 kB (105160 bytes)
Hash 5de70814c13d8992dba73a43b3844625
c003b9be1d2e28304c723661184cc7a2fbb367bb
61cfee03557b710df54d0d93d9e15a24ca77d89e62b0e774432ff55f213255cf
Analyzer Verdict Alert OpenPhish phishing Naver
GET /login/js/bvsd.1.3.9.min.js HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:21 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
accept-ranges: bytes
content-disposition: filename="bvsd.1.3.9.min.js"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
nid.navedoc.com/dynamicKey/QN2lsqRoHeclIeuSe7albm3BStG5Z7hDIXCRqmWLwAXu2oBFKluk1K1nENqZK09oyuyNZ9p5laB7atExyOmY2CGLbbdyMXXa6WhQ1ZAqd38
200 OK 306 B URL GET HTTP/1.1 nid.navedoc.com/dynamicKey/QN2lsqRoHeclIeuSe7albm3BStG5Z7hDIXCRqmWLwAXu2oBFKluk1K1nENqZK09oyuyNZ9p5laB7atExyOmY2CGLbbdyMXXa6WhQ1ZAqd38
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type ASCII text, with very long lines (306), with no line terminators
Hash be145d2f92a6d0a7629eef9a685b5794
c39ec096a956b3d22eb2d6be61049be0044f9d4f
52bee4c767a459a977d5af74f53ac6ef816e5089cb84f3303f672c075f958bae
Analyzer Verdict Alert OpenPhish phishing Naver
GET /dynamicKey/QN2lsqRoHeclIeuSe7albm3BStG5Z7hDIXCRqmWLwAXu2oBFKluk1K1nENqZK09oyuyNZ9p5laB7atExyOmY2CGLbbdyMXXa6WhQ1ZAqd38 HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Cookie: nid_slevel=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:24 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
content-disposition: filename="QN2lsqRoHeclIeuSe7albm3BStG5Z7hDIXCRqmWLwAXu2oBFKluk1K1nENqZK09oyuyNZ9p5laB7atExyOmY2CGLbbdyMXXa6WhQ1ZAqd38"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
Content-Length: 306
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html;charset=iso-8859-1
nid.navedoc.com/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 nid.navedoc.com/favicon.ico
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7267e1b55aca265d4a1151599cf2e2f0
bc7b38fb61771715e80e27b10751ff5de2a3f254
77c9fb5e5407becab9407ebb738967f3195a78a080b8a11dc369d76220c9a685
Analyzer Verdict Alert OpenPhish phishing Naver
GET /favicon.ico HTTP/1.1
Host: nid.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Cookie: nid_slevel=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:24 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
accept-ranges: bytes
content-disposition: filename="favicon.ico"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
proxy-stream: true
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/x-icon
lcs.navedoc.com/m?u=https%3A%2F%2Fnid.navedoc.com%2Fnidlogin.login%3Fmode%3Dform%26url%3Dhttps%253A%252F%252Fnid.naver.com%252Fuser2%252Fapi%252Froute%253Fm%253DroutePcMyInfo&e=&os=Linux%20x86_64&ln=en-US&sr=1280x1024&pr=1&bw=1280&bh=1024&c=24&j=N&k=Y&i=&ct=&navigationStart=1695859756713&fetchStart=1695859760296&domainLookupStart=1695859760296&domainLookupEnd=1695859760296&connectStart=1695859760296&connectEnd=1695859760296&secureConnectionStart=1695859760296&requestStart=1695859760298&responseStart=1695859761182&responseEnd=1695859761183&domLoading=1695859761484&domInteractive=1695859764342&domContentLoadedEventStart=1695859764344&domContentLoadedEventEnd=1695859764349&domComplete=1695859764351&loadEventStart=1695859764351&loadEventEnd=1695859764352&first-contentful-paint=6066&pid=687f9da8b3f5a2eb09bc25d345c7d786&ts=1695859764466&EOU
200 OK 43 B URL GET HTTP/1.1 lcs.navedoc.com/m?u=https%3A%2F%2Fnid.navedoc.com%2Fnidlogin.login%3Fmode%3Dform%26url%3Dhttps%253A%252F%252Fnid.naver.com%252Fuser2%252Fapi%252Froute%253Fm%253DroutePcMyInfo&e=&os=Linux%20x86_64&ln=en-US&sr=1280x1024&pr=1&bw=1280&bh=1024&c=24&j=N&k=Y&i=&ct=&navigationStart=1695859756713&fetchStart=1695859760296&domainLookupStart=1695859760296&domainLookupEnd=1695859760296&connectStart=1695859760296&connectEnd=1695859760296&secureConnectionStart=1695859760296&requestStart=1695859760298&responseStart=1695859761182&responseEnd=1695859761183&domLoading=1695859761484&domInteractive=1695859764342&domContentLoadedEventStart=1695859764344&domContentLoadedEventEnd=1695859764349&domComplete=1695859764351&loadEventStart=1695859764351&loadEventEnd=1695859764352&first-contentful-paint=6066&pid=687f9da8b3f5a2eb09bc25d345c7d786&ts=1695859764466&EOU
IP
Requested by https://nid.navedoc.com/nidlogin.login?mode=form&url=https%3A%2F%2Fnid.naver.com%2Fuser2%2Fapi%2Froute%3Fm%3DroutePcMyInfo
Certificate IssuerLet's Encrypt
Subjectnavedoc.com
FingerprintE5:77:95:8D:93:FC:DB:3B:26:6A:50:5E:B1:7B:CA:AA:56:68:6F:3E
ValidityTue, 26 Sep 2023 10:39:44 GMT - Mon, 25 Dec 2023 10:39:43 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?u=https%3A%2F%2Fnid.navedoc.com%2Fnidlogin.login%3Fmode%3Dform%26url%3Dhttps%253A%252F%252Fnid.naver.com%252Fuser2%252Fapi%252Froute%253Fm%253DroutePcMyInfo&e=&os=Linux%20x86_64&ln=en-US&sr=1280x1024&pr=1&bw=1280&bh=1024&c=24&j=N&k=Y&i=&ct=&navigationStart=1695859756713&fetchStart=1695859760296&domainLookupStart=1695859760296&domainLookupEnd=1695859760296&connectStart=1695859760296&connectEnd=1695859760296&secureConnectionStart=1695859760296&requestStart=1695859760298&responseStart=1695859761182&responseEnd=1695859761183&domLoading=1695859761484&domInteractive=1695859764342&domContentLoadedEventStart=1695859764344&domContentLoadedEventEnd=1695859764349&domComplete=1695859764351&loadEventStart=1695859764351&loadEventEnd=1695859764352&first-contentful-paint=6066&pid=687f9da8b3f5a2eb09bc25d345c7d786&ts=1695859764466&EOU HTTP/1.1
Host: lcs.navedoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nid.navedoc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 00:09:24 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.6
content-disposition: filename="m"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: NNB=CLA6LDZVYQKGK; path=/; domain=.navedoc.com; Secure;
access-control-allow-origin: *
proxy-stream: true
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/gif
15.204.49.218
23.38.200.186