hinetfeedsecurenetworkreportcentres.tk Open in urlscan Pro
195.20.44.71 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hinetfeedsecurenetworkreportcentres.tk/
Submission: On October 25 via api (October 25th 2022, 11:04:16 am UTC) from JP — Scanned from NL

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 49 HTTP transactions. The main IP is 195.20.44.71, located in Netherlands and belongs to VFMNL-AS Amsterdam Location BGP Setup, NL. The main domain is hinetfeedsecurenetworkreportcentres.tk.

This is the only time hinetfeedsecurenetworkreportcentres.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chunghwa Telecom (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	195.20.44.71 195.20.44.71	31624 (VFMNL-AS ...) (VFMNL-AS Amsterdam Location BGP Setup)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
26	103.116.16.4 103.116.16.4	137870 (IHNET-AS-...) (IHNET-AS-AP IHNetworks)
2	61.220.15.125 61.220.15.125	() ()
1 3	2a00:1450:400... 2a00:1450:4001:809::2002	() ()
5	203.75.213.62 203.75.213.62	() ()
1	18.156.195.47 18.156.195.47	() ()
1	18.195.217.96 18.195.217.96	() ()
3	2a00:1450:400... 2a00:1450:4001:82a::2002	() ()
4	2a00:1450:400... 2a00:1450:4001:806::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:827::2002	() ()
49	12

1 195.20.44.71 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)

hinetfeedsecurenetworkreportcentres.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 103.116.16.4 (United States)

ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG)
PTR: vikings.unisonplatform.com

cosmoheritage.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 61.220.15.125 (None, )

ASN- ()

webmail.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (None, ) 1 redirects

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 203.75.213.62 (None, )

ASN- ()

static.cht.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.195.47 (None, )

ASN- ()

web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.217.96 (None, )

ASN- ()

prod-m-node-3113.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (None, )

ASN- ()

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	cosmoheritage.monster cosmoheritage.monster	410 KB
7	hinet.net webmail.hinet.net static.cht.hinet.net	18 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	160 KB
3	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	182 KB
2	yahoo.com web.ssp.yahoo.com prod-m-node-3113.ssp.yahoo.com	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	17 KB
1	google.com adservice.google.com	549 B
1	google.nl adservice.google.nl	792 B
1	hinetfeedsecurenetworkreportcentres.tk hinetfeedsecurenetworkreportcentres.tk	1 KB
49	9

	Domain	Requested by
26	cosmoheritage.monster	hinetfeedsecurenetworkreportcentres.tk cosmoheritage.monster
5	static.cht.hinet.net	cosmoheritage.monster static.cht.hinet.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	static.cht.hinet.net pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	1 redirects cosmoheritage.monster securepubads.g.doubleclick.net
2	webmail.hinet.net	cosmoheritage.monster
2	www.google-analytics.com	hinetfeedsecurenetworkreportcentres.tk
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	prod-m-node-3113.ssp.yahoo.com	web.ssp.yahoo.com
1	web.ssp.yahoo.com	static.cht.hinet.net
1	hinetfeedsecurenetworkreportcentres.tk
0	tpc.googlesyndication.com Failed	pagead2.googlesyndication.com
49	13

This site contains no links.

Subject Issuer	Validity	Valid
*.webmail.hinet.net	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.cht.hinet.net	`2022-03-15` - `2023-03-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-21` - `2022-12-21`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://hinetfeedsecurenetworkreportcentres.tk/
Frame ID: 501A60CB6DDBA7B56C818F2B302D6932
Requests: 3 HTTP requests in this frame

Frame: http://cosmoheritage.monster/3w52/osac/index.html
Frame ID: 00D20B06F0ED16E17DCE5B5E1391C3A5
Requests: 26 HTTP requests in this frame

Frame: http://cosmoheritage.monster/3w52/osac/top.html
Frame ID: 0D681BFF5CF9C5D4D0694D1E59DBA2AF
Requests: 5 HTTP requests in this frame

Frame: https://webmail.hinet.net/notify.html
Frame ID: 458DA3F17DB0B5DDE752C6B89418178F
Requests: 1 HTTP requests in this frame

Frame: http://cosmoheritage.monster/3w52/osac/bottom.html
Frame ID: E64ED8EBE4EA4EF099ED24AF8A1FCB80
Requests: 3 HTTP requests in this frame

Frame: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Frame ID: AC4FE4940E60B12858A254BA554AE6DD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Frame ID: 17F5F6406312DCC801503B5D46A9FE8E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: 9743D3EFCFD220BF2EBFC299A200653D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=2163177154&lmt=1666695854&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fcosmoheritage.monster%2F3w52%2Fosac%2Findex.html&ea=0&pra=5&wgl=1&dt=1666695854375&bpp=3&bdt=219&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&nras=1&correlator=2756433913819&frm=24&ife=1&pv=2&ga_vid=2138090053.1666695855&ga_sid=1666695855&ga_hid=116181428&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=580&ish=400&ifk=3770873759&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531705%2C31070425%2C31070437%2C44775016&oid=2&pvsid=765778056864115&tmod=2042626803&uas=0&nvt=1&top=http%3A%2F%2Fhinetfeedsecurenetworkreportcentres.tk%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=23&ifi=1&uci=1.9ozj0dlg2ijc&fsb=1&dtd=227
Frame ID: 03F3869465360FC4E72C913A426EDED1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=3093069567&adk=3779093113&adf=3407252217&pi=t.ma~as.3093069567&w=580&lmt=1666695854&format=580x400&url=http%3A%2F%2Fcosmoheritage.monster%2F3w52%2Fosac%2Findex.html&ea=0&wgl=1&dt=1666695854378&bpp=1&bdt=222&idt=228&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2756433913819&frm=24&ife=1&pv=1&ga_vid=2138090053.1666695855&ga_sid=1666695855&ga_hid=116181428&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=580&ish=400&ifk=3770873759&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531705%2C31070425%2C31070437%2C44775016&oid=2&pvsid=765778056864115&tmod=2042626803&uas=0&nvt=1&top=http%3A%2F%2Fhinetfeedsecurenetworkreportcentres.tk%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=2&uci=2.wtgpxdwz8aw5&fsb=1&dtd=233
Frame ID: 8F5E346BEF5D37EFADA993B2F816E700
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hinetfeedsecurenetworkreportcentres.tk

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

49
Requests

37 %
HTTPS

45 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

794 kB
Transfer

1473 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 2

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1844431257&utmhn=hinetfeedsecurenetworkreportcentres.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetfeedsecurenetworkreportcentres.tk&utmhid=477387504&utmr=-&utmp=%2F&utmht=1666695848291&utmac=UA-23441223-3&utmcc=__utma%3D1.1084497802.1666695848.1666695848.1666695848.1%3B%2B__utmz%3D1.1666695848.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1026861531&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1844431257&utmhn=hinetfeedsecurenetworkreportcentres.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetfeedsecurenetworkreportcentres.tk&utmhid=477387504&utmr=-&utmp=%2F&utmht=1666695848291&utmac=UA-23441223-3&utmcc=__utma%3D1.1084497802.1666695848.1666695848.1666695848.1%3B%2B__utmz%3D1.1666695848.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1026861531&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 24

https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1666695850864 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request / Show response
hinetfeedsecurenetworkreportcentres.tk/ 1 KB
1 KB 3285ms
3207ms Document
text/html 195.20.44.71
VFMNL-AS Amsterda...

General

Check archive.org

Show headers Download Go to

Full URL: http://hinetfeedsecurenetworkreportcentres.tk/
Protocol: HTTP/1.1
Server: 195.20.44.71 , Netherlands, ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL),
Reverse DNS
Software: nginx /
Resource Hash: 75d4ad1a76d47ab20466c7c63d51f77d585bb3b863803fdcd86a1e621effff96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 644
Content-Type: text/html;charset=UTF-8
Date: Tue, 25 Oct 2022 11:04:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Server: ip-172-31-40-58

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

145ms
41ms

Script
text/javascript

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: hinetfeedsecurenetworkreportcentres.tk
URL: http://hinetfeedsecurenetworkreportcentres.tk/

Protocol

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hinetfeedsecurenetworkreportcentres.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 09:42:55 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 25 Oct 2022 11:42:55 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK index.html Show response
cosmoheritage.monster/3w52/osac/ Frame 00D2 20 KB
20 KB 1066ms
286ms Document
text/html 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/index.html
Requested by: Host: hinetfeedsecurenetworkreportcentres.tk
URL: http://hinetfeedsecurenetworkreportcentres.tk/
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: b2f6b3681ac26770b3cf8bcca27905ed8bdc69ff64cfe130a4aa220a7e6ed783

Request headers

Referer: http://hinetfeedsecurenetworkreportcentres.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 20264
Content-Type: text/html
Date: Tue, 25 Oct 2022 11:04:08 GMT
Keep-Alive: timeout=5, max=10000
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1844431257&utmhn=hinetfeedsecurenetworkreportcentres.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmj...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1844431257&utmhn=hinetfeedsecurenetworkreportcentres.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utm...

35 B
197 B

45ms
44ms

Image
image/gif

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1844431257&utmhn=hinetfeedsecurenetworkreportcentres.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetfeedsecurenetworkreportcentres.tk&utmhid=477387504&utmr=-&utmp=%2F&utmht=1666695848291&utmac=UA-23441223-3&utmcc=__utma%3D1.1084497802.1666695848.1666695848.1666695848.1%3B%2B__utmz%3D1.1666695848.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1026861531&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: hinetfeedsecurenetworkreportcentres.tk
URL: http://hinetfeedsecurenetworkreportcentres.tk/

Protocol

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hinetfeedsecurenetworkreportcentres.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 11:04:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1844431257&utmhn=hinetfeedsecurenetworkreportcentres.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetfeedsecurenetworkreportcentres.tk&utmhid=477387504&utmr=-&utmp=%2F&utmht=1666695848291&utmac=UA-23441223-3&utmcc=__utma%3D1.1084497802.1666695848.1666695848.1666695848.1%3B%2B__utmz%3D1.1666695848.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1026861531&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK index.css
cosmoheritage.monster/3w52/osac/css/ Frame 00D2 2 KB
3 KB 275ms
275ms Stylesheet
text/css 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/css/index.css
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 08c016f9519475930d00d9a63249ead7d8f574a7ff7543fd0357ed34f695f41a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 2340

GET
H/1.1 200
OK keyboardstyle.css
cosmoheritage.monster/3w52/osac/css/ Frame 00D2 3 KB
3 KB 291ms
291ms Stylesheet
text/css 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/css/keyboardstyle.css
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 80358ff9be39687d4022346716126defa959bf259dc279e4fa79c5a9e5d6266b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 2740

GET
H/1.1 200
OK login.css
cosmoheritage.monster/3w52/osac/css/ Frame 00D2 3 KB
3 KB 566ms
294ms Stylesheet
text/css 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/css/login.css
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 156b810a7a41eaf929200786d5a6d124558079ff8e06f68cd6bab90bbb18e283

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 2686

GET
H/1.1 200
OK jquery.min.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 94 KB
94 KB 551ms
279ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/jquery.min.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 96381

GET
H/1.1 200
OK jquery-ui-1.10.3.custom.min.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 223 KB
223 KB 566ms
291ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/jquery-ui-1.10.3.custom.min.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: bd6845710f8b65925fdb00a1e448f0f7f8ac194cffd391946eb4ee561787eac4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 228138

GET
H/1.1 200
OK jquery-fieldselection.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 4 KB
4 KB 565ms
288ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/jquery-fieldselection.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: c77cc65ae84b8566912d38b5669fdfe431d40a9894a7171131fb65c80e72cbe8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 3585

GET
H/1.1 200
OK vkeyboard.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 6 KB
6 KB 565ms
286ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/vkeyboard.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 36c4bb08df2e7a6e3238fa19fcb8eb1f9ed9eaf02b46f467e6f59c02c2b22f43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 6263

GET
H/1.1 200
OK login.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 18 KB
18 KB 579ms
290ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/login.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: c1d0040c0948759305880d5fcc3990d4ea25e38bb131679b2927034beea27188

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 18513

GET
H/1.1 200
OK index.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 7 KB
7 KB 843ms
277ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/index.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 78b268505e93b556a1f9956245b9bf3034ad3e247884254895f1ce8c77a3a84c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 6985

GET
H/1.1 200
OK replace_ad.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 2 KB
2 KB 855ms
289ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/replace_ad.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 6d28f50be3487f93b449458db38324b56287255c6635a2304da195e8bcf75b19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 2115

GET
H/1.1 200
OK replace_ad.2022.js Show response
cosmoheritage.monster/3w52/osac/Scripts/ Frame 00D2 2 KB
2 KB 857ms
291ms Script
application/javascript 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/Scripts/replace_ad.2022.js
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 2428d33dea4ccd56c96be07f076c2944996a68882b2eea1433e6daae053e9748

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:09 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 1714

GET
H/1.1 404
Not Found JavaScriptServlet.do
cosmoheritage.monster/ Frame 00D2 0
0 1132ms
277ms Script
text/html 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/JavaScriptServlet.do
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:10 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=9998
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK w_line.gif
cosmoheritage.monster/3w52/osac/images/ Frame 00D2 52 B
294 B 275ms
274ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/w_line.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: c7615d473078bcc779a9829ef9439094a50683e13bb242affa91852adcb528d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:10 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 52

GET
H/1.1 200
OK keyboard.png
cosmoheritage.monster/3w52/osac/images/ Frame 00D2 345 B
588 B 278ms
277ms Image
image/png 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/keyboard.png
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: c5cd3ae960d492688c750ca358bc69b3872e599f7ad8f505258a2f5ec4f6ae82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:10 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 345

GET
H/1.1 200
OK maillogin_07-1.gif
cosmoheritage.monster/3w52/osac/images/ Frame 00D2 535 B
778 B 276ms
275ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/maillogin_07-1.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: ac0ac943017702ca0934831adffa93cd3e0a21d253f607a0c4ddc570b679828e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:10 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 535

GET
H/1.1 200
OK dot_arr2_t.gif
cosmoheritage.monster/3w52/osac/images/ Frame 00D2 59 B
301 B 292ms
291ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/dot_arr2_t.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 60e5ac333b1ee5bfc1df9d9240d31b7be24882e50137e9b681d96999708427a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:10 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 59

GET
H/1.1 200
OK himail_logo.gif
cosmoheritage.monster/3w52/osac/images/ Frame 00D2 3 KB
3 KB 289ms
288ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/himail_logo.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 10eecf80122ad437a3daa21d7f8deff99af7dd47964655b7e4ac0996362ee4cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:10 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 3236

GET
H/1.1 200
OK close.jpg
webmail.hinet.net/images/ Frame 00D2 923 B
1 KB 1782ms
241ms Image
image/jpeg 61.220.15.125

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webmail.hinet.net/images/close.jpg

Requested by

Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

61.220.15.125 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

d09a4f2a61f63ab0012dceac0ae76a0718363bbd1439eaea4dd37d13f1df02ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000;includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:12 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000;includeSubdomains; preload
Last-Modified: Wed, 08 Jul 2015 08:33:32 GMT
Server: Apache
ETag: "39b-51a58fe73cf00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 923

GET
H/1.1 200
OK top.html Show response
cosmoheritage.monster/3w52/osac/ Frame 0D68 2 KB
2 KB 296ms
289ms Document
text/html 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/top.html
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: feae5d62e73c1d89cb7506a4c2c47066e2e564b1c3927a06ec7e5a7c3b0d8fa9

Request headers

Referer: http://cosmoheritage.monster/3w52/osac/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 1986
Content-Type: text/html
Date: Tue, 25 Oct 2022 11:04:10 GMT
Keep-Alive: timeout=5, max=9998
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache

GET
H/1.1 200
OK notify.html
webmail.hinet.net/ Frame 458D 0
0 1774ms
240ms Document
text/html 61.220.15.125

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.hinet.net/notify.html

Requested by

Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

61.220.15.125 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000;includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://cosmoheritage.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 549
Content-Security-Policy: frame-ancestors 'self';
Content-Type: text/html
Date: Tue, 25 Oct 2022 11:04:12 GMT
ETag: "225-51a58fe925380"
Keep-Alive: timeout=15, max=100
Last-Modified: Wed, 08 Jul 2015 08:33:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubdomains; preload
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK bottom.html Show response
cosmoheritage.monster/3w52/osac/ Frame E64E 1 KB
2 KB 462ms
273ms Document
text/html 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/bottom.html
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 2dc23f806c32257cb286b51ae41f75bdeeaaab6cee8682ab03a565d64af463ec

Request headers

Referer: http://cosmoheritage.monster/3w52/osac/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 1434
Content-Type: text/html
Date: Tue, 25 Oct 2022 11:04:11 GMT
Keep-Alive: timeout=5, max=9998
Last-Modified: Sun, 23 Oct 2022 22:22:32 GMT
Server: Apache

GET
H3

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 00D2
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1666695850864
https://securepubads.g.doubleclick.net/tag/js/gpt.js

78 KB
27 KB

235ms
169ms

Script
text/javascript

2a00:1450:4001:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/index.html

Protocol

Server

2a00:1450:4001:809::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a18763e5c2f7b3011313669fcaef7e97c66c2920ca54dfb43290ab01445bc4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27292
x-xss-protection: 0
server: sffe
etag: "1374 / 317 of 1000 / last-modified: 1666649227"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Oct 2022 11:04:11 GMT

Redirect headers

date: Tue, 25 Oct 2022 11:04:11 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Tue, 25 Oct 2022 11:34:11 GMT

GET
H/1.1 200
OK chtnw.js Show response
static.cht.hinet.net/sdk/ Frame 00D2 13 KB
13 KB 1696ms
474ms Script
application/javascript 203.75.213.62

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cht.hinet.net/sdk/chtnw.js?_=1666695850865

Requested by

Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/Scripts/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 -, , ASN (),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

36f31895419e93aac54e53074efbb96b63325e227582103470c1c6ec147bb7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:12 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 06 Oct 2022 04:36:46 GMT
Server: nginx/1.21.1
ETag: "633e5b5e-34b0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13488

GET
H/1.1 200
OK wm2k-style.css
cosmoheritage.monster/3w52/osac/css/ Frame 0D68 5 KB
5 KB 275ms
274ms Stylesheet
text/css 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/css/wm2k-style.css
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/top.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:11 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 5031

GET
H/1.1 200
OK hinet-logo.gif
cosmoheritage.monster/3w52/osac/images/ Frame 0D68 2 KB
2 KB 284ms
283ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/hinet-logo.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/top.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: afb1ef623fb7cc98d5848f53cb0affeb7822e26c8ff4fe979d1f2491bfffdcc3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:11 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 2270

GET
H/1.1 200
OK hinet-hd-t01.gif
cosmoheritage.monster/3w52/osac/images/ Frame 0D68 1 KB
2 KB 288ms
288ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/hinet-hd-t01.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/top.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 82cc1448d53752d24bb4d5cf39374ef114daf14c7e11bcd0c765708da9a2326f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:11 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9996
Content-Length: 1483

GET
H/1.1 200
OK hinet-hd-t02.gif
cosmoheritage.monster/3w52/osac/images/ Frame 0D68 245 B
488 B 285ms
285ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/hinet-hd-t02.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/top.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: f181238f262b5cc5c4b78eb41510fb8102feac7dbcb6513b109ebe5d594c901d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/top.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:11 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9996
Content-Length: 245

GET
H/1.1 200
OK wm2k-style.css
cosmoheritage.monster/3w52/osac/css/ Frame E64E 5 KB
5 KB 310ms
310ms Stylesheet
text/css 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to

Full URL: http://cosmoheritage.monster/3w52/osac/css/wm2k-style.css
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/bottom.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: 775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/bottom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:11 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 5031

GET
H/1.1 200
OK hinet-logo-small.gif
cosmoheritage.monster/3w52/osac/images/ Frame E64E 500 B
743 B 302ms
301ms Image
image/gif 103.116.16.4
IHNET-AS-AP IHNet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cosmoheritage.monster/3w52/osac/images/hinet-logo-small.gif
Requested by: Host: cosmoheritage.monster
URL: http://cosmoheritage.monster/3w52/osac/bottom.html
Protocol: HTTP/1.1
Server: 103.116.16.4 , United States, ASN137870 (IHNET-AS-AP IHNetworks, LLC, SG),
Reverse DNS: vikings.unisonplatform.com
Software: Apache /
Resource Hash: db3d351ec3db69ac6c039d94ee05a2fecb641468759f2a6e45e00b2c1bcd8f9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/3w52/osac/bottom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:11 GMT
Last-Modified: Sun, 23 Oct 2022 22:22:31 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 500

GET
H3 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 00D2 378 KB
128 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1666695850864

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 10:13:44 GMT

GET
H/1.1 200
OK ad Show response
static.cht.hinet.net/api/v1/request/ Frame 00D2 950 B
1 KB 696ms
239ms Fetch
application/json 203.75.213.62

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cht.hinet.net/api/v1/request/ad?key=3Q7VZD294Z5L9OE6&uuid=227d7eb7-20a4-4b6a-b196-109384260be1&bidId=undefined

Requested by

Host: static.cht.hinet.net
URL: https://static.cht.hinet.net/sdk/chtnw.js?_=1666695850865

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 -, , ASN (),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

5289d896f4a66428abf32b2b5af894ac0a5aab5d17b9f20920f050959449db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:13 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
vary: Origin
Content-Type: application/json
access-control-allow-origin: http://cosmoheritage.monster
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 950

GET
H2 200 admax_api_https.js Show response
web.ssp.yahoo.com/js/admax/ Frame AC4F 3 KB
3 KB 142ms
35ms Script
application/javascript 18.156.195.47

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Requested by: Host: static.cht.hinet.net
URL: https://static.cht.hinet.net/sdk/chtnw.js?_=1666695850865
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:13 GMT
last-modified: Mon, 24 Oct 2022 14:42:19 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 2651
content-type: application/javascript

GET
H/1.1 200
OK third
static.cht.hinet.net/api/v1/trace/ Frame 00D2 2 B
397 B 247ms
245ms Image
application/json 203.75.213.62

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cht.hinet.net/api/v1/trace/third?event=impression&token=6357c2ad81db3424afa91522&source=149

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 -, , ASN (),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:13 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H2 200 adServe.do Show response
prod-m-node-3113.ssp.yahoo.com/admax/ Frame AC4F 3 KB
3 KB 235ms
151ms Script
application/x-javascript 18.195.217.96

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad695117&dcn=8a969d80017d7d25258a27f7e4770037&pos=8a9699a8017d7d294f872b776ecd0042&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/106.0.5249.119%20Safari/537.36&of=js
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.217.96 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a3b5a0906fbe77ab5bbaf60f300f8040874a5b601fcfbafab3d38894f49b5810

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/x-javascript;charset=utf-8
pragma: no-cache
date: Tue, 25 Oct 2022 11:04:13 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
server: nginx
content-length: 2592
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ad Show response
static.cht.hinet.net/api/v1/request/ Frame 00D2 485 B
791 B 238ms
237ms Fetch
application/json 203.75.213.62

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cht.hinet.net/api/v1/request/ad?key=3Q7VZD294Z5L9OE6&uuid=227d7eb7-20a4-4b6a-b196-109384260be1&bidId=undefined&source=147

Requested by

Host: static.cht.hinet.net
URL: https://static.cht.hinet.net/sdk/chtnw.js?_=1666695850865

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 -, , ASN (),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

65805b21d9678fb76bef7cb326c397955558f52a2fd56d31dd2bbfd5c38bb27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:13 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
vary: Origin
Content-Type: application/json
access-control-allow-origin: http://cosmoheritage.monster
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 485

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 17F5 167 KB
55 KB 137ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747

Requested by

Host: static.cht.hinet.net
URL: https://static.cht.hinet.net/sdk/chtnw.js?_=1666695850865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b77fafbb627d102dfda350d222d0bc953a77ca67c2f468ae55feb3fffa95785d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://cosmoheritage.monster/
Origin: http://cosmoheritage.monster
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55276
x-xss-protection: 0
server: cafe
etag: 11887990706852616617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:04:14 GMT

GET
H/1.1 200
OK third
static.cht.hinet.net/api/v1/trace/ Frame 00D2 2 B
397 B 247ms
247ms Image
application/json 203.75.213.62

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cht.hinet.net/api/v1/trace/third?event=impression&token=6357c2adc2d0ea62ebfc6382&source=147

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 -, , ASN (),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 11:04:14 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ Frame 17F5 353 KB
116 KB 123ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=cosmoheritage.monster&bust=31070437

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

aec76eb0955ce9e04fd69abde27788d5d0f30017bf85b97e2569d5144947ac8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118751
x-xss-protection: 0
server: cafe
etag: 18221578513005528606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:04:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame 9743 10 KB
5 KB 238ms
31ms Document
text/html 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://cosmoheritage.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 15:50:00 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 15:50:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.nl/adsid/ Frame 17F5 107 B
792 B 351ms
185ms Script
application/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=cosmoheritage.monster

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=cosmoheritage.monster&bust=31070437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ Frame 17F5 107 B
549 B 248ms
58ms Script
application/javascript 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cosmoheritage.monster

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 03F3 603 B
221 B 112ms
111ms Document
text/html 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=2163177154&lmt=1666695854&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fcosmoheritage.monster%2F3w52%2Fosac%2Findex.html&ea=0&pra=5&wgl=1&dt=1666695854375&bpp=3&bdt=219&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&nras=1&correlator=2756433913819&frm=24&ife=1&pv=2&ga_vid=2138090053.1666695855&ga_sid=1666695855&ga_hid=116181428&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=580&ish=400&ifk=3770873759&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531705%2C31070425%2C31070437%2C44775016&oid=2&pvsid=765778056864115&tmod=2042626803&uas=0&nvt=1&top=http%3A%2F%2Fhinetfeedsecurenetworkreportcentres.tk%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=23&ifi=1&uci=1.9ozj0dlg2ijc&fsb=1&dtd=227

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://cosmoheritage.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 11:04:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 17F5 15 KB
11 KB 166ms
48ms XHR
application/json 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cosmoheritage.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11343
x-xss-protection: 0

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 8F5E 603 B
215 B 105ms
104ms Document
text/html 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=3093069567&adk=3779093113&adf=3407252217&pi=t.ma~as.3093069567&w=580&lmt=1666695854&format=580x400&url=http%3A%2F%2Fcosmoheritage.monster%2F3w52%2Fosac%2Findex.html&ea=0&wgl=1&dt=1666695854378&bpp=1&bdt=222&idt=228&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2756433913819&frm=24&ife=1&pv=1&ga_vid=2138090053.1666695855&ga_sid=1666695855&ga_hid=116181428&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=580&ish=400&ifk=3770873759&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531705%2C31070425%2C31070437%2C44775016&oid=2&pvsid=765778056864115&tmod=2042626803&uas=0&nvt=1&top=http%3A%2F%2Fhinetfeedsecurenetworkreportcentres.tk%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=2&uci=2.wtgpxdwz8aw5&fsb=1&dtd=233

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://cosmoheritage.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 11:04:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 17F5 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chunghwa Telecom (Telecommunication)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hinetfeedsecurenetworkreportcentres.tk/	1969-12-31 23:59:59	Name: JSESSIONID Value: D0E1793BFF772CC03584EFC963DE6F77
hinetfeedsecurenetworkreportcentres.tk/	1970-01-20 16:34:15	Name: __utma Value: 1.1084497802.1666695848.1666695848.1666695848.1
hinetfeedsecurenetworkreportcentres.tk/	1969-12-31 23:59:59	Name: __utmc Value: 1
hinetfeedsecurenetworkreportcentres.tk/	1970-01-20 11:21:03	Name: __utmz Value: 1.1666695848.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
hinetfeedsecurenetworkreportcentres.tk/	1970-01-20 06:58:16	Name: __utmt Value: 1
hinetfeedsecurenetworkreportcentres.tk/	1970-01-20 06:58:17	Name: __utmb Value: 1.1.10.1666695848

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://cosmoheritage.monster/JavaScriptServlet.do Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	Message: Refused to frame 'https://webmail.hinet.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=2163177154&lmt=1666695854&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fcosmoheritage.monster%2F3w52%2Fosac%2Findex.html&ea=0&pra=5&wgl=1&dt=1666695854375&bpp=3&bdt=219&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&nras=1&correlator=2756433913819&frm=24&ife=1&pv=2&ga_vid=2138090053.1666695855&ga_sid=1666695855&ga_hid=116181428&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=580&ish=400&ifk=3770873759&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531705%2C31070425%2C31070437%2C44775016&oid=2&pvsid=765778056864115&tmod=2042626803&uas=0&nvt=1&top=http%3A%2F%2Fhinetfeedsecurenetworkreportcentres.tk%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=23&ifi=1&uci=1.9ozj0dlg2ijc&fsb=1&dtd=227 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=3093069567&adk=3779093113&adf=3407252217&pi=t.ma~as.3093069567&w=580&lmt=1666695854&format=580x400&url=http%3A%2F%2Fcosmoheritage.monster%2F3w52%2Fosac%2Findex.html&ea=0&wgl=1&dt=1666695854378&bpp=1&bdt=222&idt=228&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2756433913819&frm=24&ife=1&pv=1&ga_vid=2138090053.1666695855&ga_sid=1666695855&ga_hid=116181428&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=580&ish=400&ifk=3770873759&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531705%2C31070425%2C31070437%2C44775016&oid=2&pvsid=765778056864115&tmod=2042626803&uas=0&nvt=1&top=http%3A%2F%2Fhinetfeedsecurenetworkreportcentres.tk%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=2&uci=2.wtgpxdwz8aw5&fsb=1&dtd=233 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cosmoheritage.monster
googleads.g.doubleclick.net
hinetfeedsecurenetworkreportcentres.tk
pagead2.googlesyndication.com
prod-m-node-3113.ssp.yahoo.com
securepubads.g.doubleclick.net
static.cht.hinet.net
tpc.googlesyndication.com
web.ssp.yahoo.com
webmail.hinet.net
www.google-analytics.com
tpc.googlesyndication.com
103.116.16.4
18.156.195.47
18.195.217.96
195.20.44.71
203.75.213.62
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
61.220.15.125
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08c016f9519475930d00d9a63249ead7d8f574a7ff7543fd0357ed34f695f41a
10eecf80122ad437a3daa21d7f8deff99af7dd47964655b7e4ac0996362ee4cc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
156b810a7a41eaf929200786d5a6d124558079ff8e06f68cd6bab90bbb18e283
2428d33dea4ccd56c96be07f076c2944996a68882b2eea1433e6daae053e9748
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2dc23f806c32257cb286b51ae41f75bdeeaaab6cee8682ab03a565d64af463ec
36c4bb08df2e7a6e3238fa19fcb8eb1f9ed9eaf02b46f467e6f59c02c2b22f43
36f31895419e93aac54e53074efbb96b63325e227582103470c1c6ec147bb7d9
5289d896f4a66428abf32b2b5af894ac0a5aab5d17b9f20920f050959449db4d
60e5ac333b1ee5bfc1df9d9240d31b7be24882e50137e9b681d96999708427a0
65805b21d9678fb76bef7cb326c397955558f52a2fd56d31dd2bbfd5c38bb27a
6d28f50be3487f93b449458db38324b56287255c6635a2304da195e8bcf75b19
75d4ad1a76d47ab20466c7c63d51f77d585bb3b863803fdcd86a1e621effff96
775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f
78b268505e93b556a1f9956245b9bf3034ad3e247884254895f1ce8c77a3a84c
80358ff9be39687d4022346716126defa959bf259dc279e4fa79c5a9e5d6266b
82cc1448d53752d24bb4d5cf39374ef114daf14c7e11bcd0c765708da9a2326f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a18763e5c2f7b3011313669fcaef7e97c66c2920ca54dfb43290ab01445bc4c2
a3b5a0906fbe77ab5bbaf60f300f8040874a5b601fcfbafab3d38894f49b5810
ac0ac943017702ca0934831adffa93cd3e0a21d253f607a0c4ddc570b679828e
aec76eb0955ce9e04fd69abde27788d5d0f30017bf85b97e2569d5144947ac8b
afb1ef623fb7cc98d5848f53cb0affeb7822e26c8ff4fe979d1f2491bfffdcc3
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2f6b3681ac26770b3cf8bcca27905ed8bdc69ff64cfe130a4aa220a7e6ed783
b77fafbb627d102dfda350d222d0bc953a77ca67c2f468ae55feb3fffa95785d
bd6845710f8b65925fdb00a1e448f0f7f8ac194cffd391946eb4ee561787eac4
c1d0040c0948759305880d5fcc3990d4ea25e38bb131679b2927034beea27188
c5cd3ae960d492688c750ca358bc69b3872e599f7ad8f505258a2f5ec4f6ae82
c7615d473078bcc779a9829ef9439094a50683e13bb242affa91852adcb528d3
c77cc65ae84b8566912d38b5669fdfe431d40a9894a7171131fb65c80e72cbe8
d09a4f2a61f63ab0012dceac0ae76a0718363bbd1439eaea4dd37d13f1df02ce
d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d
db3d351ec3db69ac6c039d94ee05a2fecb641468759f2a6e45e00b2c1bcd8f9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f181238f262b5cc5c4b78eb41510fb8102feac7dbcb6513b109ebe5d594c901d
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
feae5d62e73c1d89cb7506a4c2c47066e2e564b1c3927a06ec7e5a7c3b0d8fa9

hinetfeedsecurenetworkreportcentres.tk Open in urlscan Pro 195.20.44.71 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

37 %HTTPS

45 %IPv6

9 Domains

13 Subdomains

12 IPs

3 Countries

794 kBTransfer

1473 kBSize

6 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

hinetfeedsecurenetworkreportcentres.tk Open in urlscan Pro
195.20.44.71 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

37 %
HTTPS

45 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

794 kB
Transfer

1473 kB
Size

6
Cookies

49 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!