hinetsecuresrvrcontrolcentre.cf Open in urlscan Pro
195.20.54.183 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hinetsecuresrvrcontrolcentre.cf/
Submission: On April 29 via manual (April 29th 2021, 6:51:02 am UTC) from TW

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 51 HTTP transactions. The main IP is 195.20.54.183, located in Netherlands and belongs to VFMNL-AS Amsterdam Location BGP Setup, NL. The main domain is hinetsecuresrvrcontrolcentre.cf.

This is the only time hinetsecuresrvrcontrolcentre.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chunghwa Telecom (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	195.20.54.183 195.20.54.183	31624 (VFMNL-AS ...) (VFMNL-AS Amsterdam Location BGP Setup)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
24	27.122.57.229 27.122.57.229	63916 (IPTELECOM...) (IPTELECOM-AS-AP IPTELECOM Global)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2001:b000:1a0... 2001:b000:1a0:2:61:220:15:125	3462 (HINET Dat...) (HINET Data Communication Business Group)
5	203.75.214.200 203.75.214.200	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
51	14

1 195.20.54.183 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)

hinetsecuresrvrcontrolcentre.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 27.122.57.229 (Hong Kong)

ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK)

landice.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:b000:1a0:2:61:220:15:125 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

webmail.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 203.75.214.200 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-200.HINET-IP.hinet.net

ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.HINET-IP.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	landice.us landice.us	407 KB
11	hinet.net webmail.hinet.net ssp.hinet.net t.ssp.hinet.net	15 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	154 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	553 B
1	google.de adservice.google.de	799 B
1	jquery.com code.jquery.com	32 KB
1	hinetsecuresrvrcontrolcentre.cf hinetsecuresrvrcontrolcentre.cf	1015 B
51	10

	Domain	Requested by
24	landice.us	hinetsecuresrvrcontrolcentre.cf landice.us
5	pagead2.googlesyndication.com	ssp.hinet.net pagead2.googlesyndication.com tpc.googlesyndication.com hinetsecuresrvrcontrolcentre.cf
5	ssp.hinet.net	landice.us ssp.hinet.net code.jquery.com
4	t.ssp.hinet.net	ssp.hinet.net t.ssp.hinet.net hinetsecuresrvrcontrolcentre.cf
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	webmail.hinet.net	landice.us
2	www.google-analytics.com	hinetsecuresrvrcontrolcentre.cf
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	code.jquery.com	ssp.hinet.net
1	hinetsecuresrvrcontrolcentre.cf
51	13

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.webmail.hinet.net	`2020-02-20` - `2022-02-20`	2 years	crt.sh
*.ssp.hinet.net	`2020-10-19` - `2021-10-19`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://hinetsecuresrvrcontrolcentre.cf/
Frame ID: 118EDE19256ADCF23C5199A59A31379E
Requests: 3 HTTP requests in this frame

Frame: http://landice.us/fcgv/pmi/index.html
Frame ID: A6353CE50B0554E81061C56AA3D45D4A
Requests: 18 HTTP requests in this frame

Frame: http://landice.us/fcgv/pmi/top.html
Frame ID: 1746A2E318801F02488A77F3A3993F87
Requests: 5 HTTP requests in this frame

Frame: https://webmail.hinet.net/notify.html
Frame ID: 8E082608A4E7E24842529246BCBAD973
Requests: 1 HTTP requests in this frame

Frame: http://landice.us/fcgv/pmi/bottom.html
Frame ID: 449155A9060E974DAF8959501022A3D8
Requests: 3 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023
Frame ID: 6FC15A587C1FA7C5BAC4AB1B8957F85A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Frame ID: 25B502132AED942DDBFD3C6DEF7FD24A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=400&slotname=3534539848&adk=1628576599&adf=1280862017&pi=t.ma~as.3534539848&w=580&psa=0&format=580x400&url=http%3A%2F%2Flandice.us%2F&ea=0&flash=0&wgl=1&dt=1619679042607&bpp=18&bdt=830&idt=70&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1278732656569&frm=8&ife=1&pv=2&ga_vid=621417259.1619679043&ga_sid=1619679043&ga_hid=360388937&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=660&ish=520&ifk=1223852579&scr_x=-12245933&scr_y=-12245933&eid=44739548%2C42530672&oid=3&pvsid=211749635764298&top=http%3A%2F%2Fhinetsecuresrvrcontrolcentre.cf&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C660%2C520&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.sngzj0h7ml8w&fsb=1&dtd=86
Frame ID: 1A072A5D3AB2B237FDA2B0F8856E3C87
Requests: 1 HTTP requests in this frame

Frame: http://ssp.hinet.net/api/web/request?c=2017007&s=201702000062&u=ed36c60b-2469-7954-53a4-4e9a396fd955&ad=ed36c60b-2469-7954-53a4-4e9a396fd955&t=1619679041529&oi=3DiS1&site=http%3A%2F%2Flandice.us%2Ffcgv%2Fpmi%2Findex.html&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017007%26s%3D201702000062%26u%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26ad%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26t%3D1619679041529%26oi%3D3DiS1%26site%3Dhttp%253A%252F%252Flandice.us%252Ffcgv%252Fpmi%252Findex.html&o=ZEpI5
Frame ID: B492F059EEDEF543ED5B84BE6E00DFB3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DD68A929D6368EB6CB11C8692D1714E8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

51
Requests

49 %
HTTPS

71 %
IPv6

10
Domains

13
Subdomains

14
IPs

4
Countries

660 kB
Transfer

1067 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 2

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1065309705&utmhn=hinetsecuresrvrcontrolcentre.cf&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetsecuresrvrcontrolcentre.cf&utmhid=1855338851&utmr=-&utmp=%2F&utmht=1619679038158&utmac=UA-23441223-3&utmcc=__utma%3D1.1746814144.1619679038.1619679038.1619679038.1%3B%2B__utmz%3D1.1619679038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1427015585&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1065309705&utmhn=hinetsecuresrvrcontrolcentre.cf&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetsecuresrvrcontrolcentre.cf&utmhid=1855338851&utmr=-&utmp=%2F&utmht=1619679038158&utmac=UA-23441223-3&utmcc=__utma%3D1.1746814144.1619679038.1619679038.1619679038.1%3B%2B__utmz%3D1.1619679038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1427015585&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request Cookie set / Show response
hinetsecuresrvrcontrolcentre.cf/ 1 KB
1015 B 3123ms
3051ms Document
text/html 195.20.54.183
VFMNL-AS Amsterda...

General

Check archive.org

Show headers Download Go to

Full URL: http://hinetsecuresrvrcontrolcentre.cf/
Protocol: HTTP/1.1
Server: 195.20.54.183 , Netherlands, ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL),
Reverse DNS
Software: nginx /
Resource Hash: d50bc16c60ef32993716537d49426059b9d8944aaef98cc7e30ffda7711ba2ab

Request headers

Host: hinetsecuresrvrcontrolcentre.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 29 Apr 2021 06:50:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 630
Connection: keep-alive
Cache-Control: no-cache
Content-Encoding: gzip
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Set-Cookie: JSESSIONID=BF3BD04CA46BFF5F37E0A2C5C9535768; Path=/; HttpOnly
Vary: Accept-Encoding
X-Server: ip-172-30-0-119

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: hinetsecuresrvrcontrolcentre.cf
URL: http://hinetsecuresrvrcontrolcentre.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hinetsecuresrvrcontrolcentre.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6985
date: Thu, 29 Apr 2021 04:54:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 29 Apr 2021 06:54:13 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK index.html Show response
landice.us/fcgv/pmi/ Frame A635 20 KB
20 KB 591ms
584ms Document
text/html 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/index.html
Requested by: Host: hinetsecuresrvrcontrolcentre.cf
URL: http://hinetsecuresrvrcontrolcentre.cf/
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: ac1acf3b6b3af2dfd55763d31241420ace5f93712d400c04f26feb6c638c79ae

Request headers

Host: landice.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hinetsecuresrvrcontrolcentre.cf/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hinetsecuresrvrcontrolcentre.cf/

Response headers

Date: Thu, 29 Apr 2021 06:50:38 GMT
Server: Apache
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Accept-Ranges: bytes
Content-Length: 20085
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1065309705&utmhn=hinetsecuresrvrcontrolcentre.cf&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utm...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1065309705&utmhn=hinetsecuresrvrcontrolcentre.cf&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&ut...

35 B
54 B

28ms
27ms

Image
image/gif

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1065309705&utmhn=hinetsecuresrvrcontrolcentre.cf&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetsecuresrvrcontrolcentre.cf&utmhid=1855338851&utmr=-&utmp=%2F&utmht=1619679038158&utmac=UA-23441223-3&utmcc=__utma%3D1.1746814144.1619679038.1619679038.1619679038.1%3B%2B__utmz%3D1.1619679038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1427015585&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: hinetsecuresrvrcontrolcentre.cf
URL: http://hinetsecuresrvrcontrolcentre.cf/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hinetsecuresrvrcontrolcentre.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 06:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1065309705&utmhn=hinetsecuresrvrcontrolcentre.cf&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetsecuresrvrcontrolcentre.cf&utmhid=1855338851&utmr=-&utmp=%2F&utmht=1619679038158&utmac=UA-23441223-3&utmcc=__utma%3D1.1746814144.1619679038.1619679038.1619679038.1%3B%2B__utmz%3D1.1619679038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1427015585&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK index.css
landice.us/fcgv/pmi/css/ Frame A635 2 KB
3 KB 590ms
581ms Stylesheet
text/css 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/css/index.css
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 08c016f9519475930d00d9a63249ead7d8f574a7ff7543fd0357ed34f695f41a

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2340

GET
H/1.1 200
OK keyboardstyle.css
landice.us/fcgv/pmi/css/ Frame A635 3 KB
3 KB 581ms
573ms Stylesheet
text/css 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/css/keyboardstyle.css
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 80358ff9be39687d4022346716126defa959bf259dc279e4fa79c5a9e5d6266b

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2740

GET
H/1.1 200
OK login.css
landice.us/fcgv/pmi/css/ Frame A635 3 KB
3 KB 572ms
562ms Stylesheet
text/css 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/css/login.css
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 156b810a7a41eaf929200786d5a6d124558079ff8e06f68cd6bab90bbb18e283

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2686

GET
H/1.1 200
OK jquery.min.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 94 KB
94 KB 573ms
562ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/jquery.min.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 96381

GET
H/1.1 200
OK jquery-ui-1.10.3.custom.min.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 223 KB
223 KB 581ms
571ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/jquery-ui-1.10.3.custom.min.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: bd6845710f8b65925fdb00a1e448f0f7f8ac194cffd391946eb4ee561787eac4

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 228138

GET
H/1.1 200
OK jquery-fieldselection.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 4 KB
4 KB 568ms
294ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/jquery-fieldselection.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: c77cc65ae84b8566912d38b5669fdfe431d40a9894a7171131fb65c80e72cbe8

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3585

GET
H/1.1 200
OK vkeyboard.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 6 KB
6 KB 863ms
295ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/vkeyboard.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 36c4bb08df2e7a6e3238fa19fcb8eb1f9ed9eaf02b46f467e6f59c02c2b22f43

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6263

GET
H/1.1 200
OK login.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 18 KB
18 KB 853ms
284ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/login.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: c1d0040c0948759305880d5fcc3990d4ea25e38bb131679b2927034beea27188

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18513

GET
H/1.1 200
OK index.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 7 KB
7 KB 866ms
289ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/index.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 78b268505e93b556a1f9956245b9bf3034ad3e247884254895f1ce8c77a3a84c

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6985

GET
H/1.1 200
OK replace_ad.js Show response
landice.us/fcgv/pmi/Scripts/ Frame A635 444 B
698 B 877ms
293ms Script
application/javascript 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/Scripts/replace_ad.js
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: e00c72fe29f3860f66607a3c7a2e9b63ae5ae35c740690f626fea8b05b1e67e5

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:39 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 444

GET
H/1.1 200
OK w_line.gif
landice.us/fcgv/pmi/images/ Frame A635 52 B
292 B 287ms
287ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/w_line.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: c7615d473078bcc779a9829ef9439094a50683e13bb242affa91852adcb528d3

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 52

GET
H/1.1 200
OK keyboard.png
landice.us/fcgv/pmi/images/ Frame A635 345 B
586 B 284ms
284ms Image
image/png 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/keyboard.png
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: c5cd3ae960d492688c750ca358bc69b3872e599f7ad8f505258a2f5ec4f6ae82

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 345

GET
H/1.1 200
OK maillogin_07-1.gif
landice.us/fcgv/pmi/images/ Frame A635 535 B
776 B 284ms
283ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/maillogin_07-1.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: ac0ac943017702ca0934831adffa93cd3e0a21d253f607a0c4ddc570b679828e

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 535

GET
H/1.1 200
OK dot_arr2_t.gif
landice.us/fcgv/pmi/images/ Frame A635 59 B
299 B 288ms
287ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/dot_arr2_t.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 60e5ac333b1ee5bfc1df9d9240d31b7be24882e50137e9b681d96999708427a0

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 59

GET
H/1.1 200
OK himail_logo.gif
landice.us/fcgv/pmi/images/ Frame A635 3 KB
3 KB 284ms
283ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/himail_logo.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 10eecf80122ad437a3daa21d7f8deff99af7dd47964655b7e4ac0996362ee4cc

Request headers

Referer: http://landice.us/fcgv/pmi/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3236

GET
H/1.1 200
OK close.jpg
webmail.hinet.net/images/ Frame A635 923 B
1 KB 1131ms
218ms Image
image/jpeg 2001:b000:1a0:2:61:220:15:125
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webmail.hinet.net/images/close.jpg

Requested by

Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:b000:1a0:2:61:220:15:125 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

d09a4f2a61f63ab0012dceac0ae76a0718363bbd1439eaea4dd37d13f1df02ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000;includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://landice.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:41 GMT
Last-Modified: Wed, 08 Jul 2015 08:33:32 GMT
Server: Apache
ETag: "39b-51a58fe73cf00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000;includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 923

GET
H/1.1 200
OK top.html Show response
landice.us/fcgv/pmi/ Frame 1746 2 KB
2 KB 293ms
293ms Document
text/html 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/top.html
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: feae5d62e73c1d89cb7506a4c2c47066e2e564b1c3927a06ec7e5a7c3b0d8fa9

Request headers

Host: landice.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://landice.us/fcgv/pmi/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://landice.us/fcgv/pmi/index.html

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Server: Apache
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Accept-Ranges: bytes
Content-Length: 1986
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK notify.html
webmail.hinet.net/ Frame 8E08 0
0 1127ms
217ms Document
text/html 2001:b000:1a0:2:61:220:15:125
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.hinet.net/notify.html

Requested by

Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:b000:1a0:2:61:220:15:125 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000;includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Host: webmail.hinet.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://landice.us/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://landice.us/

Response headers

Date: Thu, 29 Apr 2021 06:50:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000;includeSubdomains; preload
Last-Modified: Wed, 08 Jul 2015 08:33:34 GMT
ETag: "225-51a58fe925380"
Accept-Ranges: bytes
Content-Length: 549
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK bottom.html Show response
landice.us/fcgv/pmi/ Frame 4491 1 KB
2 KB 289ms
289ms Document
text/html 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/bottom.html
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/index.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 2dc23f806c32257cb286b51ae41f75bdeeaaab6cee8682ab03a565d64af463ec

Request headers

Host: landice.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://landice.us/fcgv/pmi/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://landice.us/fcgv/pmi/index.html

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Server: Apache
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Accept-Ranges: bytes
Content-Length: 1434
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 app.js Show response
ssp.hinet.net/api/ Frame A635 27 KB
8 KB 1026ms
259ms Script
application/javascript 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js?_=1619679039880
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/Scripts/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: c62acb5b15af2091f7f77b7b8f894cf380f56fe3ff042e2f77eca7439537983a

Request headers

Referer: http://landice.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:28:17 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame 6FC1 3 KB
1 KB 1272ms
507ms Document
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/Scripts/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 30bb1ed858bc07ba3b453ab4cbb9aaf85403755f3dd0fa549c27b3e8a9308648

Request headers

:method: GET
:authority: ssp.hinet.net
:scheme: https
:path: /api/web/request/?c=2017007&s=201702000023
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://landice.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://landice.us/

Response headers

server: nginx
date: Thu, 29 Apr 2021 06:28:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://landice.us
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H/1.1 200
OK wm2k-style.css
landice.us/fcgv/pmi/css/ Frame 4491 5 KB
5 KB 294ms
293ms Stylesheet
text/css 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/css/wm2k-style.css
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/bottom.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f

Request headers

Referer: http://landice.us/fcgv/pmi/bottom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5031

GET
H/1.1 200
OK hinet-logo-small.gif
landice.us/fcgv/pmi/images/ Frame 4491 500 B
741 B 291ms
290ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/hinet-logo-small.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/bottom.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: db3d351ec3db69ac6c039d94ee05a2fecb641468759f2a6e45e00b2c1bcd8f9f

Request headers

Referer: http://landice.us/fcgv/pmi/bottom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 500

GET
H/1.1 200
OK wm2k-style.css
landice.us/fcgv/pmi/css/ Frame 1746 5 KB
5 KB 288ms
288ms Stylesheet
text/css 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to

Full URL: http://landice.us/fcgv/pmi/css/wm2k-style.css
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/top.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f

Request headers

Referer: http://landice.us/fcgv/pmi/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5031

GET
H/1.1 200
OK hinet-logo.gif
landice.us/fcgv/pmi/images/ Frame 1746 2 KB
2 KB 284ms
284ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/hinet-logo.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/top.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: afb1ef623fb7cc98d5848f53cb0affeb7822e26c8ff4fe979d1f2491bfffdcc3

Request headers

Referer: http://landice.us/fcgv/pmi/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2270

GET
H/1.1 200
OK hinet-hd-t01.gif
landice.us/fcgv/pmi/images/ Frame 1746 1 KB
2 KB 287ms
286ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/hinet-hd-t01.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/top.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 82cc1448d53752d24bb4d5cf39374ef114daf14c7e11bcd0c765708da9a2326f

Request headers

Referer: http://landice.us/fcgv/pmi/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1483

GET
H/1.1 200
OK hinet-hd-t02.gif
landice.us/fcgv/pmi/images/ Frame 1746 245 B
486 B 295ms
294ms Image
image/gif 27.122.57.229
IPTELECOM-AS-AP I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landice.us/fcgv/pmi/images/hinet-hd-t02.gif
Requested by: Host: landice.us
URL: http://landice.us/fcgv/pmi/top.html
Protocol: HTTP/1.1
Server: 27.122.57.229 , Hong Kong, ASN63916 (IPTELECOM-AS-AP IPTELECOM Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: f181238f262b5cc5c4b78eb41510fb8102feac7dbcb6513b109ebe5d594c901d

Request headers

Referer: http://landice.us/fcgv/pmi/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 06:50:40 GMT
Last-Modified: Sun, 18 Apr 2021 13:30:08 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 245

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame 6FC1 5 KB
3 KB 780ms
257ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

74b97b286975292640fd9bef45900d390a589d1cfaf4b18544d12931c46f5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 07:43:47 GMT
server: nginx
etag: W/"6077eeb3-1536"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 29 Apr 2021 07:00:42 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 6FC1 90 KB
32 KB 23ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://ssp.hinet.net
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:41 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1619679041.dop145.fr8.t,1619679041.cds206.fr8.hn,1619679041.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6FC1 133 KB
48 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b39b55f8696f4865e79b1ba6e61c5d287c670c2697af851e416983a45c990063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48343
x-xss-protection: 0
server: cafe
etag: 3061156273208685884
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 06:50:41 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6FC1 37 B
405 B 259ms
258ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

f6ec5d652ad83ed1323545fde34913b7f1ec73c28bfb1b0797855c46eac975a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame 6FC1 223 KB
83 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2433080275028329&plah=ssp.hinet.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 5298758904806933499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 06:50:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/ Frame 25B5 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210426/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 29 Apr 2021 01:16:17 GMT
expires: Thu, 13 May 2021 01:16:17 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 20065
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6FC1 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2433080275028329&plah=ssp.hinet.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6FC1 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A07 603 B
221 B 39ms
24ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=400&slotname=3534539848&adk=1628576599&adf=1280862017&pi=t.ma~as.3534539848&w=580&psa=0&format=580x400&url=http%3A%2F%2Flandice.us%2F&ea=0&flash=0&wgl=1&dt=1619679042607&bpp=18&bdt=830&idt=70&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1278732656569&frm=8&ife=1&pv=2&ga_vid=621417259.1619679043&ga_sid=1619679043&ga_hid=360388937&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=660&ish=520&ifk=1223852579&scr_x=-12245933&scr_y=-12245933&eid=44739548%2C42530672&oid=3&pvsid=211749635764298&top=http%3A%2F%2Fhinetsecuresrvrcontrolcentre.cf&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C660%2C520&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.sngzj0h7ml8w&fsb=1&dtd=86

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2433080275028329&output=html&h=400&slotname=3534539848&adk=1628576599&adf=1280862017&pi=t.ma~as.3534539848&w=580&psa=0&format=580x400&url=http%3A%2F%2Flandice.us%2F&ea=0&flash=0&wgl=1&dt=1619679042607&bpp=18&bdt=830&idt=70&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1278732656569&frm=8&ife=1&pv=2&ga_vid=621417259.1619679043&ga_sid=1619679043&ga_hid=360388937&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=660&ish=520&ifk=1223852579&scr_x=-12245933&scr_y=-12245933&eid=44739548%2C42530672&oid=3&pvsid=211749635764298&top=http%3A%2F%2Fhinetsecuresrvrcontrolcentre.cf&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C660%2C520&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.sngzj0h7ml8w&fsb=1&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Apr 2021 06:50:42 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Apr-2021 07:05:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FC1 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Thu, 29 Apr 2021 06:50:42 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6FC1 9 KB
7 KB 38ms
25ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac144bfcd406abbbeda619475f64b358193d1a57ad270ebaa38a0b302a258ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7110
x-xss-protection: 0

GET
H/1.1 200
OK request Show response
ssp.hinet.net/api/web/ Frame B492 437 B
675 B 524ms
519ms Document
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp.hinet.net/api/web/request?c=2017007&s=201702000062&u=ed36c60b-2469-7954-53a4-4e9a396fd955&ad=ed36c60b-2469-7954-53a4-4e9a396fd955&t=1619679041529&oi=3DiS1&site=http%3A%2F%2Flandice.us%2Ffcgv%2Fpmi%2Findex.html&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017007%26s%3D201702000062%26u%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26ad%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26t%3D1619679041529%26oi%3D3DiS1%26site%3Dhttp%253A%252F%252Flandice.us%252Ffcgv%252Fpmi%252Findex.html&o=ZEpI5
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js?_=1619679039880
Protocol: HTTP/1.1
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 70bd10c147a76f6c56729285a227056987b27a8f6ba27eaad3b7870ba210d519

Request headers

Host: ssp.hinet.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://landice.us/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://landice.us/

Response headers

Server: nginx
Date: Thu, 29 Apr 2021 06:26:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://landice.us
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FC1 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 29 Apr 2021 06:50:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DD68 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 29 Apr 2021 06:44:31 GMT
expires: Fri, 29 Apr 2022 06:44:31 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 372
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 emome
t.ssp.hinet.net/ Frame 6FC1 0
113 B 260ms
259ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/emome?u=f7958baa-e549-44ae-9ace-f177d4619c54

Requested by

Host: hinetsecuresrvrcontrolcentre.cf
URL: http://hinetsecuresrvrcontrolcentre.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
cache-control: no-cache, private
server: nginx
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
t.ssp.hinet.net/ Frame 6FC1 0
79 B 256ms
256ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=f7958baa-e549-44ae-9ace-f177d4619c54&t=ch%3D2017007%26st%3D201702000023

Requested by

Host: hinetsecuresrvrcontrolcentre.cf
URL: http://hinetsecuresrvrcontrolcentre.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:50:42 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
ssp.hinet.net/api/ Frame B492 106 B
302 B 256ms
256ms Image
application/octet-stream 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/pixel?bd=5f8a50e6521784231cb71ce9a2e9c0f3df4f660ac23f2f0a3a5a1c6db8a68347&ch=2017007
Requested by: Host: ssp.hinet.net
URL: http://ssp.hinet.net/api/web/request?c=2017007&s=201702000062&u=ed36c60b-2469-7954-53a4-4e9a396fd955&ad=ed36c60b-2469-7954-53a4-4e9a396fd955&t=1619679041529&oi=3DiS1&site=http%3A%2F%2Flandice.us%2Ffcgv%2Fpmi%2Findex.html&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017007%26s%3D201702000062%26u%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26ad%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26t%3D1619679041529%26oi%3D3DiS1%26site%3Dhttp%253A%252F%252Flandice.us%252Ffcgv%252Fpmi%252Findex.html&o=ZEpI5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889

Request headers

Referer: http://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:28:19 GMT
last-modified: Thu, 13 Feb 2020 05:50:28 GMT
server: nginx
etag: "5e44e3a4-6a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 106

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame DD68 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 443
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Fri, 29 Apr 2022 06:43:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FC1 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=211749635764298&bg=!-Pul-7_NAAZLnZBaS507ACkAdvg8WsPCbLsXLGd0yC-JxG-Cn0hRv9pqkLUXXX5vXYeZr1Jbpe5y-QIAAABTUgAAAA1oAQeZAma4VNQvge89hDIoRe-eVIJPFVh60pUdZTxCD6yD83cGhKILxlz6eyzUun-FH17PeVTncbNIVP4jmio9G5Pg9XcN9xg_cFTwgoLVRCNVGsXG8ZS-pK1BMkOgYWRnXAB76Fqk-_Zti4BTrK7o7qm6Clv9cIJS0Q-0znRJ41BCOq_U9LJHqtY-9qsyvF9A6PGPf8l1IophkcWr5WQh05Wf3xJXwjSoBlnL4jWYf9NWFKLbf3UzMztssJUnmrYPxOnL2sCF8S_P343DKt0PuHKIfaHcVPpwribBzMxDCDvb_SCBuTpddbc0TtDK6tFy1XAt3KGS7UpGeG28BaEOPMOMer-tltBbkBHLNYfEkA5A6vjvWXnACwgnw_YF4pQqiLo1yP6dquTC1lyCbrtmRvzSIhCgF9e_Mh9TJk83_PgPWTOTIa2xaq9HELJYjv7prSswDD-37l2taLujcB0lJgce7H4CqpnVocaZY3rjjvgxLYw7R2k7U4DudFbk2vKTY4cA0BCVyjshcfb7KrlM1BAU0qONaW7aRAwK-Vc29q433c-3qs50jbmt19SzO7kHHUa-4nC_oCNmoTeJXzc2qTZt0gPrS0iFgvQ5PcXixh3OGRX62sJjVQNpBOsBXHMmH9YeM1nXLNYOw9QKbK6mcfltyyIQiqOAS9OW96z3O6zEbMECX7EhasHFaTwrCEK1Q42phrCOqW56UFftwrTirCvbKVsH_w6Jv9xITCOcwo4bxzeFBV2mDA_kmY82GsVtrrJk7-GeTfQEEX8dsJfBTlVbIrz2yq2vpFDdVcLuK0J71JKBA9HFxOwIKA

Requested by

Host: hinetsecuresrvrcontrolcentre.cf
URL: http://hinetsecuresrvrcontrolcentre.cf/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 06:50:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame 6FC1 0
223 B 260ms
259ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017007&s=201702000023&th=91&wc=2716
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:28:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chunghwa Telecom (Telecommunication)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ssp.hinet.net/	1970-01-20 11:26:34	Name: uuid Value: ed36c60b-2469-7954-53a4-4e9a396fd955
.doubleclick.net/	1970-01-19 17:54:39	Name: test_cookie Value: CheckForPermission
.hinet.net/	1970-01-20 11:25:51	Name: uuid Value: f7958baa-e549-44ae-9ace-f177d4619c54

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://landice.us/fcgv/pmi/Scripts/index.js(Line 159) Message: Chrome/89
console-api	log	URL: http://landice.us/fcgv/pmi/Scripts/index.js(Line 163) Message: Chrome/89
console-api	log	URL: https://ssp.hinet.net/api/app.js?_=1619679039880(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017007&s=201702000062&u=ed36c60b-2469-7954-53a4-4e9a396fd955&ad=ed36c60b-2469-7954-53a4-4e9a396fd955&t=1619679041529&oi=3DiS1&site=http%3A%2F%2Flandice.us%2Ffcgv%2Fpmi%2Findex.html&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017007%26s%3D201702000062%26u%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26ad%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26t%3D1619679041529%26oi%3D3DiS1%26site%3Dhttp%253A%252F%252Flandice.us%252Ffcgv%252Fpmi%252Findex.html
console-api	info	URL: http://ssp.hinet.net/api/web/request?c=2017007&s=201702000062&u=ed36c60b-2469-7954-53a4-4e9a396fd955&ad=ed36c60b-2469-7954-53a4-4e9a396fd955&t=1619679041529&oi=3DiS1&site=http%3A%2F%2Flandice.us%2Ffcgv%2Fpmi%2Findex.html&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017007%26s%3D201702000062%26u%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26ad%3Ded36c60b-2469-7954-53a4-4e9a396fd955%26t%3D1619679041529%26oi%3D3DiS1%26site%3Dhttp%253A%252F%252Flandice.us%252Ffcgv%252Fpmi%252Findex.html&o=ZEpI5(Line 9) Message: No Ad
console-api	info	URL: https://ssp.hinet.net/api/web/request/?c=2017007&s=201702000023(Line 34) Message: SSP AD show

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
googleads.g.doubleclick.net
hinetsecuresrvrcontrolcentre.cf
landice.us
pagead2.googlesyndication.com
ssp.hinet.net
t.ssp.hinet.net
tpc.googlesyndication.com
webmail.hinet.net
www.google-analytics.com
www.googletagservices.com
195.20.54.183
2001:4de0:ac18::1:a:2b
2001:b000:1a0:2:61:220:15:125
203.75.214.136
203.75.214.200
27.122.57.229
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08c016f9519475930d00d9a63249ead7d8f574a7ff7543fd0357ed34f695f41a
10eecf80122ad437a3daa21d7f8deff99af7dd47964655b7e4ac0996362ee4cc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
156b810a7a41eaf929200786d5a6d124558079ff8e06f68cd6bab90bbb18e283
2dc23f806c32257cb286b51ae41f75bdeeaaab6cee8682ab03a565d64af463ec
30bb1ed858bc07ba3b453ab4cbb9aaf85403755f3dd0fa549c27b3e8a9308648
36c4bb08df2e7a6e3238fa19fcb8eb1f9ed9eaf02b46f467e6f59c02c2b22f43
60e5ac333b1ee5bfc1df9d9240d31b7be24882e50137e9b681d96999708427a0
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
70bd10c147a76f6c56729285a227056987b27a8f6ba27eaad3b7870ba210d519
74b97b286975292640fd9bef45900d390a589d1cfaf4b18544d12931c46f5cc1
775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f
78b268505e93b556a1f9956245b9bf3034ad3e247884254895f1ce8c77a3a84c
80358ff9be39687d4022346716126defa959bf259dc279e4fa79c5a9e5d6266b
82cc1448d53752d24bb4d5cf39374ef114daf14c7e11bcd0c765708da9a2326f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ac0ac943017702ca0934831adffa93cd3e0a21d253f607a0c4ddc570b679828e
ac144bfcd406abbbeda619475f64b358193d1a57ad270ebaa38a0b302a258ce0
ac1acf3b6b3af2dfd55763d31241420ace5f93712d400c04f26feb6c638c79ae
afb1ef623fb7cc98d5848f53cb0affeb7822e26c8ff4fe979d1f2491bfffdcc3
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b39b55f8696f4865e79b1ba6e61c5d287c670c2697af851e416983a45c990063
bd6845710f8b65925fdb00a1e448f0f7f8ac194cffd391946eb4ee561787eac4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1d0040c0948759305880d5fcc3990d4ea25e38bb131679b2927034beea27188
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889
c5cd3ae960d492688c750ca358bc69b3872e599f7ad8f505258a2f5ec4f6ae82
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c62acb5b15af2091f7f77b7b8f894cf380f56fe3ff042e2f77eca7439537983a
c7615d473078bcc779a9829ef9439094a50683e13bb242affa91852adcb528d3
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
c77cc65ae84b8566912d38b5669fdfe431d40a9894a7171131fb65c80e72cbe8
d09a4f2a61f63ab0012dceac0ae76a0718363bbd1439eaea4dd37d13f1df02ce
d50bc16c60ef32993716537d49426059b9d8944aaef98cc7e30ffda7711ba2ab
db3d351ec3db69ac6c039d94ee05a2fecb641468759f2a6e45e00b2c1bcd8f9f
e00c72fe29f3860f66607a3c7a2e9b63ae5ae35c740690f626fea8b05b1e67e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
f181238f262b5cc5c4b78eb41510fb8102feac7dbcb6513b109ebe5d594c901d
f6ec5d652ad83ed1323545fde34913b7f1ec73c28bfb1b0797855c46eac975a6
feae5d62e73c1d89cb7506a4c2c47066e2e564b1c3927a06ec7e5a7c3b0d8fa9

hinetsecuresrvrcontrolcentre.cf Open in urlscan Pro 195.20.54.183 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

49 %HTTPS

71 %IPv6

10 Domains

13 Subdomains

14 IPs

4 Countries

660 kBTransfer

1067 kBSize

3 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hinetsecuresrvrcontrolcentre.cf Open in urlscan Pro
195.20.54.183 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

49 %
HTTPS

71 %
IPv6

10
Domains

13
Subdomains

14
IPs

4
Countries

660 kB
Transfer

1067 kB
Size

3
Cookies

51 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!