2wincube.net Open in urlscan Pro
118.67.131.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://2wincube.net/
Submission: On May 28 via api (May 28th 2022, 12:03:36 am UTC) from TH — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 118.67.131.217, located in Korea, Republic Of and belongs to NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG. The main domain is 2wincube.net.

This is the only time 2wincube.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	118.67.131.217 118.67.131.217	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
1 1	27.96.134.25 27.96.134.25	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
10	220.230.126.70 220.230.126.70	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.145 178.250.0.145	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19	9

1 118.67.131.217 (Korea, Republic Of)

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

2wincube.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.96.134.25 (Korea, Republic Of) 1 redirects

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

whoisdomain.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 220.230.126.70 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

domain.whois.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.145 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	whois.co.kr domain.whois.co.kr	97 KB
4	criteo.com 1 redirects cas.criteo.com — Cisco Umbrella Rank: 17286 gum.criteo.com — Cisco Umbrella Rank: 358 mug.criteo.com — Cisco Umbrella Rank: 2958	9 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 419	1 MB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 286	17 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 578	39 KB
1	whoisdomain.kr 1 redirects whoisdomain.kr — Cisco Umbrella Rank: 586964	257 B
1	2wincube.net 2wincube.net	727 B
0	googlesyndication.com Failed pagead2.googlesyndication.com Failed
19	8

	Domain	Requested by
10	domain.whois.co.kr	2wincube.net domain.whois.co.kr
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.jsdelivr.net	domain.whois.co.kr
1	mug.criteo.com	domain.whois.co.kr
1	cas.criteo.com	static.criteo.net
1	ssl.google-analytics.com	domain.whois.co.kr
1	static.criteo.net	domain.whois.co.kr
1	whoisdomain.kr	1 redirects
1	2wincube.net
0	pagead2.googlesyndication.com Failed	2wincube.net
19	10

This site contains no links.

Subject Issuer	Validity	Valid
yesnic.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-05` - `2023-01-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://2wincube.net/
Frame ID: 64F4EB492CDF6126261D693BC57B7AC6
Requests: 1 HTTP requests in this frame

Frame: https://domain.whois.co.kr/forward/
Frame ID: 76F12D056B513A39E2FA8C76289D9333
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2wincube.net
Frame ID: C6F68D4039A940765DE70FBCFEABC9B4
Requests: 2 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7C12F834E8C263130FBA705E07A5CF57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

19
Requests

84 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

1376 kB
Transfer

1520 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://whoisdomain.kr/forward/ HTTP 301
https://domain.whois.co.kr/forward/

Request Chain 16

https://gum.criteo.com/sid/json?origin=publishertag&domain=domain.whois.co.kr&sn=ChromeSyncframe&so=0&topUrl=2wincube.net&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodnVLTDVzNWVnNnNxWDVrV09Md1g3TVZuM2dyZVd4UysrZjlxWkp1S2t6VXBqZmU1U0QwNDNBSVk3YmMwaFA4cmtTa0lydlN3TGVPQXJRa25ob3pVTmtWdEw5WUZTWi9NZE9IcElVM29jY01JVnZDTjd5cXYvNzY4QUZCUkNxVXEvTDRyRTVscVdielFpSUREZDlHTW1FVEFRdlljNFpqV3N2aUxqdTFrNTJIR3p0enE1WEg5VT18&cppv=2

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
2wincube.net/ 469 B
727 B 1035ms
291ms Document
text/html 118.67.131.217
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to

Full URL: http://2wincube.net/
Protocol: HTTP/1.1
Server: 118.67.131.217 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: b0c2c61abd065abcef1d6f59effd91c2c1303185c3ca068ec710af1b5eff71da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 281
Connection: keep-alive
Content-Length: 469
Content-Type: text/html; charset=euc-kr
Date: Fri, 27 May 2022 23:58:49 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"

GET
H/1.1

200
OK

/ Show response
domain.whois.co.kr/forward/ Frame 76F1
Redirect Chain

http://whoisdomain.kr/forward/
https://domain.whois.co.kr/forward/

9 KB
9 KB

1439ms
283ms

Document
text/html

220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://domain.whois.co.kr/forward/
Requested by: Host: 2wincube.net
URL: http://2wincube.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: aab59fcf9686a8f68f64b75409adea62dda9bf91e8adff5d5c0f85015d6f1802

Request headers

Referer: http://2wincube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 28 May 2022 00:03:34 GMT
Keep-Alive: timeout=15, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 28 May 2022 00:03:32 GMT
Keep-Alive: timeout=15, max=100
Location: https://domain.whois.co.kr/forward/
Server: Apache

GET
H/1.1 200
OK style_new2021.css
domain.whois.co.kr/forward/css/ Frame 76F1 13 KB
13 KB 282ms
282ms Stylesheet
text/css 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 3681c91ef882b34b1c78dd7285ff06c9311a01278dd473080cb0091b09b8cc3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:34 GMT
Last-Modified: Tue, 26 Apr 2022 05:46:28 GMT
Server: Apache
ETag: "3374-5dd8836cb202f"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 13172

GET
H/1.1 200
OK domainsearch_utf.js Show response
domain.whois.co.kr/js/search/ Frame 76F1 40 KB
40 KB 537ms
277ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://domain.whois.co.kr/js/search/domainsearch_utf.js?20201118
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: b269c5f6f5bab56dc6504bd66e9ee14f272170f4e59ebc4e5394cc8fd8e0045c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:34 GMT
Last-Modified: Thu, 13 Jan 2022 07:34:11 GMT
Server: Apache
ETag: "9e86-5d571b66469c7"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 40582

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 76F1 119 KB
39 KB 175ms
79ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:03:34 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 May 2022 00:03:34 GMT

GET
H/1.1 200
OK parking_logo_png2.png
domain.whois.co.kr/forward/img2/ Frame 76F1 3 KB
3 KB 282ms
282ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_logo_png2.png
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 1091a312cb851c7e4f26944639bfc9f4d75320a4d55ec4ce420d383f55dae6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Tue, 26 Oct 2021 00:04:16 GMT
Server: Apache
ETag: "a2d-5cf3637e6c4f6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2605

GET
H/1.1 200
OK parking_logo_isms2_png.png
domain.whois.co.kr/forward/img2/ Frame 76F1 5 KB
6 KB 282ms
282ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_logo_isms2_png.png
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 0141de08bb19ee3b08d1fb1829fe539ad03178d22fb602630782be36bd5d13eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Mon, 25 Oct 2021 07:42:34 GMT
Server: Apache
ETag: "157c-5cf28810e80bc"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 5500

GET
H/1.1 200
OK img_s_coffee2.png
domain.whois.co.kr/forward/img2/ Frame 76F1 23 KB
23 KB 276ms
275ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/img_s_coffee2.png
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: aaaffa628c8571b9a0e1345bbeaec1479324713947849f0d92af3a445a9a67a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Mon, 10 Feb 2020 04:54:38 GMT
Server: Apache
ETag: "5b62-59e318959179d"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 23394

GET
H/1.1 200
OK flag_kor.gif
domain.whois.co.kr/forward/img/ Frame 76F1 1 KB
1 KB 281ms
280ms Image
image/gif 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img/flag_kor.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: e001bfaa55f77962c4a243c781dcf1276d05e0ba9eb31c0d3566e4672fee7eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Tue, 02 Aug 2011 00:15:59 GMT
Server: Apache
ETag: "40c-4a97aa6f4adc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1036

GET
H/1.1 200
OK flag_jp.gif
domain.whois.co.kr/forward/img/ Frame 76F1 352 B
621 B 317ms
282ms Image
image/gif 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img/flag_jp.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 4c218c6167ee8986da84f3b21e2d76b0720c179719e67c5960ae850d0572bb00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Tue, 02 Aug 2011 00:15:59 GMT
Server: Apache
ETag: "160-4a97aa6f4adc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 352

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 76F1 45 KB
17 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4361
date: Fri, 27 May 2022 22:50:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 28 May 2022 00:50:54 GMT

GET
H/1.1 200
OK icon_arrow3.png
domain.whois.co.kr/forward/img2/ Frame 76F1 1 KB
2 KB 560ms
280ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/icon_arrow3.png
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: c370ff522ed7267675539768a5737cbbedb32019e8af939f7f472c2eab1733c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Mon, 25 Oct 2021 07:42:34 GMT
Server: Apache
ETag: "5d5-5cf28810cea7c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1493

GET
H/1.1 200
OK img_nworks2.png
domain.whois.co.kr/forward/img2/ Frame 76F1 32 KB
0 591ms
282ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/img_nworks2.png
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 00:03:35 GMT
Last-Modified: Mon, 28 Feb 2022 08:59:21 GMT
Server: Apache
ETag: "e815-5d91043ae55c6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 59413

GET
H2 200 GmarketSansMedium.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 76F1 596 KB
598 KB 68ms
26ms Font
font/woff 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansMedium.woff

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://domain.whois.co.kr/
Origin: https://domain.whois.co.kr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:03:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5841650
x-jsd-version: 1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 610480
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"950b0-lZxjrSk7X3rBZyjq4AMXERjnOE8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGOu9f8wme%2FoWpgPwScePZ92cyGoxroDkles9k%2Bbm5xIIQcra88MnqwqiuHaL3H3vgJCviTgzd7TayWh0XBxCpvFX2xm5wGURbBAQZzh727G0o5ddSCUyPbhFyrmW28A8YdBo0ilLsm84VlHaNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 7122ba62792c5c6e-FRA

GET
H2 200 GmarketSansBold.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 76F1 615 KB
616 KB 88ms
46ms Font
font/woff 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansBold.woff

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2021.css?202204265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9f30fc9cb858a716c07da51c5817e90c27bd7387016a2047a8b02b02fb4040d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://domain.whois.co.kr/
Origin: https://domain.whois.co.kr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:03:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5841634
x-jsd-version: 1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 629668
x-served-by: cache-fra19137-FRA, cache-hhn4046-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"99ba4-u5izBgsm01hkduWotG274hOmwl8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATkJZtKJSdjabt99O2CisddNPKbQVsoLTwjDiHxtg3AlDWjqYQgXII7z%2Bn9y7u5Pj2Sp6PanUViMxX0QlIT0rLbTsRHBVY%2F%2FiVTH6MspuNBFgOBEf2tlfHMtp0%2B9M%2BghhELYWl3WApAWAJ5MZV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 7122ba62792e5c6e-FRA

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame 76F1 2 KB
2 KB 206ms
41ms XHR
text/javascript 178.250.0.145
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.criteo.com/delivery/ajs.php?ptv=123&containerid=crt-476098&zoneid=476098&cb=71372233022&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2F2wincube.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.145 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3cf5ab9fff004adbadeea12806ebac5a228d38f6e7bbee113094930bcb158c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:03:35 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6259284
strict-transport-security: max-age=31536000; preload;
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://domain.whois.co.kr
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C6F6 14 KB
6 KB 99ms
33ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2wincube.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://domain.whois.co.kr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5884
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:03:35 GMT
server-processing-duration-in-ticks: 1756
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame C6F6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=domain.whois.co.kr&sn=ChromeSyncframe&so=0&topUrl=2wincube.net&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodn...

425 B
635 B

229ms
29ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodnVLTDVzNWVnNnNxWDVrV09Md1g3TVZuM2dyZVd4UysrZjlxWkp1S2t6VXBqZmU1U0QwNDNBSVk3YmMwaFA4cmtTa0lydlN3TGVPQXJRa25ob3pVTmtWdEw5WUZTWi9NZE9IcElVM29jY01JVnZDTjd5cXYvNzY4QUZCUkNxVXEvTDRyRTVscVdielFpSUREZDlHTW1FVEFRdlljNFpqV3N2aUxqdTFrNTJIR3p0enE1WEg5VT18&cppv=2

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d4901ef9592eabe5cf297627fd2c41dd9538760655cb7e0d86e757402b31dae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 00:03:35 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4471
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 28 May 2022 00:03:34 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=hD-mgnwzSDVEQm11VU1tMW42eUpZaVZpL01ZRE42QlpMRUtLNVk1ZnJrMUtmRzlqTXJOZ1NlYTk1a25uNUkrTUhYanlxY0dDbW5TN0hEdXRKZGNWNnVrN0lyRlYzQmFkemY1RVdvRnJzMlJXZ3pJdzg1TTBPb3hoWGZodnVLTDVzNWVnNnNxWDVrV09Md1g3TVZuM2dyZVd4UysrZjlxWkp1S2t6VXBqZmU1U0QwNDNBSVk3YmMwaFA4cmtTa0lydlN3TGVPQXJRa25ob3pVTmtWdEw5WUZTWi9NZE9IcElVM29jY01JVnZDTjd5cXYvNzY4QUZCUkNxVXEvTDRyRTVscVdielFpSUREZDlHTW1FVEFRdlljNFpqV3N2aUxqdTFrNTJIR3p0enE1WEg5VT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1490
content-length: 567
expires: 0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7C12 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.criteo.com/	1970-01-20 03:21:39	Name: zdi Value: %2A1IuDMFOtM8QY5gf%252fZTexUlg%253d%253d
			.criteo.com/	1970-01-20 12:43:12	Name: uid Value: f211f5e4-7b6a-4762-9a60-d1a6421fdb4b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://2wincube.net/(Line 3) Message: The key "target-densitydpi" is not supported.
security	error	(Line 49) Message: Mixed Content: The page at 'https://domain.whois.co.kr/forward/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2wincube.net
cas.criteo.com
cdn.jsdelivr.net
domain.whois.co.kr
gum.criteo.com
mug.criteo.com
pagead2.googlesyndication.com
ssl.google-analytics.com
static.criteo.net
whoisdomain.kr
pagead2.googlesyndication.com
118.67.131.217
178.250.0.145
178.250.2.146
220.230.126.70
2606:4700::6810:5514
27.96.134.25
2a00:1450:4001:830::2008
2a02:2638:1::3
2a02:2638::1c
0141de08bb19ee3b08d1fb1829fe539ad03178d22fb602630782be36bd5d13eb
1091a312cb851c7e4f26944639bfc9f4d75320a4d55ec4ce420d383f55dae6a7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
3681c91ef882b34b1c78dd7285ff06c9311a01278dd473080cb0091b09b8cc3f
3cf5ab9fff004adbadeea12806ebac5a228d38f6e7bbee113094930bcb158c85
4c218c6167ee8986da84f3b21e2d76b0720c179719e67c5960ae850d0572bb00
747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
aaaffa628c8571b9a0e1345bbeaec1479324713947849f0d92af3a445a9a67a3
aab59fcf9686a8f68f64b75409adea62dda9bf91e8adff5d5c0f85015d6f1802
b0c2c61abd065abcef1d6f59effd91c2c1303185c3ca068ec710af1b5eff71da
b269c5f6f5bab56dc6504bd66e9ee14f272170f4e59ebc4e5394cc8fd8e0045c
c370ff522ed7267675539768a5737cbbedb32019e8af939f7f472c2eab1733c2
c9f30fc9cb858a716c07da51c5817e90c27bd7387016a2047a8b02b02fb4040d
d4901ef9592eabe5cf297627fd2c41dd9538760655cb7e0d86e757402b31dae4
e001bfaa55f77962c4a243c781dcf1276d05e0ba9eb31c0d3566e4672fee7eee

2wincube.net Open in urlscan Pro 118.67.131.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

84 %HTTPS

44 %IPv6

8 Domains

10 Subdomains

9 IPs

4 Countries

1376 kBTransfer

1520 kBSize

2 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

2wincube.net Open in urlscan Pro
118.67.131.217 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

1376 kB
Transfer

1520 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions