URL: http://2wincube.net/
Submission: On May 28 via api from TH — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 118.67.131.217, located in Korea, Republic Of and belongs to NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG. The main domain is 2wincube.net.
This is the only time 2wincube.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 118.67.131.217 135354 (NBPAP-AS-...)
1 1 27.96.134.25 135354 (NBPAP-AS-...)
10 220.230.126.70 23576 (NHN-AS-KR...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.0.145 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
19 9
Apex Domain
Subdomains
Transfer
10 whois.co.kr
domain.whois.co.kr
97 KB
4 criteo.com
cas.criteo.com — Cisco Umbrella Rank: 17286
gum.criteo.com — Cisco Umbrella Rank: 358
mug.criteo.com — Cisco Umbrella Rank: 2958
9 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
1 MB
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 286
17 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 578
39 KB
1 whoisdomain.kr
whoisdomain.kr — Cisco Umbrella Rank: 586964
257 B
1 2wincube.net
2wincube.net
727 B
0 googlesyndication.com Failed
pagead2.googlesyndication.com Failed
19 8
Domain Requested by
10 domain.whois.co.kr 2wincube.net
domain.whois.co.kr
2 gum.criteo.com 1 redirects static.criteo.net
2 cdn.jsdelivr.net domain.whois.co.kr
1 mug.criteo.com domain.whois.co.kr
1 cas.criteo.com static.criteo.net
1 ssl.google-analytics.com domain.whois.co.kr
1 static.criteo.net domain.whois.co.kr
1 whoisdomain.kr 1 redirects
1 2wincube.net
0 pagead2.googlesyndication.com Failed 2wincube.net
19 10

This site contains no links.

Subject Issuer Validity Valid
yesnic.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-05 -
2023-01-05
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-13
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-07
3 months crt.sh

This page contains 4 frames:

Primary Page: http://2wincube.net/
Frame ID: 64F4EB492CDF6126261D693BC57B7AC6
Requests: 1 HTTP requests in this frame

Frame: https://domain.whois.co.kr/forward/
Frame ID: 76F12D056B513A39E2FA8C76289D9333
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2wincube.net
Frame ID: C6F68D4039A940765DE70FBCFEABC9B4
Requests: 2 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7C12F834E8C263130FBA705E07A5CF57
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • //(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

84 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

1376 kB
Transfer

1520 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://whoisdomain.kr/forward/ HTTP 301
  • https://domain.whois.co.kr/forward/
Request Chain 16
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=domain.whois.co.kr&sn=ChromeSyncframe&so=0&topUrl=2wincube.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodnVLTDVzNWVnNnNxWDVrV09Md1g3TVZuM2dyZVd4UysrZjlxWkp1S2t6VXBqZmU1U0QwNDNBSVk3YmMwaFA4cmtTa0lydlN3TGVPQXJRa25ob3pVTmtWdEw5WUZTWi9NZE9IcElVM29jY01JVnZDTjd5cXYvNzY4QUZCUkNxVXEvTDRyRTVscVdielFpSUREZDlHTW1FVEFRdlljNFpqV3N2aUxqdTFrNTJIR3p0enE1WEg5VT18&cppv=2

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
2wincube.net/
469 B
727 B
Document
General
Full URL
http://2wincube.net/
Protocol
HTTP/1.1
Server
118.67.131.217 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
b0c2c61abd065abcef1d6f59effd91c2c1303185c3ca068ec710af1b5eff71da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
281
Connection
keep-alive
Content-Length
469
Content-Type
text/html; charset=euc-kr
Date
Fri, 27 May 2022 23:58:49 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
/
domain.whois.co.kr/forward/ Frame 76F1
Redirect Chain
  • http://whoisdomain.kr/forward/
  • https://domain.whois.co.kr/forward/
9 KB
9 KB
Document
General
Full URL
https://domain.whois.co.kr/forward/
Requested by
Host: 2wincube.net
URL: http://2wincube.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
aab59fcf9686a8f68f64b75409adea62dda9bf91e8adff5d5c0f85015d6f1802

Request headers

Referer
http://2wincube.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 May 2022 00:03:34 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
243
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 28 May 2022 00:03:32 GMT
Keep-Alive
timeout=15, max=100
Location
https://domain.whois.co.kr/forward/
Server
Apache
style_new2021.css
domain.whois.co.kr/forward/css/ Frame 76F1
13 KB
13 KB
Stylesheet
General
Full URL
https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
3681c91ef882b34b1c78dd7285ff06c9311a01278dd473080cb0091b09b8cc3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:34 GMT
Last-Modified
Tue, 26 Apr 2022 05:46:28 GMT
Server
Apache
ETag
"3374-5dd8836cb202f"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
13172
domainsearch_utf.js
domain.whois.co.kr/js/search/ Frame 76F1
40 KB
40 KB
Script
General
Full URL
https://domain.whois.co.kr/js/search/domainsearch_utf.js?20201118
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
b269c5f6f5bab56dc6504bd66e9ee14f272170f4e59ebc4e5394cc8fd8e0045c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:34 GMT
Last-Modified
Thu, 13 Jan 2022 07:34:11 GMT
Server
Apache
ETag
"9e86-5d571b66469c7"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
40582
publishertag.js
static.criteo.net/js/ld/ Frame 76F1
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:03:34 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 May 2022 00:03:34 GMT
parking_logo_png2.png
domain.whois.co.kr/forward/img2/ Frame 76F1
3 KB
3 KB
Image
General
Full URL
https://domain.whois.co.kr/forward/img2/parking_logo_png2.png
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
1091a312cb851c7e4f26944639bfc9f4d75320a4d55ec4ce420d383f55dae6a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Tue, 26 Oct 2021 00:04:16 GMT
Server
Apache
ETag
"a2d-5cf3637e6c4f6"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2605
parking_logo_isms2_png.png
domain.whois.co.kr/forward/img2/ Frame 76F1
5 KB
6 KB
Image
General
Full URL
https://domain.whois.co.kr/forward/img2/parking_logo_isms2_png.png
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
0141de08bb19ee3b08d1fb1829fe539ad03178d22fb602630782be36bd5d13eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Mon, 25 Oct 2021 07:42:34 GMT
Server
Apache
ETag
"157c-5cf28810e80bc"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
5500
img_s_coffee2.png
domain.whois.co.kr/forward/img2/ Frame 76F1
23 KB
23 KB
Image
General
Full URL
https://domain.whois.co.kr/forward/img2/img_s_coffee2.png
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
aaaffa628c8571b9a0e1345bbeaec1479324713947849f0d92af3a445a9a67a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Mon, 10 Feb 2020 04:54:38 GMT
Server
Apache
ETag
"5b62-59e318959179d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
23394
flag_kor.gif
domain.whois.co.kr/forward/img/ Frame 76F1
1 KB
1 KB
Image
General
Full URL
https://domain.whois.co.kr/forward/img/flag_kor.gif
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
e001bfaa55f77962c4a243c781dcf1276d05e0ba9eb31c0d3566e4672fee7eee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Tue, 02 Aug 2011 00:15:59 GMT
Server
Apache
ETag
"40c-4a97aa6f4adc0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1036
flag_jp.gif
domain.whois.co.kr/forward/img/ Frame 76F1
352 B
621 B
Image
General
Full URL
https://domain.whois.co.kr/forward/img/flag_jp.gif
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
4c218c6167ee8986da84f3b21e2d76b0720c179719e67c5960ae850d0572bb00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Tue, 02 Aug 2011 00:15:59 GMT
Server
Apache
ETag
"160-4a97aa6f4adc0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
352
ga.js
ssl.google-analytics.com/ Frame 76F1
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4361
date
Fri, 27 May 2022 22:50:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 28 May 2022 00:50:54 GMT
icon_arrow3.png
domain.whois.co.kr/forward/img2/ Frame 76F1
1 KB
2 KB
Image
General
Full URL
https://domain.whois.co.kr/forward/img2/icon_arrow3.png
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
c370ff522ed7267675539768a5737cbbedb32019e8af939f7f472c2eab1733c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Mon, 25 Oct 2021 07:42:34 GMT
Server
Apache
ETag
"5d5-5cf28810cea7c"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1493
img_nworks2.png
domain.whois.co.kr/forward/img2/ Frame 76F1
32 KB
0
Image
General
Full URL
https://domain.whois.co.kr/forward/img2/img_nworks2.png
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 00:03:35 GMT
Last-Modified
Mon, 28 Feb 2022 08:59:21 GMT
Server
Apache
ETag
"e815-5d91043ae55c6"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
59413
GmarketSansMedium.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 76F1
596 KB
598 KB
Font
General
Full URL
https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansMedium.woff
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://domain.whois.co.kr/
Origin
https://domain.whois.co.kr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:03:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5841650
x-jsd-version
1.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
610480
x-served-by
cache-fra19137-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"950b0-lZxjrSk7X3rBZyjq4AMXERjnOE8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGOu9f8wme%2FoWpgPwScePZ92cyGoxroDkles9k%2Bbm5xIIQcra88MnqwqiuHaL3H3vgJCviTgzd7TayWh0XBxCpvFX2xm5wGURbBAQZzh727G0o5ddSCUyPbhFyrmW28A8YdBo0ilLsm84VlHaNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
7122ba62792c5c6e-FRA
GmarketSansBold.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 76F1
615 KB
616 KB
Font
General
Full URL
https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansBold.woff
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f30fc9cb858a716c07da51c5817e90c27bd7387016a2047a8b02b02fb4040d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://domain.whois.co.kr/
Origin
https://domain.whois.co.kr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:03:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5841634
x-jsd-version
1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
629668
x-served-by
cache-fra19137-FRA, cache-hhn4046-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"99ba4-u5izBgsm01hkduWotG274hOmwl8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATkJZtKJSdjabt99O2CisddNPKbQVsoLTwjDiHxtg3AlDWjqYQgXII7z%2Bn9y7u5Pj2Sp6PanUViMxX0QlIT0rLbTsRHBVY%2F%2FiVTH6MspuNBFgOBEf2tlfHMtp0%2B9M%2BghhELYWl3WApAWAJ5MZV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
7122ba62792e5c6e-FRA
ajs.php
cas.criteo.com/delivery/ Frame 76F1
2 KB
2 KB
XHR
General
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=123&containerid=crt-476098&zoneid=476098&cb=71372233022&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2F2wincube.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.145 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3cf5ab9fff004adbadeea12806ebac5a228d38f6e7bbee113094930bcb158c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domain.whois.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:03:35 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6259284
strict-transport-security
max-age=31536000; preload;
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://domain.whois.co.kr
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 26 Jul 1997 05:00:00 GMT
syncframe
gum.criteo.com/ Frame C6F6
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2wincube.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://domain.whois.co.kr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5884
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 28 May 2022 00:03:35 GMT
server-processing-duration-in-ticks
1756
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame C6F6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=domain.whois.co.kr&sn=ChromeSyncframe&so=0&topUrl=2wincube.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodn...
425 B
635 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodnVLTDVzNWVnNnNxWDVrV09Md1g3TVZuM2dyZVd4UysrZjlxWkp1S2t6VXBqZmU1U0QwNDNBSVk3YmMwaFA4cmtTa0lydlN3TGVPQXJRa25ob3pVTmtWdEw5WUZTWi9NZE9IcElVM29jY01JVnZDTjd5cXYvNzY4QUZCUkNxVXEvTDRyRTVscVdielFpSUREZDlHTW1FVEFRdlljNFpqV3N2aUxqdTFrNTJIR3p0enE1WEg5VT18&cppv=2
Requested by
Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d4901ef9592eabe5cf297627fd2c41dd9538760655cb7e0d86e757402b31dae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 May 2022 00:03:35 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4471
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 28 May 2022 00:03:34 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodnVLTDVzNWVnNnNxWDVrV09Md1g3TVZuM2dyZVd4UysrZjlxWkp1S2t6VXBqZmU1U0QwNDNBSVk3YmMwaFA4cmtTa0lydlN3TGVPQXJRa25ob3pVTmtWdEw5WUZTWi9NZE9IcElVM29jY01JVnZDTjd5cXYvNzY4QUZCUkNxVXEvTDRyRTVscVdielFpSUREZDlHTW1FVEFRdlljNFpqV3N2aUxqdTFrNTJIR3p0enE1WEg5VT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1490
content-length
567
expires
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7C12
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

2 Cookies

Domain/Path Name / Value
.criteo.com/ Name: zdi
Value: %2A1IuDMFOtM8QY5gf%252fZTexUlg%253d%253d
.criteo.com/ Name: uid
Value: f211f5e4-7b6a-4762-9a60-d1a6421fdb4b

2 Console Messages

Source Level URL
Text
rendering warning URL: http://2wincube.net/(Line 3)
Message:
The key "target-densitydpi" is not supported.
security error (Line 49)
Message:
Mixed Content: The page at 'https://domain.whois.co.kr/forward/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2wincube.net
cas.criteo.com
cdn.jsdelivr.net
domain.whois.co.kr
gum.criteo.com
mug.criteo.com
pagead2.googlesyndication.com
ssl.google-analytics.com
static.criteo.net
whoisdomain.kr
pagead2.googlesyndication.com
118.67.131.217
178.250.0.145
178.250.2.146
220.230.126.70
2606:4700::6810:5514
27.96.134.25
2a00:1450:4001:830::2008
2a02:2638:1::3
2a02:2638::1c
0141de08bb19ee3b08d1fb1829fe539ad03178d22fb602630782be36bd5d13eb
1091a312cb851c7e4f26944639bfc9f4d75320a4d55ec4ce420d383f55dae6a7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
3681c91ef882b34b1c78dd7285ff06c9311a01278dd473080cb0091b09b8cc3f
3cf5ab9fff004adbadeea12806ebac5a228d38f6e7bbee113094930bcb158c85
4c218c6167ee8986da84f3b21e2d76b0720c179719e67c5960ae850d0572bb00
747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
aaaffa628c8571b9a0e1345bbeaec1479324713947849f0d92af3a445a9a67a3
aab59fcf9686a8f68f64b75409adea62dda9bf91e8adff5d5c0f85015d6f1802
b0c2c61abd065abcef1d6f59effd91c2c1303185c3ca068ec710af1b5eff71da
b269c5f6f5bab56dc6504bd66e9ee14f272170f4e59ebc4e5394cc8fd8e0045c
c370ff522ed7267675539768a5737cbbedb32019e8af939f7f472c2eab1733c2
c9f30fc9cb858a716c07da51c5817e90c27bd7387016a2047a8b02b02fb4040d
d4901ef9592eabe5cf297627fd2c41dd9538760655cb7e0d86e757402b31dae4
e001bfaa55f77962c4a243c781dcf1276d05e0ba9eb31c0d3566e4672fee7eee