antivirushotel.com Open in urlscan Pro
116.126.87.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://antivirushotel.com/
Submission Tags: falconsandbox
Submission: On May 20 via api (May 20th 2021, 2:11:57 pm UTC) from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 116.126.87.124, located in Daejeon, Korea, Republic Of and belongs to SKB-AS SK Broadband Co Ltd, KR. The main domain is antivirushotel.com.

This is the only time antivirushotel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.126.87.124 116.126.87.124	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
1 1	27.96.130.131 27.96.130.131	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
11	210.89.187.123 210.89.187.123	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.138 178.250.2.138	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	10

1 116.126.87.124 (Daejeon, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

antivirushotel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.96.130.131 (Korea, Republic Of) 1 redirects

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

whoisdomain.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 210.89.187.123 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

domain.whois.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.138 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	whois.co.kr domain.whois.co.kr	167 KB
3	criteo.com cas.criteo.com gum.criteo.com cat.nl.eu.criteo.com	3 KB
2	gstatic.com fonts.gstatic.com	2 MB
1	google-analytics.com ssl.google-analytics.com	17 KB
1	criteo.net static.criteo.net	37 KB
1	whoisdomain.kr 1 redirects whoisdomain.kr	257 B
1	antivirushotel.com antivirushotel.com	732 B
0	googlesyndication.com Failed pagead2.googlesyndication.com Failed
20	8

	Domain	Requested by
11	domain.whois.co.kr	antivirushotel.com domain.whois.co.kr
2	fonts.gstatic.com	domain.whois.co.kr
1	cat.nl.eu.criteo.com	domain.whois.co.kr
1	gum.criteo.com	static.criteo.net
1	cas.criteo.com	static.criteo.net
1	ssl.google-analytics.com	domain.whois.co.kr
1	static.criteo.net	domain.whois.co.kr
1	whoisdomain.kr	1 redirects
1	antivirushotel.com
0	pagead2.googlesyndication.com Failed	antivirushotel.com
20	10

This site contains no links.

Subject Issuer	Validity	Valid
yesnic.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-10` - `2022-02-16`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-03-26` - `2021-06-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://antivirushotel.com/
Frame ID: 26DCBE8FA45BF562C00D64550F1D376A
Requests: 1 HTTP requests in this frame

Frame: https://domain.whois.co.kr/forward/
Frame ID: 076BF148134BE1C71D9AA9D4F5837BA3
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=antivirushotel.com
Frame ID: BBCDA4FA45390D855BA8272848B012BB
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7FB07A36B6E3EE8EA4A413A9E6B42267
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

90 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

2195 kB
Transfer

2297 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://whoisdomain.kr/forward/ HTTP 301
https://domain.whois.co.kr/forward/

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
antivirushotel.com/ 469 B
732 B 836ms
543ms Document
text/html 116.126.87.124
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: http://antivirushotel.com/
Protocol: HTTP/1.1
Server: 116.126.87.124 Daejeon, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Apache / PHP/5.2.17
Resource Hash: b0c2c61abd065abcef1d6f59effd91c2c1303185c3ca068ec710af1b5eff71da

Request headers

Host: antivirushotel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 469
Connection: close
Content-Type: text/html; charset=euc-kr

GET
H/1.1

200
OK

/ Show response
domain.whois.co.kr/forward/ Frame 076B
Redirect Chain

http://whoisdomain.kr/forward/
https://domain.whois.co.kr/forward/

8 KB
9 KB

1551ms
513ms

Document
text/html

210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://domain.whois.co.kr/forward/
Requested by: Host: antivirushotel.com
URL: http://antivirushotel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: d75b2620e135afb6b37aea4219f438ae07bc322402eb71d734ec2844d49c708a

Request headers

Host: domain.whois.co.kr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: http://antivirushotel.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://antivirushotel.com/

Response headers

Date: Thu, 20 May 2021 14:11:35 GMT
Server: Apache
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 20 May 2021 14:11:34 GMT
Server: Apache
Location: https://domain.whois.co.kr/forward/
Content-Length: 243
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK style_new2020.css
domain.whois.co.kr/forward/css/ Frame 076B 10 KB
10 KB 265ms
264ms Stylesheet
text/css 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://domain.whois.co.kr/forward/css/style_new2020.css
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 312d0a4d01f779dc0f86f479456e2809d8fd78ed4716913d7942e3723e5c87fb

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:35 GMT
Last-Modified: Mon, 05 Apr 2021 00:53:06 GMT
Server: Apache
ETag: "276c-5bf2f1ee6c698"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 10092

GET
H/1.1 200
OK domainsearch_utf.js Show response
domain.whois.co.kr/js/search/ Frame 076B 40 KB
40 KB 267ms
267ms Script
application/javascript 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://domain.whois.co.kr/js/search/domainsearch_utf.js?20201118
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: ad00e672181dbfab05bb28dfa4ab4d9ed60ec86876cb188efa6a6e13d471cd5f

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:35 GMT
Last-Modified: Mon, 10 May 2021 04:21:16 GMT
Server: Apache
ETag: "9e4f-5c1f21bd5d6b9"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 40527

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 076B 114 KB
37 KB 75ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 14:11:35 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 11:49:39 GMT
server: nginx
etag: W/"60a25853-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 May 2021 14:11:35 GMT

GET
H/1.1 200
OK parking_logo.gif
domain.whois.co.kr/forward/img2/ Frame 076B 2 KB
2 KB 264ms
264ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_logo.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 43408357514cd1c01cd97589d2484e198241621628464a1ce97b36fa8ee3098b

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:36 GMT
Last-Modified: Wed, 26 Jun 2013 07:05:41 GMT
Server: Apache
ETag: "898-4e00946067b40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 2200

GET
H/1.1 200
OK parking_logo2.gif
domain.whois.co.kr/forward/img2/ Frame 076B 4 KB
5 KB 268ms
268ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_logo2.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 92b629c7d436bddbfde385bd2a4b3bcf5df44f4f3545de2d63818fad4104f38f

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:36 GMT
Last-Modified: Wed, 26 Jun 2013 07:05:41 GMT
Server: Apache
ETag: "11be-4e00946067b40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4542

GET
H/1.1 200
OK parking_logo_isms2.gif
domain.whois.co.kr/forward/img2/ Frame 076B 4 KB
5 KB 269ms
265ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_logo_isms2.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: ec19f048bda98194ff3d8165055f5f0819450db5e550e07e264948164b408f2b

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:36 GMT
Last-Modified: Fri, 13 Nov 2020 07:21:37 GMT
Server: Apache
ETag: "116b-5b3f7e1109f01"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 4459

GET
H/1.1 200
OK img_s_coffee2_ice.png
domain.whois.co.kr/forward/img2/ Frame 076B 37 KB
37 KB 546ms
275ms Image
image/png 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/img_s_coffee2_ice.png
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 1d0d95c87103cecc82f13ef7b81b2ccadb1a1a42b6f703865dad02367690568a

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:36 GMT
Last-Modified: Sun, 02 May 2021 23:49:23 GMT
Server: Apache
ETag: "92dd-5c1617e9d09d1"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 37597

GET
H/1.1 200
OK flag_kor.gif
domain.whois.co.kr/forward/img/ Frame 076B 1 KB
1 KB 793ms
263ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img/flag_kor.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: e001bfaa55f77962c4a243c781dcf1276d05e0ba9eb31c0d3566e4672fee7eee

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:37 GMT
Last-Modified: Tue, 02 Aug 2011 00:15:59 GMT
Server: Apache
ETag: "40c-4a97aa6f4adc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1036

GET
H/1.1 200
OK flag_jp.gif
domain.whois.co.kr/forward/img/ Frame 076B 352 B
622 B 795ms
264ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img/flag_jp.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 4c218c6167ee8986da84f3b21e2d76b0720c179719e67c5960ae850d0572bb00

Request headers

Referer: https://domain.whois.co.kr/forward/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:37 GMT
Last-Modified: Tue, 02 Aug 2011 00:15:59 GMT
Server: Apache
ETag: "160-4a97aa6f4adc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 352

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 076B 45 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 7039
date: Thu, 20 May 2021 12:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 20 May 2021 14:14:17 GMT

GET
H/1.1 200
OK parking_top_bg.gif
domain.whois.co.kr/forward/img2/ Frame 076B 1 KB
1 KB 811ms
268ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_top_bg.gif
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2020.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 92dafa9b1e026f44c771c2244890e7b67070d35bdd33d2763c7ccdeb5d5596db

Request headers

Referer: https://domain.whois.co.kr/forward/css/style_new2020.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:37 GMT
Last-Modified: Wed, 26 Jun 2013 07:05:41 GMT
Server: Apache
ETag: "4dc-4e00946067b40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1244

GET
H/1.1 200
OK parking_main_bg2.jpg
domain.whois.co.kr/forward/img2/ Frame 076B 56 KB
56 KB 274ms
267ms Image
image/jpeg 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domain.whois.co.kr/forward/img2/parking_main_bg2.jpg
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2020.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 13a88b9f1fdbd0794a8fbe18c1247aa04a9e322787dadd1a91ff342b4640acbd

Request headers

Referer: https://domain.whois.co.kr/forward/css/style_new2020.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 14:11:36 GMT
Last-Modified: Tue, 31 Oct 2017 08:36:37 GMT
Server: Apache
ETag: "dfdd-55cd3a739ef40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 57309

GET
H2 200 NotoSansKR-Medium.woff2
fonts.gstatic.com/ea/notosanskr/v2/ Frame 076B 1000 KB
1001 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/notosanskr/v2/NotoSansKR-Medium.woff2

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafab1bbf1bf73a07d3b212ac5da4160e56ec9b19fdddf7a806a439971cb4f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://domain.whois.co.kr
Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 00:25:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2015 23:26:49 GMT
server: sffe
age: 222373
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023900
x-xss-protection: 0
expires: Wed, 18 May 2022 00:25:23 GMT

GET
H3-29 200 NotoSansKR-Regular.woff2
fonts.gstatic.com/ea/notosanskr/v2/ Frame 076B 970 KB
970 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/notosanskr/v2/NotoSansKR-Regular.woff2

Requested by

Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/css/style_new2020.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78ba9a9da795dc8e7b8cb0ccf7fbdb051625ea9e73d223e6c9462dfd82966c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://domain.whois.co.kr
Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:04:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2015 23:26:49 GMT
server: sffe
age: 43643
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 993100
x-xss-protection: 0
expires: Fri, 20 May 2022 02:04:13 GMT

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame 076B 3 KB
2 KB 162ms
54ms XHR
text/javascript 178.250.2.138
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.criteo.com/delivery/ajs.php?ptv=106&containerid=crt-476098&zoneid=476098&cb=57924389752&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2Fantivirushotel.com
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.138 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: caa44ef7fa87d9afc7ba51988a6ac2f7dec07b1cf9f9f10c96ea1f4c0878c5d6

Request headers

Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 14:11:36 GMT
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
p3p: CP='CUR ADM OUR NOR STA NID'
server-processing-duration-in-ticks: 12490
content-length: 1549
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://domain.whois.co.kr
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BBCD 0
326 B 62ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=antivirushotel.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=antivirushotel.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://domain.whois.co.kr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://domain.whois.co.kr/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1545
set-cookie: uid=ef1bcf10-8176-481d-9e3e-39a1259c35c4; expires=Fri, 20 May 2022 14:11:35 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 20 May 2021 14:11:35 GMT
content-length: 0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7FB0 0
0

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7FB0 43 B
310 B 170ms
55ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UlOrnCGlwY-BcjvbgDDfAgD08zLPr4KQ_EKHRtuZZDJlZqNmqclZTRmLRh63qmR5UvYPL2s9pAcK7-dU8rr0YHm2ccFjcGWIhHgKclDdJj1dwIMnGA1MOvLk6ziyC-_-pdFrpcQVBeR1tP2QQAZiumKMeqgqU6T9XNxgX_9OIag_N_Q2DZOoBpajYK4AimFY5HfzrppcUk_BCYc_mJWVKoXZ66M
Requested by: Host: domain.whois.co.kr
URL: https://domain.whois.co.kr/forward/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://domain.whois.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 14:11:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
server-processing-duration-in-ticks: 4852
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antivirushotel.com
cas.criteo.com
cat.nl.eu.criteo.com
domain.whois.co.kr
fonts.gstatic.com
gum.criteo.com
pagead2.googlesyndication.com
ssl.google-analytics.com
static.criteo.net
whoisdomain.kr
pagead2.googlesyndication.com
116.126.87.124
178.250.2.138
178.250.2.148
210.89.187.123
27.96.130.131
2a00:1450:4001:802::2003
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a02:2638:1::13
2a02:2638::3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13a88b9f1fdbd0794a8fbe18c1247aa04a9e322787dadd1a91ff342b4640acbd
1d0d95c87103cecc82f13ef7b81b2ccadb1a1a42b6f703865dad02367690568a
312d0a4d01f779dc0f86f479456e2809d8fd78ed4716913d7942e3723e5c87fb
43408357514cd1c01cd97589d2484e198241621628464a1ce97b36fa8ee3098b
4c218c6167ee8986da84f3b21e2d76b0720c179719e67c5960ae850d0572bb00
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
92b629c7d436bddbfde385bd2a4b3bcf5df44f4f3545de2d63818fad4104f38f
92dafa9b1e026f44c771c2244890e7b67070d35bdd33d2763c7ccdeb5d5596db
aafab1bbf1bf73a07d3b212ac5da4160e56ec9b19fdddf7a806a439971cb4f14
ad00e672181dbfab05bb28dfa4ab4d9ed60ec86876cb188efa6a6e13d471cd5f
b0c2c61abd065abcef1d6f59effd91c2c1303185c3ca068ec710af1b5eff71da
b78ba9a9da795dc8e7b8cb0ccf7fbdb051625ea9e73d223e6c9462dfd82966c5
caa44ef7fa87d9afc7ba51988a6ac2f7dec07b1cf9f9f10c96ea1f4c0878c5d6
d75b2620e135afb6b37aea4219f438ae07bc322402eb71d734ec2844d49c708a
e001bfaa55f77962c4a243c781dcf1276d05e0ba9eb31c0d3566e4672fee7eee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec19f048bda98194ff3d8165055f5f0819450db5e550e07e264948164b408f2b

antivirushotel.com Open in urlscan Pro 116.126.87.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

90 %HTTPS

50 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

2195 kBTransfer

2297 kBSize

0 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

antivirushotel.com Open in urlscan Pro
116.126.87.124 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

90 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

2195 kB
Transfer

2297 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions