r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2176
Expires: Mon, 29 Aug 2022 02:16:04 GMT
Date: Mon, 29 Aug 2022 01:39:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 01:25:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IdrVcZu7Qu2TrmxRPel3OxgeftPMMFxV25ZQEAfcpDBf2C9cwx4A5g==
Age: 880
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LxpK1GSBx6H0jLDSwx_0186MRDi646bB8hI4OBUAOHOSp6g9S55twQ==
age: 11030
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 01:39:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 29 Aug 2022 01:17:12 GMT
Expires: Mon, 29 Aug 2022 01:45:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: s9vU6J4r6-GKUyeZAEIQGVccIWcs_FJ2XqVT-5p6rtrUGaEMp4f5uQ==
Age: 1356
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 396ffb5d17a8a353f8f748959fcf7966
8301f51528695b9c8a48de0e6e889b603f34308c
a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6042
Cache-Control: max-age=115656
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:48 GMT
Etag: "630b2212-1d7"
Expires: Tue, 30 Aug 2022 09:47:24 GMT
Last-Modified: Sun, 28 Aug 2022 08:06:42 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.painmed.com.hk/
165.84.188.236301 Moved Permanently 0 B IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 29 Aug 2022 01:39:48 GMT
Server: Apache
X-Powered-By: PHP/7.4.25
X-Redirect-By: Polylang
Set-Cookie: pll_language=zh; expires=Tue, 29-Aug-2023 01:39:49 GMT; Max-Age=31536000; path=/; SameSite=Lax
Location: http://painmed.com.hk/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WytJBOtCiYfw9oa5tMgCgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ISdWzAvhSwRzMgk973LECwFVUJM=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Mon, 29 Aug 2022 03:14:03 GMT
Date: Mon, 29 Aug 2022 01:39:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Mon, 29 Aug 2022 03:14:03 GMT
Date: Mon, 29 Aug 2022 01:39:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Mon, 29 Aug 2022 03:14:03 GMT
Date: Mon, 29 Aug 2022 01:39:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa42515d-ae2f-4b75-af96-c1bb33aa8aec.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa42515d-ae2f-4b75-af96-c1bb33aa8aec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da546949c178c4a789cfc4f59483a8cc
da842918bc49300b1ea2f5c11b072180a7afbf0a
008e42b6a798c28eeb6bf1d8502d15c6bae59961de138c087edd3ef05e758df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa42515d-ae2f-4b75-af96-c1bb33aa8aec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11110
x-amzn-requestid: e662a2e9-4893-4086-98c3-96d56f3f38f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXP_Hg2oAMFYIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630938cc-2424cde53819156a15f18810;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:19:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xtpGF5NQRB3AIzR-lZl4t7LAmx_ALfXHQgrKCKdCMOrcfsubZ21bzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 03:45:51 GMT
age: 78839
etag: "da842918bc49300b1ea2f5c11b072180a7afbf0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e0dc790ca607928d609e38f37c012d0
9d37dd425e3319fbb4248718f58371b43d513ce7
7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:16 GMT
age: 14674
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76021ba70733e8d4647f29e4c990180c
66558c36958c9162188e7aeef27c38e0c4b37cdd
c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmPdUNF6ZKhuq14rDdxLIjrde0pZyE5QH4vMwPSnCxtZDYp2cZKxPg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:37:45 GMT
age: 14525
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F019a3a4e-a5ad-42c9-9676-e06c201f0304.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F019a3a4e-a5ad-42c9-9676-e06c201f0304.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfbd0626ecb5adb59b2811a904e21554
cd601502840615ed0e7e23f8f95b5b2853d92494
0fec9f313dcac3ac74714bd4601bf6c72f4a3d9804b8b35a4c9dab0847234aa1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F019a3a4e-a5ad-42c9-9676-e06c201f0304.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4764
x-amzn-requestid: ab79456a-df36-48fa-b902-343976389a22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xg8YcGIwIAMFlEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309da9c-3850813f0a75f52c5337b6db;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 08:49:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BJJYpOQzr3izdbdBzAAgUWJaskTKh8vyLKQdRSXQLfJbdIhTkkyQew==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:36:15 GMT
age: 51531
etag: "cd601502840615ed0e7e23f8f95b5b2853d92494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 182339e49eb50a6d89fed9b4ac4bc39f
0909d2250d8efc3093f15401713da4c74ba6707b
bc6fac01cec90f56f665671e2abab894752b9d8f1b1d5551e4d83cc53f0d4251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7384
x-amzn-requestid: 8c864d07-cb4e-44db-85f0-ebea10e67aaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XV7EPG0mIAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305721a-32398abd1da8b41f48b4755c;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 00:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xerdghgmDaScECzA415SNpFYkoDKhddx_5mP2dszmZlmRxjtyJ8_og==
via: 1.1 759bceededb9469e75c24a46c03d64bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:27 GMT
age: 14123
etag: "0909d2250d8efc3093f15401713da4c74ba6707b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d1f9745ba671f8688c7d96a041cd2b
ab86ca73ca4064306448863d32a1428a63df41a0
d931268e003d82739af5c9ab9e91b11a892672c8ae82cbbb2f4b92a94cc2bddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10433
x-amzn-requestid: 30849103-3a8a-4b58-9d12-2e7d76054d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJ7wFd0IAMF2PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307237e-3d931fee17b392cc6785e73d;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:23:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q4P8POo_KPs63hk4C80HwrpQLivotqjMbD2QTlcAVYmCxs1UgE0KiQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:19 GMT
age: 13831
etag: "ab86ca73ca4064306448863d32a1428a63df41a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A500%2C400%7CCabin%3A700%2C400%2C600%2C500%2C400italic&ver=1643099255
142.250.74.10200 OK 834 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A500%2C400%7CCabin%3A700%2C400%2C600%2C500%2C400italic&ver=1643099255
IP 142.250.74.10:0
Hash 8366cd0ff82b0aa71427b40f821fc1bb
eb11c67fc05c714e1c51498f6e36d48fa8f0079d
4ffa47d15ec3130bc5dbbed9a91ae107573a59958f7743b72e2f470cdda0c935
GET /css?family=Roboto%3A500%2C400%7CCabin%3A700%2C400%2C600%2C500%2C400italic&ver=1643099255 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 29 Aug 2022 01:39:52 GMT
Date: Mon, 29 Aug 2022 01:39:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
painmed.com.hk/
165.84.188.236200 OK 80 kB IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 5c4f20a4ecc6fa1c852cd0c337fc2910
09fbd03dcb06bf4d8f0eecdff6dd62e6cb656a94
4914f0e11546cb369e0e411fa771bf844312ebbd1431f6b0597abd2b312be1eb
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:51 GMT
Server: Apache
X-Powered-By: PHP/7.4.25
Link: <http://painmed.com.hk/wp-json/>; rel="https://api.w.org/", <http://painmed.com.hk/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <http://painmed.com.hk/>; rel=shortlink
Set-Cookie: pll_language=zh; expires=Tue, 29-Aug-2023 01:39:52 GMT; Max-Age=31536000; path=/; SameSite=Lax
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
painmed.com.hk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.5.2
165.84.188.236200 OK 5.3 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.5.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (5305), with no line terminators
Hash ee78f26525b08d4e372b92a1a3ed1d26
b4dbb4706c8a479b3891cbeddf19e162e36bd61a
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.5.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:52 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "14b9-5d9e2f565ae05"
Accept-Ranges: bytes
Content-Length: 5305
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.1.2
165.84.188.236200 OK 18 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:52 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "4591-5d9e2f560b0a7"
Accept-Ranges: bytes
Content-Length: 17809
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/salient-social/css/style.css?ver=1.1
165.84.188.236200 OK 19 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/salient-social/css/style.css?ver=1.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash 442a842669aa090b8121a766fd9d9806
4e71d1aab7421e5b93e4d33aa7c9258e83f8cfd7
3cb89230f6f93e48595a2876e5678e4c5d6d2a50c96f7ac8500c52bb9eadccaa
GET /wp-content/plugins/salient-social/css/style.css?ver=1.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:52 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "4b17-5d6bba0a4abc8"
Accept-Ranges: bytes
Content-Length: 19223
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
165.84.188.236200 OK 19 kB URL HTTP/1.1 painmed.com.hk/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:52 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 20:23:44 GMT
ETag: "48b9-5dfc7bbb5bc15"
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/wpp-faster-payment-systemfps-hong-kong/public/css/wc-fps-public.css?ver=1.0.4
165.84.188.236200 OK 482 B URL HTTP/1.1 painmed.com.hk/wp-content/plugins/wpp-faster-payment-systemfps-hong-kong/public/css/wc-fps-public.css?ver=1.0.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (482), with no line terminators
Hash bbdb9ebc4415ca9647a8a974fb9eb6a5
cf1342d4c108a9155d904ed924782a232c6913f2
e7a38826b62118593bae327cbffa01d841a3e84dee44b791585b9a0e24d4e9ee
GET /wp-content/plugins/wpp-faster-payment-systemfps-hong-kong/public/css/wc-fps-public.css?ver=1.0.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "1e2-5d6bba0ca3d24"
Accept-Ranges: bytes
Content-Length: 482
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
165.84.188.236200 OK 89 kB URL HTTP/1.1 painmed.com.hk/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:52 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 20:10:55 GMT
ETag: "15b64-5e3a14421ce4b"
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.1.2
165.84.188.236200 OK 63 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "f523-5d9e2f560b0a7"
Accept-Ranges: bytes
Content-Length: 62755
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/off-canvas/simple-dropdown.css?ver=12.1.4
165.84.188.236200 OK 6.6 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/off-canvas/simple-dropdown.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash e8be7415efe0b43ae050e48a61aa48c3
8e006891954e10bacf1b53b2871fa7d2fa765e58
16269aa9d7d3e729a4247c073f2a0cc19f00c747006933746fc93cb34674d592
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/off-canvas/simple-dropdown.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "19db-5d6bba0ed654d"
Accept-Ranges: bytes
Content-Length: 6619
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
165.84.188.236200 OK 52 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (30343)
Hash 9ce5231f18dc51c089809cb00ca36b15
1563e5058ab38463909592b97193a0605573d427
f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674
GET /wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "ccc9-5d6bba0eee037"
Accept-Ranges: bytes
Content-Length: 52425
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/grid-system.css?ver=12.1.4
165.84.188.236200 OK 71 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/grid-system.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash d82e195322833489ecc723bb7b96cf52
387c1d2f58bf5c11ebafda734cb3627e7743715b
2c1957013a03513b971a71270fc8ed505ee37fdcd49bbc599ca23e107f18982d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/grid-system.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "1146b-5d6bba0ed7105"
Accept-Ranges: bytes
Content-Length: 70763
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.5.2
165.84.188.236200 OK 198 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.5.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 198 kB (197726 bytes)
Hash 8d1c626db828d6d0cf8fbda06adadb4d
cfec999e1af51450d2a15874e2743a0ee850ce3f
41ac98831a8184099454864cc91dd7ec13a196dc0134aa631b4fdc58307c7fb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.5.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:52 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "3045e-5d9e2f565aa1d"
Accept-Ranges: bytes
Content-Length: 197726
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/elements/element-fancy-box.css?ver=12.1.4
165.84.188.236200 OK 33 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/elements/element-fancy-box.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash fb65893a614e4414e905387fee783a9b
cd9a6d3052c363859df804644469d3913284e250
b02b640320f2e5102ab4938fdc8f91d7016ec472a1c9d542143573e8b33b56ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/elements/element-fancy-box.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "7f8d-5d6bba0eee807"
Accept-Ranges: bytes
Content-Length: 32653
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
165.84.188.236200 OK 20 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash d74dfb688a419ba1e9fa62cca0e5a634
70e3e2822fa43e535caec888483b12250b742a27
5f9766fc55c1c57017d31b223d96ab3ce4d35d3cefd0f5e8066f957772bcdb11
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "4c04-5d6bba0ed6165"
Accept-Ranges: bytes
Content-Length: 19460
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient-child/style.css?ver=12.1.4
165.84.188.236200 OK 304 B URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient-child/style.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash 740b238eb30b761d0d3b8541932862ca
6ebb71d4875d2f8b42bb011c26e2d0325ce328dd
dc71f382e4e485c110a5bdc7763a35849ba5ecfd597a003e8e6d99e587fdb880
GET /wp-content/themes/salient-child/style.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "130-5d6bba0eeefd7"
Accept-Ranges: bytes
Content-Length: 304
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/responsive.css?ver=12.1.4
165.84.188.236200 OK 117 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/responsive.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Size 117 kB (117079 bytes)
Hash 747412a9205605b000c8737faf58aa5f
50822a6a68c15ee6ec5eebfd4b4facbca6b311d7
360b4245140d84ea715eae349aba2fe71cf340b1bda9a07cced6e34a297b3892
GET /wp-content/themes/salient/css/responsive.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "1c957-5d6bba0ed6165"
Accept-Ranges: bytes
Content-Length: 117079
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/skin-original.css?ver=12.1.4
165.84.188.236200 OK 18 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/skin-original.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash ba608b38bb235bbf7921b62bd5f9dc5d
fb2fa43aa776a20d6b903b525f0e3dafa70cf230
04401212b96e933ff172d4e469d6c37cb2e0198363b13407ec4205fdc8085342
GET /wp-content/themes/salient/css/skin-original.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "4458-5d6bba0ed5995"
Accept-Ranges: bytes
Content-Length: 17496
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.4.2
165.84.188.236200 OK 80 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.4.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (353)
Hash e1108af4df1caa46f24638d615403921
27483701a999a5f615d33930a74d6533bb4432cb
716135d188ebf6a554b871228ee2f2ef4f6efed7543b29e81ecf8fb339b8fc32
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.4.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "138a1-5d6bba09b4965"
Accept-Ranges: bytes
Content-Length: 80033
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/style.css?ver=12.1.4
165.84.188.236200 OK 612 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/style.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF, CR line terminators
Size 612 kB (611683 bytes)
Hash ab2731ddf8f7f5d1b141a683e0171f89
db9c5fb6b0a0c5c550552e27de37800aa2e0c58a
e6f5068926fd02b73aa45d02d3d6799b2a9639d50be4c46e92b0052e4a8cadc6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/style.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "95563-5d6bba0ed5995"
Accept-Ranges: bytes
Content-Length: 611683
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=57276
165.84.188.236200 OK 156 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=57276
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type assembler source, ASCII text, with very long lines (2385), with CRLF line terminators
Size 156 kB (155586 bytes)
Hash 41186ecc234150a55fa2f698ed011475
5e4654bd77bdbcfee5455f7100267c8ae6234dfa
144376c328268a7ffdf66f041e1165b0b2b88a3e7207ca855875570960e59058
GET /wp-content/themes/salient/css/salient-dynamic-styles.css?ver=57276 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "25fc2-5d6bba0ed49f5"
Accept-Ranges: bytes
Content-Length: 155586
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/themes/salient/css/woocommerce.css?ver=12.1.4
165.84.188.236200 OK 209 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/woocommerce.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Size 209 kB (209164 bytes)
Hash 962ed2d783f36ea56f03b6908f09ec24
8438784beed9e64d0ce52efcef8585927cb0bfee
d15a1c4803627b07c0431fc3fb803174481681a700461f2399e393c741e939d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/woocommerce.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:53 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "3310c-5d6bba0ed4ddd"
Accept-Ranges: bytes
Content-Length: 209164
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
165.84.188.236200 OK 90 kB URL HTTP/1.1 painmed.com.hk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 17:52:38 GMT
ETag: "15db1-5d6072afea580"
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.1.2
165.84.188.236200 OK 9.5 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "253d-5d9e2f560e757"
Accept-Ranges: bytes
Content-Length: 9533
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
165.84.188.236200 OK 11 kB URL HTTP/1.1 painmed.com.hk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 17:52:38 GMT
ETag: "2bd8-5d6072afea580"
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.1.2
165.84.188.236200 OK 3.0 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "bdd-5d9e2f560db9f"
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/wpp-faster-payment-systemfps-hong-kong/public/js/wc-fps-public.js?ver=1.0.4
165.84.188.236200 OK 0 B URL HTTP/1.1 painmed.com.hk/wp-content/plugins/wpp-faster-payment-systemfps-hong-kong/public/js/wc-fps-public.js?ver=1.0.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpp-faster-payment-systemfps-hong-kong/public/js/wc-fps-public.js?ver=1.0.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "0-5d6bba0ca393c"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.2
165.84.188.236200 OK 992 B URL HTTP/1.1 painmed.com.hk/wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
GET /wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "3e0-5d6bba09af75d"
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/css/plugins/flickity.css?ver=12.1.4
165.84.188.236200 OK 63 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/plugins/flickity.css?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash b0c10e0f45d56fab5f433885e5a24220
aee0a977c2cf7af84be248f3d91fb42ee7b1f1f6
0da778e76afc476e7498a31211f401036c92f61a3867c84e5e802dfcab789eee
GET /wp-content/themes/salient/css/plugins/flickity.css?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "f6bc-5d6bba0ed654d"
Accept-Ranges: bytes
Content-Length: 63164
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/pdf-embedder/assets/css/pdfemb-embed-pdf.css?ver=4.6.4
165.84.188.236200 OK 7.7 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/pdf-embedder/assets/css/pdfemb-embed-pdf.css?ver=4.6.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (7672), with no line terminators
Hash 97f0e420a513ba439d52774f19ec8d2f
b9d856c6c498a04c2ad1f8de12ae14271c765f10
cd988a80e8a5be80e89c7ff65a88ceda98763ec0f45313e576cd355e14d49ecb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pdf-embedder/assets/css/pdfemb-embed-pdf.css?ver=4.6.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "1df8-5d6bba0cbf68e"
Accept-Ranges: bytes
Content-Length: 7672
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
165.84.188.236200 OK 11 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Hash a14f1236d4339044f11af18ed4058230
083b3705f6f038736874bccf72d9e909b8d96495
42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-social/js/salient-social.js?ver=1.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "2a2c-5d6bba0a4abc8"
Accept-Ranges: bytes
Content-Length: 10796
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2
142.250.74.163200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15168, version 1.0\012- data
Hash 1598ebfa232c5514a99a8af0405cc9a6
d81db409924496627326925cffa27d465c24de3d
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://painmed.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15168
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 14:21:47 GMT
Expires: Sat, 26 Aug 2023 14:21:47 GMT
Cache-Control: public, max-age=31536000
Age: 213487
Last-Modified: Fri, 24 Jun 2022 18:41:36 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://painmed.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 20:14:32 GMT
Expires: Thu, 24 Aug 2023 20:14:32 GMT
Cache-Control: public, max-age=31536000
Age: 365122
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 157ed86038f439599299c07120bf4f55
3267ca597172124084fa984c3f79ab8679d26abc
0c6fd6918aecb605125b104bf294db84db1ca3476caebd794a14625e2b6c8771
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
painmed.com.hk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.1.2
165.84.188.236200 OK 1.8 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "72a-5d9e2f56102af"
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.1.2
165.84.188.236200 OK 2.1 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "85b-5d9e2f560e36f"
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.1.2
165.84.188.236200 OK 2.9 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "b7a-5d9e2f560db9f"
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button//assets/js/button.js?ver=1.3.2
165.84.188.236200 OK 168 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button//assets/js/button.js?ver=1.3.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 168 kB (168504 bytes)
Hash 49558bdb0d114bd91ff4e19110b89c28
e8bd84f02416adb82de115d1aa2a92d10f70c335
7e7ffdd8bf7c6dc75549312e8d47ea6da417ac94dba5df3ac7381e039228887b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button//assets/js/button.js?ver=1.3.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "29238-5d6bba0cc6fa7"
Accept-Ranges: bytes
Content-Length: 168504
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
165.84.188.236200 OK 6.6 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3577c3b2dd2be55a24ba0de6f3ca424c
8cc7b0c459e0a4401e7c49f905d1528333d6c1b6
87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "19c9-5d6bba0ed03a5"
Accept-Ranges: bytes
Content-Length: 6601
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
165.84.188.236200 OK 2.8 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (2609), with CRLF line terminators
Hash 7677af59404e07c03b328a37ffef8c7c
82f235041a00068d3c515bcdd306187080b7d3e4
956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "ad9-5d6bba0f0d821"
Accept-Ranges: bytes
Content-Length: 2777
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d118093.98769723816!2d114.14209846821167!3d22.337118115562966!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3404006357240001%3A0x495e2afb394a9daa!2sLee%20Kum%20Kee%20Central!5e0!3m2!1sen!2shk!4v1631638598642!5m2!1sen!2shk
142.250.74.164200 OK 1.2 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d118093.98769723816!2d114.14209846821167!3d22.337118115562966!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3404006357240001%3A0x495e2afb394a9daa!2sLee%20Kum%20Kee%20Central!5e0!3m2!1sen!2shk!4v1631638598642!5m2!1sen!2shk
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2127)
Hash 583fa16c3cbbb3e75fc475ca5a9f296a
404620d8f57f1a8451c69e30217cfbdb3c13858e
9be03a43a98a3c106b06c9d6d8b15259b885d285c769d9dde6bb484522bf6a01
GET /maps/embed?pb=!1m18!1m12!1m3!1d118093.98769723816!2d114.14209846821167!3d22.337118115562966!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3404006357240001%3A0x495e2afb394a9daa!2sLee%20Kum%20Kee%20Central!5e0!3m2!1sen!2shk!4v1631638598642!5m2!1sen!2shk HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://painmed.com.hk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 01:39:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ZtMjt9x-ofQJxr9J4965Uw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1153
x-xss-protection: 0
server-timing: gfet4t7; dur=129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 82f7f6347e76f114bef1f5a1c73c8681
82223dbfeb95d5096b4b56980f478f258ec9995b
966912cb9f658c1fbd29f1b117ae62b4a17b673b3cc1378a31d17b9fa8d50500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
painmed.com.hk/wp-content/themes/salient/js/priority.js?ver=12.1.4
165.84.188.236200 OK 7.6 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/priority.js?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (611), with CRLF line terminators
Hash 0d6f287d7bbfb0e7c5a4d697161e04d2
63f0a8cd4878c33a5fcc6a84b46c974fa104b5c4
59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/priority.js?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "1dad-5d6bba0ed1345"
Accept-Ranges: bytes
Content-Length: 7597
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=hk&callback=onApiLoad
142.250.74.74200 OK 58 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=hk&callback=onApiLoad
IP 142.250.74.74:0
File type ASCII text, with very long lines (2468)
Hash d54c892cb512e14aedd5d0f213ee49ad
1bf53b13116cb1cda14cb7e7e4e9cf46670a6344
2267ac2fc96ce8c1b9b5775acaecdb7193938957f70f7c294514264f86b1c0d7
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=hk&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 29 Aug 2022 01:39:54 GMT
expires: Mon, 29 Aug 2022 02:09:54 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 57554
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
painmed.com.hk/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
165.84.188.236200 OK 7.4 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (7281), with CRLF line terminators
Hash 4132db20b2e447b57c867b4e93f7d33c
4f39daf627a016dfe264715f31cee15175e3973f
aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "1cff-5d6bba0f0c499"
Accept-Ranges: bytes
Content-Length: 7423
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
165.84.188.236200 OK 19 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 02245e348486f25662a286dde83a5d60
9601804081cdfde349b4f9c36e3a402cfa4310de
04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6
GET /wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "4888-5d6bba0f0c499"
Accept-Ranges: bytes
Content-Length: 18568
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
165.84.188.236200 OK 68 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type HTML document, ASCII text, with very long lines (31972)
Hash 49a6b4d019a934bcf83f0c397eba82d8
6181412e73966696d08e1e5b1243a572d0f22ba6
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "10a9d-5d6bba0ed03a5"
Accept-Ranges: bytes
Content-Length: 68253
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
165.84.188.236200 OK 2.3 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (1933), with CRLF line terminators
Hash b6b698965761c40bfe6ca57737346b05
49f5007a1877397382511076f93f1e96b614f4d2
2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "8ce-5d6bba0ed0b75"
Accept-Ranges: bytes
Content-Length: 2254
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
165.84.188.236200 OK 5.6 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (5477), with CRLF line terminators
Hash 81545aed80e2c8b710b729bea178621b
049173b82e68c40492961bb95ddacefb44eab680
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
GET /wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "15e0-5d6bba0a4fdd0"
Accept-Ranges: bytes
Content-Length: 5600
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1bb8df25d5aa0c6ff660f97b81e64458
be7596032c78bc836b7e780a3b20e5d5518f89f3
80892cb99d64aa076366b4b9fb5f303271d0e97fd9d7734402f571027fb490e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
painmed.com.hk/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
165.84.188.236200 OK 9.5 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash ef14df12b384e9f455a33aa0315b3030
de5dd4dbf6a46f5dac48d526048f12868403987b
66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42
GET /wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "24fe-5d6bba0f0c499"
Accept-Ranges: bytes
Content-Length: 9470
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
maps.gstatic.com/maps-api-v3/embed/js/50/2/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/2/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2713)
Hash ab22f2d8f9985f1e802c7b6fdcd88d77
76b1e2140a0c470aed7abc6708e3eda9588f1cce
d9506e5c09682d363d07746d331f92ab28d9a1954772f3cb329bfa62826537fa
GET /maps-api-v3/embed/js/50/2/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 18:12:44 GMT
expires: Thu, 24 Aug 2023 18:12:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Aug 2022 19:02:02 GMT
content-type: text/javascript
age: 372430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1bb8df25d5aa0c6ff660f97b81e64458
be7596032c78bc836b7e780a3b20e5d5518f89f3
80892cb99d64aa076366b4b9fb5f303271d0e97fd9d7734402f571027fb490e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
painmed.com.hk/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
165.84.188.236200 OK 9.4 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (9357), with CRLF line terminators
Hash 4364bc151bcbe15375b5b80eb21d3cb1
8a30a9470320ae080b489013fc6256461f05819f
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "24a0-5d6bba09baef5"
Accept-Ranges: bytes
Content-Length: 9376
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/third-party/flickity.min.js?ver=2.2
165.84.188.236200 OK 127 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/third-party/flickity.min.js?ver=2.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with CRLF line terminators
Size 127 kB (126669 bytes)
Hash 6d0f024c8009f69b3cd6514ec7b52d79
1cc25bf144b6564db9f1a0d0536276e1229fde72
d95eb5f523b0590b80ff8ee068608b8a4480a498e6d31c5061c3d15d5e4e72aa
GET /wp-content/themes/salient/js/third-party/flickity.min.js?ver=2.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "1eecd-5d6bba0ed0f5d"
Accept-Ranges: bytes
Content-Length: 126669
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.4.2
165.84.188.236200 OK 28 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.4.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (749)
Hash b7a545f17eb4f7d56aa0936b3e2ca70d
b2de8646b5da7a37c7b7fb371f383d5858a76b1b
59f8c05c37f5d2cf58e2c3284f9ee77d896e59f6d102fef8f74c03a4944b1c60
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.4.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:25 GMT
ETag: "6f02-5d6bba09b06fd"
Accept-Ranges: bytes
Content-Length: 28418
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/pdf-embedder/assets/js/min/all-pdfemb-min.js?ver=6.0.1
165.84.188.236200 OK 20 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/pdf-embedder/assets/js/min/all-pdfemb-min.js?ver=6.0.1
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (20105), with no line terminators
Hash 7dbb16d9ee2d6fb0ccef820617792f7c
ea98892810b508bebea241dc923e0263fe3f2a77
86a2673e6de2a15a4c259ceb5d99eff879d8634d4e632b5fff039c9ea2d48741
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pdf-embedder/assets/js/min/all-pdfemb-min.js?ver=6.0.1 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "4e89-5d6bba0cbf2a6"
Accept-Ranges: bytes
Content-Length: 20105
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/plugins/pdf-embedder/assets/js/pdfjs/pdf.min.js?ver=4.6.4
165.84.188.236200 OK 335 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/pdf-embedder/assets/js/pdfjs/pdf.min.js?ver=4.6.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 335 kB (334601 bytes)
Hash 2565c8ac6826d9e200e6d4c2944b8154
b65bb196e27a29f162d8476e8b36f83bcb3e9689
a9b7cd90e1981d947af48dd7d93e6a285d2908a837265f47d9f78aea9ada76ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pdf-embedder/assets/js/pdfjs/pdf.min.js?ver=4.6.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "51b09-5d6bba0cb798e"
Accept-Ranges: bytes
Content-Length: 334601
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/js/init.js?ver=12.1.4
165.84.188.236200 OK 561 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/js/init.js?ver=12.1.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with very long lines (348), with CRLF line terminators
Size 561 kB (561151 bytes)
Hash 7d1985a9e09890953f2b9d2b4c717706
1bd3b52f84cd730a0ba57b1d89f4c78eacb72de5
3b4681361e4436aa42f731ae0bef4259db832e73f7d9eb5785be22c0bacd3d63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/init.js?ver=12.1.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:54 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "88fff-5d6bba0ed22e5"
Accept-Ranges: bytes
Content-Length: 561151
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/themes/salient/css/fonts/icomoon.woff
165.84.188.236200 OK 21 kB URL HTTP/1.1 painmed.com.hk/wp-content/themes/salient/css/fonts/icomoon.woff
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Web Open Font Format, TrueType, length 21272, version 0.0\012- data
Hash 05c0d52abd6ff5f0d0066edd64d53e08
63979dfcd1422311f4ac2f2434b0140e514236bb
16f94be53f5a0f1b422b9fb0f88ecc3b0947c24c8b77ee6b6f62675c82499cc7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/fonts/icomoon.woff HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://painmed.com.hk/wp-content/themes/salient/css/style.css?ver=12.1.4
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:30 GMT
ETag: "5318-5d6bba0eebd0f"
Accept-Ranges: bytes
Content-Length: 21272
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
painmed.com.hk/wp-content/uploads/2022/01/bowen-therapy-Mary-Chu-1024x683-1.jpg
165.84.188.236200 OK 85 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/bowen-therapy-Mary-Chu-1024x683-1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Hash 3719b7fb862148437d2317c81b31980e
215141b622aa1a58c16904fea1dd5a32654ad8e5
d19ad240195686952617e2b47840926ba73614e57a3979160ba49267a6c3eceb
GET /wp-content/uploads/2022/01/bowen-therapy-Mary-Chu-1024x683-1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "14bfc-5d6bba0f4105d"
Accept-Ranges: bytes
Content-Length: 84988
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/kin04s.jpg
165.84.188.236200 OK 64 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/kin04s.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=641, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=437], progressive, precision 8, 240x352, components 3\012- data
Hash d611036b7c0a815658a56448fd7ff6e4
f860d0ef867132c4dba03b55e886026323888c42
7818908a97085ff01b7143dced7915043b7fd1f4873b7019f35b58297691b66c
GET /wp-content/uploads/2022/01/kin04s.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "fb9d-5d6bba0f4105d"
Accept-Ranges: bytes
Content-Length: 64413
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/lee1-1024x768-1.jpg
165.84.188.236200 OK 121 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/lee1-1024x768-1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x768, components 3\012- data
Size 121 kB (120606 bytes)
Hash e8e9928cbaa78cd68af83f3c2a1f9ff9
8aa58ed59ffdda0943b1201f6ca4c885d0068051
1dca8f8e59635f6339a146d8e410372065ede81f4b40e66c6e2c08f38cb4bd17
GET /wp-content/uploads/2022/01/lee1-1024x768-1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "1d71e-5d6bba0f4105d"
Accept-Ranges: bytes
Content-Length: 120606
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/DSC01255.-nurse-exam-1024x683-1.jpg
165.84.188.236200 OK 93 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/DSC01255.-nurse-exam-1024x683-1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Hash 14ea196e0b68dcbfc559fd6ba38974ce
ccae5480aa114ddf253138f9ff014df1ea5f2e0f
20d405752ef50855f21efd2b9efc4c2a18117a38ed28f21f7718f0f617dfcff5
GET /wp-content/uploads/2022/01/DSC01255.-nurse-exam-1024x683-1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "16bec-5d6bba0f40c75"
Accept-Ranges: bytes
Content-Length: 93164
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.1.2
165.84.188.236200 OK 7.0 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.1.2
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.1.2 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:21:26 GMT
ETag: "1b83-5d9e2f560b0a7"
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css
painmed.com.hk/wp-content/uploads/2022/01/logo.jpg
165.84.188.236200 OK 46 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/logo.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 578x520, components 3\012- data
Hash 790eafac7c567a00c00ed2e643edb441
8d46dfb1e9dd4e9c892e64036e563243bf6d4c2a
4ab873c928b2d1a5c3d2701d5a730e0b5b9c9c8cb4de111510d1381396835fcd
GET /wp-content/uploads/2022/01/logo.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "b26d-5d6bba0f41445"
Accept-Ranges: bytes
Content-Length: 45677
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97e18f422f465b4361fb75117c22319c
8014eb1f40ee33d96a1c086d108f693c9344cb73
1e8b60185184b5bf31ac8f0cc48bf149c194669e3b0ec5ad4b9778374130092a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3450
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 01:39:55 GMT
Etag: "630ab47d-1d7"
Last-Modified: Mon, 29 Aug 2022 00:42:25 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 471
painmed.com.hk/wp-content/uploads/2022/01/DSC01137-%E8%9D%BA%E5%88%BB%E6%91%A9-1024x683-1.jpg
165.84.188.236200 OK 47 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/DSC01137-%E8%9D%BA%E5%88%BB%E6%91%A9-1024x683-1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=17, height=1300, bps=218, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D4, orientation=upper-left, width=975], baseline, precision 8, 200x267, components 3\012- data
Hash 6ce60a10fab4b96ff79b9d2927b79886
63ec7221963cf1e609fc678fa8461e692493ec54
5021050433b02e52c95f445531aa88fb40b4fb6b621488fe28113a033ab16b35
GET /wp-content/uploads/2022/01/DSC01137-%E8%9D%BA%E5%88%BB%E6%91%A9-1024x683-1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "16259-5d6bba0f4182d"
Accept-Ranges: bytes
Content-Length: 90713
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/d_1.jpg
165.84.188.236200 OK 91 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/d_1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=3744, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, width=5616], baseline, precision 8, 300x200, components 3\012- data
Hash f29f9ce67cf358d83efbd2957fb137d9
7b8b6a2fdb58c737a0a306b997ecba60ac9bacc4
e2dd29161a1ecb10955856382c0e1f86d4269a9fa5528e3a87c7a3a57a51f0a7
GET /wp-content/uploads/2022/01/d_1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "163b1-5d6bba0f40c75"
Accept-Ranges: bytes
Content-Length: 91057
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/sally.jpg
165.84.188.236200 OK 105 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/sally.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=4256, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2832], baseline, precision 8, 300x451, components 3\012- data
Size 105 kB (104832 bytes)
Hash a5793969da0dc30c769da61447d09c71
a9bbe7a6732332ce322f33c7bf23d3e8995ad427
32603f9ef28b3b4735f0625f395a1b47662786d5fdc33fe8e95db8d1d13515f0
GET /wp-content/uploads/2022/01/sally.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "19980-5d6bba0f40c75"
Accept-Ranges: bytes
Content-Length: 104832
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/d_2.jpg
165.84.188.236200 OK 64 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/d_2.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=3744, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, width=5616], baseline, precision 8, 300x200, components 3\012- data
Hash 4290b2f7db4a7f67fb855224c4820538
3249fcf8a863f37f456ac3a33301a6007f6f9079
bb7b6fca8658eb7df6020390c3b8929faf6001d6255c9a1642a914bb3967e9fe
GET /wp-content/uploads/2022/01/d_2.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "f9a9-5d6bba0f40c75"
Accept-Ranges: bytes
Content-Length: 63913
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
khms0.googleapis.com/kh?v=930&hl=en&x=104&y=55&z=7
142.250.74.42200 OK 14 kB URL HTTP/2 khms0.googleapis.com/kh?v=930&hl=en&x=104&y=55&z=7
IP 142.250.74.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 7028dabe5b6f33be3d8da728c9071c48
b932b52d65688d804458350b458596df94673ba6
56fe69a6ca1db927bb849398e81b1da97ed5d9719d8be04619124fbe44e19218
GET /kh?v=930&hl=en&x=104&y=55&z=7 HTTP/1.1
Host: khms0.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Tue, 29 Aug 2023 01:39:55 GMT
date: Mon, 29 Aug 2022 01:39:55 GMT
access-control-allow-credentials: true
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 13701
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
painmed.com.hk/wp-content/plugins/pdf-embedder/assets/js/pdfjs/pdf.worker.min.js?ver=4.6.4
165.84.188.236200 OK 772 kB URL HTTP/1.1 painmed.com.hk/wp-content/plugins/pdf-embedder/assets/js/pdfjs/pdf.worker.min.js?ver=4.6.4
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 772 kB (771590 bytes)
Hash b1d6ff2a0226ed02e6f3ebff8635f913
a7def51bf15a44269277daef79984a4a7fc82af0
205187854f041ee1447896c8b120aed28ba61fcd43cb9f58a39b889790225b6b
GET /wp-content/plugins/pdf-embedder/assets/js/pdfjs/pdf.worker.min.js?ver=4.6.4 HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:28 GMT
ETag: "bc606-5d6bba0cb13fd"
Accept-Ranges: bytes
Content-Length: 771590
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
painmed.com.hk/wp-content/uploads/2022/01/kkliu.jpg
165.84.188.236200 OK 74 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/kkliu.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2660, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2660], baseline, precision 8, 300x300, components 3\012- data
Hash 043e2b01587191c8c3b2edb46123a480
b5ffb04916ebceff438baae5a4378c899104fa3a
36b64ed9e7d19257c9b67a4b53fb356478edd0cc493aa2f077c91624a2bb080b
GET /wp-content/uploads/2022/01/kkliu.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "11eff-5d6bba0f40c75"
Accept-Ranges: bytes
Content-Length: 73471
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/d6_1.jpg
165.84.188.236200 OK 53 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/d6_1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=919, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1353], baseline, precision 8, 225x153, components 3\012- data
Hash bdd3e00161563af949aee1209890917a
937757e9a2849e20a1d199ba38ce47fc3c7621b3
d115be000f79f3acd0f8913cdf384c24cd1cf8f8916cef52463f78f4cc5bbf94
GET /wp-content/uploads/2022/01/d6_1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "cf21-5d6bba0f4088d"
Accept-Ranges: bytes
Content-Length: 53025
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/d6_3.jpg
165.84.188.236200 OK 37 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/d6_3.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=883, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1383], baseline, precision 8, 250x331, components 3\012- data
Hash 9654ee5c7edcf2ad7bfb8233021de13a
c7923fd40d8dbccf55f6b411e3b3b9f68e941764
2904da4a02590dad969687ec2358e43d909e7f63738152f684b522693367f050
GET /wp-content/uploads/2022/01/d6_3.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "902f-5d6bba0f4088d"
Accept-Ranges: bytes
Content-Length: 36911
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/KC_Lee_03s-e1631819935860.jpg
165.84.188.236200 OK 11 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/KC_Lee_03s-e1631819935860.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Hash d68ba09ec153b699c43874985291b6c6
884e68361006ff3a009186cc65738c1287ea6297
e954692f972850f6969dddf19f9bf57aa235de547b2f7752f1ba5fe039d537ca
GET /wp-content/uploads/2022/01/KC_Lee_03s-e1631819935860.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "2a29-5d6bba0f4088d"
Accept-Ranges: bytes
Content-Length: 10793
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/kin01s-1.jpg
165.84.188.236200 OK 52 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/kin01s-1.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=540, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], progressive, precision 8, 240x135, components 3\012- data
Hash 0c0a018748b8ed788fc98c05561760bb
388f3d715ea2a52cad0d855626b7d5ad79f2c619
92d4455748e8933b4f92ff6ad6c1853f7d83719e621bcb4769b973023eae99c9
GET /wp-content/uploads/2022/01/kin01s-1.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "ca5f-5d6bba0f4088d"
Accept-Ranges: bytes
Content-Length: 51807
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.paypal.com/sdk/js?client-id=ASmnmt5LHREjhJauqXJKTIUuvnHZKCFX-LxgyvOrkg8i0-emIVk_IgOYwIjhZksHCKKQb-1jVYrpmh04¤cy=HKD&integration-date=2021-09-17&components=buttons&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
23.195.255.23200 OK 91 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=ASmnmt5LHREjhJauqXJKTIUuvnHZKCFX-LxgyvOrkg8i0-emIVk_IgOYwIjhZksHCKKQb-1jVYrpmh04¤cy=HKD&integration-date=2021-09-17&components=buttons&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
IP 23.195.255.23:0
File type ASCII text, with very long lines (65472)
Hash 7439a2cce8c2516abb27ea358f18f7d4
385874cfca7b9b97bf35e689e49abe0d51841d0a
c946e639e4ed6912b7c6b67308b2e6877c7f48abdac3aa6e7a823ed792e423d9
GET /sdk/js?client-id=ASmnmt5LHREjhJauqXJKTIUuvnHZKCFX-LxgyvOrkg8i0-emIVk_IgOYwIjhZksHCKKQb-1jVYrpmh04¤cy=HKD&integration-date=2021-09-17&components=buttons&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://painmed.com.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-length: 90866
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NrM1qooXWnhNN92nJuRRNIfudAL8lDYFKsSev3WxIUc7crig' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NrM1qooXWnhNN92nJuRRNIfudAL8lDYFKsSev3WxIUc7crig' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
etag: W/"162f2-OFh0z8p7m5e/NeaJ5Jq+DVGEHQo"
p3p: true
paypal-debug-id: abb446c599e6e
traceparent: 00-0000000000000000000abb446c599e6e-6ffbf65030f101ef-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 6, 6
x-edgeconnect-origin-mex-latency: 575, 575
date: Mon, 29 Aug 2022 01:39:56 GMT
vary: Accept-Encoding
set-cookie: tsrce=clientsdknodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 01 Sep 2022 01:39:55 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Mon, 29 Aug 2022 02:09:55 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756431595%26vteXpYrS%3D1661738995%26vr%3De74157e81820a2d086919b65ff90b62a%26vt%3De74157e81820a2d086919b65ff90b629%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:55 GMT; HttpOnly; Secure
ts_c=vr%3De74157e81820a2d086919b65ff90b62a%26vt%3De74157e81820a2d086919b65ff90b629; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:55 GMT; Secure
server-timing: traceparent;desc="00-0000000000000000000abb446c599e6e-83ac9cbb82aad1b6-01", content-encoding;desc="gzip",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
165.84.188.236206 Partial Content 34 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash 9a4b501049ec110597ad22ac25e0b01c
cf682116a3d358a61e8de02aad0fbea557155a0f
bb9c0890e7274967ef7053aa0bcf5afe90a3a7adbfb3e181c005d950482cae6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/01/HKPMC_leaflet.pdf HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://painmed.com.hk/
range: bytes=8978432-9012418
Connection: keep-alive
Cookie: pll_language=zh
HTTP/1.1 206 Partial Content
Date: Mon, 29 Aug 2022 01:39:56 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "8984c3-5d6bba0f3f505"
Accept-Ranges: bytes
Content-Length: 33987
Content-Range: bytes 8978432-9012418/9012419
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/pdf
painmed.com.hk/?wc-ajax=get_refreshed_fragments
165.84.188.236200 OK 713 B URL HTTP/1.1 painmed.com.hk/?wc-ajax=get_refreshed_fragments
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JSON data\012- , ASCII text, with very long lines (713), with no line terminators
Hash f9a9eaa3170df3f0bf320f6e399351bf
16645b92b8d25422e87b33470891b55b296f9fd8
10a4d49d20f1a29a059a3fa4d07b64d648f81c0ad4074731dba0f2b1220458f6
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://painmed.com.hk
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
X-Powered-By: PHP/7.4.25
Access-Control-Allow-Origin: http://painmed.com.hk
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
165.84.188.236206 Partial Content 66 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Hash 3ab7c2876304efbcac1ee43621f5cb83
461fdd9232e36bed6362b57e4066f27d90d80a22
e0a825d5f29a77d80cf10b2e08678b2ce91bb00c7d21bd1739b4b5aa509485fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/01/HKPMC_leaflet.pdf HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://painmed.com.hk/
range: bytes=3604480-3670015
Connection: keep-alive
Cookie: pll_language=zh
HTTP/1.1 206 Partial Content
Date: Mon, 29 Aug 2022 01:39:56 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "8984c3-5d6bba0f3f505"
Accept-Ranges: bytes
Content-Length: 65536
Content-Range: bytes 3604480-3670015/9012419
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/pdf
www.paypal.com/tagmanager/pptm.js?id=painmed.com.hk&t=xo&v=5.0.330&source=payments_sdk&client_id=ASmnmt5LHREjhJauqXJKTIUuvnHZKCFX-LxgyvOrkg8i0-emIVk_IgOYwIjhZksHCKKQb-1jVYrpmh04&comp=buttons&vault=false
23.195.255.23200 OK 4.3 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=painmed.com.hk&t=xo&v=5.0.330&source=payments_sdk&client_id=ASmnmt5LHREjhJauqXJKTIUuvnHZKCFX-LxgyvOrkg8i0-emIVk_IgOYwIjhZksHCKKQb-1jVYrpmh04&comp=buttons&vault=false
IP 23.195.255.23:0
File type ASCII text, with very long lines (12084), with no line terminators
Hash f95a5d0ffb853de78f990c101672d038
97ebc639be38b10285d5b825a7521e0239b745f7
de3bbe0e5f16084efba73412206ffffd6ff176b47260717edd359f82383a8e0b
GET /tagmanager/pptm.js?id=painmed.com.hk&t=xo&v=5.0.330&source=payments_sdk&client_id=ASmnmt5LHREjhJauqXJKTIUuvnHZKCFX-LxgyvOrkg8i0-emIVk_IgOYwIjhZksHCKKQb-1jVYrpmh04&comp=buttons&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EC+7IXJ5WWYjpvkSNCZ8snxTjjp8ZAPBMHmPyhrU5lryUOU9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: ae5f4b3329751
traceparent: 00-0000000000000000000ae5f4b3329751-1ddc8252b2b97fbe-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
content-length: 4299
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 251
date: Mon, 29 Aug 2022 01:39:56 GMT
vary: Accept-Encoding
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 29 Aug 2022 10:25:52 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 29 Aug 2023 01:39:56 GMT; Secure
x-pp-s=eyJ0IjoiMTY2MTczNzE5NjM5NSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=tagmanagernodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 01 Sep 2022 01:39:56 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3Al3EDTfp59SSMBGk-ai7Iun4KHX95CaJz.Vr9vbCs2mJ6%2Bh94OWelrFXL6%2F6MouQMKlN6YqfZoNM0; Path=/; HttpOnly; Secure
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Mon, 29 Aug 2022 02:09:56 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756431596%26vteXpYrS%3D1661738996%26vr%3De7415b1d1820a7a08a6ea606ff8a4474%26vt%3De7415b1d1820a7a08a6ea606ff8a4473%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:56 GMT; HttpOnly; Secure
ts_c=vr%3De7415b1d1820a7a08a6ea606ff8a4474%26vt%3De7415b1d1820a7a08a6ea606ff8a4473; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:56 GMT; Secure
server-timing: traceparent;desc="00-0000000000000000000ae5f4b3329751-ac4ded034e7b8ab8-01", content-encoding;desc="gzip",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Painmed&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1661737196457&g=0&completeurl=http%3A%2F%2Fpainmed.com.hk%2F&ru=http%3A%2F%2Fpainmed.com.hk%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
151.101.1.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Painmed&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1661737196457&g=0&completeurl=http%3A%2F%2Fpainmed.com.hk%2F&ru=http%3A%2F%2Fpainmed.com.hk%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP 151.101.1.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Painmed&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1661737196457&g=0&completeurl=http%3A%2F%2Fpainmed.com.hk%2F&ru=http%3A%2F%2Fpainmed.com.hk%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: tsrce=tagmanagernodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Mon, 29 Aug 2022 01:39:56 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: bb4e07d625148
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1756431596%26vteXpYrS%3D1661738996%26vr%3De7415c891820a983d717731effffffff%26vt%3De7415c891820a983d717731efffffffe; Expires=Fri, 29 Aug 2025 01:39:56 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3De7415c891820a983d717731effffffff%26vt%3De7415c891820a983d717731efffffffe; Expires=Fri, 29 Aug 2025 01:39:56 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000bb4e07d625148-7f6c677eb0eb98be-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 29 Aug 2022 01:39:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11534-HHN, cache-bma1668-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1661737197.594355,VS0,VE166
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
23.195.255.23200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 23.195.255.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://painmed.com.hk/
Origin: http://painmed.com.hk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://painmed.com.hk
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: a8eaa3a02d90c
traceparent: 00-0000000000000000000a8eaa3a02d90c-a346494bcb8f6031-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-edgeconnect-midmile-rtt: 154
x-edgeconnect-origin-mex-latency: 62
date: Mon, 29 Aug 2022 01:39:57 GMT
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 29 Aug 2022 10:25:52 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 29 Aug 2023 01:39:56 GMT; Secure
x-pp-s=eyJ0IjoiMTY2MTczNzE5Njk1MyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 01 Sep 2022 01:39:56 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Mon, 29 Aug 2022 02:09:56 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756431596%26vteXpYrS%3D1661738996%26vr%3De7415d8b1820a7a06a47aae3ff8956cf%26vt%3De7415d8b1820a7a06a47aae3ff8956ce%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:56 GMT; HttpOnly; Secure
ts_c=vr%3De7415d8b1820a7a06a47aae3ff8956cf%26vt%3De7415d8b1820a7a06a47aae3ff8956ce; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:56 GMT; Secure
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.10200 OK 3.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.10:0
File type Unicode text, UTF-8 text, with very long lines (8265)
Hash 8503a09639307588adb958de5052ccdc
7b8e0b195ace37b6651e57ef0d06d78eb17d70a5
8d7ac6cfa676ab56517ccf513bc127406dd281673799965e7be6207f7a4901ae
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 Aug 2022 01:39:57 GMT
date: Mon, 29 Aug 2022 01:39:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 19:34:08 GMT
expires: Thu, 24 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 367549
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 02:02:22 GMT
expires: Sun, 27 Aug 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 171455
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
23.195.255.23200 OK 1.0 kB URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 23.195.255.23:0
File type JSON data\012- , ASCII text, with very long lines (1021), with no line terminators
Hash 6cce08221fa4df1414b143d789b32030
67c834c753b87fa00cc3bbab973de1d7b37ad504
9216d215520a8302f27d226d83e9216ef1bb3ee2caaf1366894339fd9c0a7cd3
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1454
Origin: http://painmed.com.hk
Connection: keep-alive
Referer: http://painmed.com.hk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://painmed.com.hk
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 1021
content-type: application/json; charset=utf-8
etag: W/"3fd-Z8g0x1O4f6AMw7urlz3h17N61QQ"
paypal-debug-id: a34b5718844d4
traceparent: 00-0000000000000000000a34b5718844d4-8b6eb17452850288-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 154
x-edgeconnect-origin-mex-latency: 64
date: Mon, 29 Aug 2022 01:39:57 GMT
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 29 Aug 2023 01:39:57 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 29 Aug 2022 10:25:53 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 01 Sep 2022 01:39:56 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2MTczNzE5NzE4NiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Mon, 29 Aug 2022 02:09:57 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756431597%26vteXpYrS%3D1661738997%26vr%3De7415e701820a7886889b85aff82c639%26vt%3De7415e701820a7886889b85aff82c638%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:57 GMT; HttpOnly; Secure
ts_c=vr%3De7415e701820a7886889b85aff82c639%26vt%3De7415e701820a7886889b85aff82c638; Path=/; Domain=paypal.com; Expires=Thu, 28 Aug 2025 01:39:57 GMT; Secure
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493207b6-dc02-49c3-8638-bc8004dcc2bf.webp
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493207b6-dc02-49c3-8638-bc8004dcc2bf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4c8397d321227ef0a068caef85ca5e6
a0488ccdfed52b81651ba59fc2e335c1447fb2ac
4d5e0e9919120d7b3f7255038f91e2aa1becf1e1d379697b915ef1224529ace0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493207b6-dc02-49c3-8638-bc8004dcc2bf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7905
x-amzn-requestid: 9db12223-a7c8-443e-bb0d-b204c5757bf3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgHDBE02oAMFpWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63098546-355abfd617e3a08c50365959;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 02:45:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: V2ejlD1ozf9H0oEvoogYNmGNsG-rNMszj6gEF_AIKAjHBT2qKkkt7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:27 GMT
age: 14130
etag: "a0488ccdfed52b81651ba59fc2e335c1447fb2ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
painmed.com.hk/wp-content/uploads/2022/01/cropped-logo-1-192x192.jpg
165.84.188.236200 OK 8.3 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/cropped-logo-1-192x192.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 7919f9600a86ecd4c87e802d978dac6d
ff5fae23f5d3c1754097ab6e41802d6139e7fde4
718ec61c2fdccb95d3ba5375e6457d68744dac4b9ec3c13b32b4c5fe0b585982
GET /wp-content/uploads/2022/01/cropped-logo-1-192x192.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:57 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:12:03 GMT
ETag: "2082-5d6bba6721082"
Accept-Ranges: bytes
Content-Length: 8322
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/cropped-logo-1-32x32.jpg
165.84.188.236200 OK 1.1 kB URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/cropped-logo-1-32x32.jpg
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 4afbf3784b228021caf126d9640cdb69
8d516a6dfc3a4d5aa619397536411fe5def1adfd
dfa36e83e587811a49875bc5524cc81bc9c1cdf326a078a0a69091f39efe29ec
GET /wp-content/uploads/2022/01/cropped-logo-1-32x32.jpg HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://painmed.com.hk/
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:57 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:12:03 GMT
ETag: "446-5d6bba6726672"
Accept-Ranges: bytes
Content-Length: 1094
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
165.84.188.236200 OK 0 B URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/01/HKPMC_leaflet.pdf HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://painmed.com.hk/
Connection: keep-alive
Cookie: pll_language=zh
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 01:39:55 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "8984c3-5d6bba0f3f505"
Accept-Ranges: bytes
Content-Length: 9012419
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/pdf
painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
165.84.188.236206 Partial Content 0 B URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/01/HKPMC_leaflet.pdf HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://painmed.com.hk/
range: bytes=1966080-3604479
Connection: keep-alive
Cookie: pll_language=zh
HTTP/1.1 206 Partial Content
Date: Mon, 29 Aug 2022 01:39:56 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "8984c3-5d6bba0f3f505"
Accept-Ranges: bytes
Content-Length: 1638400
Content-Range: bytes 1966080-3604479/9012419
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/pdf
painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
165.84.188.236206 Partial Content 0 B URL HTTP/1.1 painmed.com.hk/wp-content/uploads/2022/01/HKPMC_leaflet.pdf
IP 165.84.188.236:0
ASN #10103 HK Broadband Network Ltd.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/01/HKPMC_leaflet.pdf HTTP/1.1
Host: painmed.com.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://painmed.com.hk/
range: bytes=3670016-8978431
Connection: keep-alive
Cookie: pll_language=zh
HTTP/1.1 206 Partial Content
Date: Mon, 29 Aug 2022 01:39:56 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 17:10:31 GMT
ETag: "8984c3-5d6bba0f3f505"
Accept-Ranges: bytes
Content-Length: 5308416
Content-Range: bytes 3670016-8978431/9012419
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/pdf
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.10:0
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 Aug 2022 01:39:57 GMT
date: Mon, 29 Aug 2022 01:39:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2