r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3378
Expires: Sat, 28 Jan 2023 17:35:38 GMT
Date: Sat, 28 Jan 2023 16:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3208
Expires: Sat, 28 Jan 2023 17:32:48 GMT
Date: Sat, 28 Jan 2023 16:39:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 16:35:30 GMT
content-type: application/json
age: 230
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5612
Expires: Sat, 28 Jan 2023 18:12:52 GMT
Date: Sat, 28 Jan 2023 16:39:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5J4W3rvwYybbfwmpsmgNAxl/Qgq6b77n6WA7UsXMp5INisiAWW8YAJuIsOzrcI/tI97NPV5V2v8=
x-amz-request-id: 08RGB6YWEKS4J9SC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 15:49:57 GMT
age: 2963
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 16:39:20 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 15:49:03 GMT
age: 3017
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
jdb568.com/
47.96.195.102302 Found 154 B IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 28 Jan 2023 16:39:20 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Set-Cookie: acw_tc=76b20fef16749239606836837e6c978b771839a683e59a7334c1383fb5422c;path=/;HttpOnly;Max-Age=1800
Location: https://jdb568.com/
Via: HTTP/1.1 SLB.28
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6333
Expires: Sat, 28 Jan 2023 18:24:53 GMT
Date: Sat, 28 Jan 2023 16:39:20 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.3.113101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: onOYSsT1sr9ax5RlWIX3PQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +0T2vngSeBV2BLR57mg1/Yb8qkM=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7319
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 16:39:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7319
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 16:39:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7319
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 16:39:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 67356
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S8H9sSYtUyye2ex8ulTLy6SEyqTt3xUmjRkTWL0oCEDZIDA21dnudw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:38:29 GMT
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
age: 64853
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ed1a0bd725b2078b4cfe4ed83877901
62493ca03be9870aac2341e033611a6d56bd322a
706e84bc63fd98acaeb72789239af3210ae6e3910e6589d92a25899dc9059dfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12397
x-amzn-requestid: e8436997-696d-483a-b03a-a84e7ca614ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5HbzoAMFXsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-1c2ccd0a187d0a3e2f6a59cc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmLHc8fKQYUpq9B-GyOQ0FKzhxi0ToTEPA7cu6JnQftgDFDNV8USvw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:37 GMT
etag: "62493ca03be9870aac2341e033611a6d56bd322a"
content-type: image/jpeg
age: 67365
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 64389
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fd26625a6c5339389faf4f6aa8fc6a
05aed76d3966ea8a02d4bbbeff7b41c8a5aac907
9a29ad65cb7a8632a2c454a4caeb43a10c5152ccf3dbab22d584276bdeeb0dbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5746
x-amzn-requestid: 8ab00078-cdf9-465a-a493-64a488c9e634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEIJIAMFutA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3f9b5f031812e32f6625f1e6;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jUVP5rlieH6mUh_fgVz4D636AIMAo2JXJqBgzGSI_CyY2-8Pza4IKw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 67824
etag: "05aed76d3966ea8a02d4bbbeff7b41c8a5aac907"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 23:03:41 GMT
age: 63341
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d79ee7031928dd90e17e671496071fa
1d8832cb26f54a0d5eb5c1929c41ad83bae31b7f
a4a1aa4cea93720a73f1447381613b91d66750649a3de9020fa9e99f94aca12a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 16:39:24 GMT
Server: ECS (amb/6BB1)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d79ee7031928dd90e17e671496071fa
1d8832cb26f54a0d5eb5c1929c41ad83bae31b7f
a4a1aa4cea93720a73f1447381613b91d66750649a3de9020fa9e99f94aca12a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121173
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 16:39:24 GMT
Etag: "63d48611-1d7"
Expires: Mon, 30 Jan 2023 02:18:57 GMT
Last-Modified: Sat, 28 Jan 2023 02:18:57 GMT
Server: nginx
Content-Length: 471
jdb568.com/Content/Css/hover-min.css?v=263
47.96.195.102200 OK 12 kB URL HTTP/1.1 jdb568.com/Content/Css/hover-min.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (65192), with CRLF line terminators
Hash c09db9c40e2ad260d84b829e1922a7e5
2599107e0ab883c4528945d21619df844ab7b78d
4ca440399ad8391cd7cbe97819924416f09365c21fbdead5d7b562df92048559
Analyzer Verdict Alert fortinet Malware
GET /Content/Css/hover-min.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:25 GMT
Content-Type: text/css
Content-Length: 12096
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "dd569b1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/select2/css/select2.min.css?v=263
47.96.195.102200 OK 2.8 kB URL HTTP/1.1 jdb568.com/Content/Plugins/select2/css/select2.min.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (15179), with CRLF line terminators
Hash 7fea9bcc427b8ecfc1fb3e30d02679e0
c204b8df371568567ab48b17e355f93267dcbe4e
6570ecccb534605ddbacff026a6a1a6d8a8fe70e86223aa1bc76b7ace40022d8
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/select2/css/select2.min.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:25 GMT
Content-Type: text/css
Content-Length: 2822
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "8516c21bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/
47.96.195.102200 OK 82 kB IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (641), with CRLF line terminators
Hash 17064ef9b8817f081b56e0e2bfc1a42f
41a96e1d7753ac85b4f7bab03ac9b9acfd96ba58
e4c2ddad155331a28b3f8347e7d27bec8e07f991646b6d4d3346bf4eca30521c
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f;path=/;HttpOnly;Max-Age=1800
Cache-Control: private, s-maxage=0
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/home_index.js?v=263
47.96.195.102200 OK 5.3 kB URL HTTP/1.1 jdb568.com/Content/js/home_index.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 64bde67ae2dff1bd01b6bc0177ed635c
e7a3628cdb5559d21d078560de383480e77d761a
5c95178d1789e6f396185ee6b57793d1c641e3efbd20e4eaddbfe8f266c16254
GET /Content/js/home_index.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 5276
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 26 Nov 2021 12:13:41 GMT
Accept-Ranges: bytes
ETag: "7046e3cbfe2d71:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 933384944a5ee01713029bb40f96b477
aede4293d8ee6262709fa7681f2c6003c0b2094f
e5eb42ee87dc1fbe969f88e7693624331d21affdb0f953cd809321f737c8da8f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:06:56 GMT
ETag: "aede4293d8ee6262709fa7681f2c6003c0b2094f"
Last-Modified: Sat, 28 Jan 2023 15:06:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2590
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b2a05f870b50b-OSL
jdb568.com/Content/Plugins/swiper/swiper.min.js?v=263
47.96.195.102200 OK 41 kB URL HTTP/1.1 jdb568.com/Content/Plugins/swiper/swiper.min.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (65264), with CRLF line terminators
Hash cdff4c20c4845290a21e24696dca95dc
cc460def502bcd44d327f8646196724efb92e901
56e77e9265922216b5cd11ba6ca4d13ce4fe1f6ed964fb2f8eedd235d0e8364c
GET /Content/Plugins/swiper/swiper.min.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 41380
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "50c4c41bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/layer/skin/layer.css?v=263
47.96.195.102200 OK 4.2 kB URL HTTP/1.1 jdb568.com/Content/Plugins/layer/skin/layer.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (333), with CRLF line terminators
Hash 0dd05cea875e71ccd5c3620bc256eb48
faa9df0905602f9763ed0259aeb1eeab724541fb
1e25055c6ab74eab7182f57fe64346e853aae62be56f1c15f71c7beeda37a1d9
GET /Content/Plugins/layer/skin/layer.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: text/css
Content-Length: 4168
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "2fd4bb1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Css/order_index.css?263
47.96.195.102200 OK 3.7 kB URL HTTP/1.1 jdb568.com/Content/Css/order_index.css?263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2716555b975fa6c9a8acd88d1bfa19ba
f1cef675af010b9f151ea71719f7f74fab623a8a
dde17a98ea5fc6582db205634884e0e27e1402706ece92d451f38aece4515457
GET /Content/Css/order_index.css?263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: text/css
Content-Length: 3698
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 13:23:35 GMT
Accept-Ranges: bytes
ETag: "9438bb874b40d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/swiper/swiper.min.css?v=263
47.96.195.102200 OK 4.0 kB URL HTTP/1.1 jdb568.com/Content/Plugins/swiper/swiper.min.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (19512), with CRLF line terminators
Hash 0aa6e016345c278bf1008bac35f1cfe6
5019ccf08a2be777838fc59a6f2215c335cd8de1
2f02a330f7abe923dd2ccef945ebd5b0e79005f5c72c6b0ebcaab891eafc2ee0
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/swiper/swiper.min.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: text/css
Content-Length: 4020
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "989ec41bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/template.js?v=263
47.96.195.102200 OK 3.2 kB URL HTTP/1.1 jdb568.com/Content/Plugins/template.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type exported SGML document, ASCII text, with very long lines (5251), with CRLF line terminators
Hash 015aa9353be436c58e1d914ed4306470
08d4533d6f77b4d2b805d5cae242a7ed6b35a569
dd98f691ca4af5fceeb59458487c43ca59035d65e89b3b79404c75c20b06bad2
GET /Content/Plugins/template.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 3157
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "bebc41bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Css/common.css?v=263
47.96.195.102200 OK 61 kB URL HTTP/1.1 jdb568.com/Content/Css/common.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7c9c8a74381cfbd2a33f7d264f0e8c7e
1bc6c303b144fe359545c101b0582fe8e32e8d3b
a3ee5dfaff3930d669bae89dc5f8e821e84d590ab50b9709ec3d6aa9cddd042e
Analyzer Verdict Alert fortinet Malware
GET /Content/Css/common.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: text/css
Content-Length: 61133
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 18 Nov 2022 13:01:54 GMT
Accept-Ranges: bytes
ETag: "9bb28fee4dfbd81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/fonts/hgpicon/iconfont.css?v=263
47.96.195.102200 OK 42 kB URL HTTP/1.1 jdb568.com/Content/Plugins/fonts/hgpicon/iconfont.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (36697), with CRLF line terminators
Hash bd6dc7fc60d4d4f9356c922ec58124e0
ae9cb4b25619c617d70e75d61aea8f9db1bd0f15
9f87615db7af43154cad40761d4d4cb22a2fb101eeaa24765b9eafd39cf1af83
GET /Content/Plugins/fonts/hgpicon/iconfont.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: text/css
Content-Length: 42159
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "c143ae1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/layui/layui.js?v=263
47.96.195.102200 OK 3.5 kB URL HTTP/1.1 jdb568.com/Content/Plugins/layui/layui.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (6596), with CRLF line terminators
Hash 6c7509c637989a335cfdc9768c77cc2c
db93948a8e9475ccbad4b5109b5cd5dc4aa64f44
1187fbffa5520ec4714ae0849e8e7fefe205c9db6f9f82b1d58c5d28baf1720c
GET /Content/Plugins/layui/layui.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 3466
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "dc7dc11bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d91cec8e668ce036a484110723eb1cba
ccd1726dfda4eef6dc4279096856c71c32da8854
ed0a1c7a898e7d6158b3c4872b669f923ee4e6e20a1caeed546725bc8e519c67
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:19:54 GMT
ETag: "ccd1726dfda4eef6dc4279096856c71c32da8854"
Last-Modified: Sat, 28 Jan 2023 15:19:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1207
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b2a0a1ec1b512-OSL
jdb568.com/Content/Plugins/layer/layer.js?v=263
47.96.195.102200 OK 10 kB URL HTTP/1.1 jdb568.com/Content/Plugins/layer/layer.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (1145), with CRLF line terminators
Hash eb2cdafd94d9753f10044a45a16ca070
a2f2fff06af9a41fc8d69e8ea7799a3142505e46
b84c4a1fdcfca2e242ef4e5e852f953f2fd4d0e6aee9ef319b8cc938c3f8bbd2
GET /Content/Plugins/layer/layer.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 10322
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "b761bb1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/jquery/jquery.lazyload.min.js?v=263
47.96.195.102200 OK 1.6 kB URL HTTP/1.1 jdb568.com/Content/Plugins/jquery/jquery.lazyload.min.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (3309), with CRLF line terminators
Hash 10ec0a4024bd74006859137d37024463
e6367380b2bb7959b1e47a57d89300e35c75227a
bc47ca21a7429b57709d1cc85db8f3821a3e6cea9d80b261807fa6d0324e8ded
GET /Content/Plugins/jquery/jquery.lazyload.min.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 1592
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "c130ba1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/echo/echo.min.js?v=263
47.96.195.102200 OK 1.1 kB URL HTTP/1.1 jdb568.com/Content/Plugins/echo/echo.min.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (1835), with CRLF line terminators
Hash dbe5016ac051a55cfcea1169082886d9
5971419c9d8564510cdd6c8dbd86ed0a905bb414
643b40c31648ddeb6e87815003b5c5d0e4c6252938b196795f8945dbf2ed9c65
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/echo/echo.min.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 1082
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "3b8aaa1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/jquery/jquery-1.10.2.min.js?v=263
47.96.195.102200 OK 33 kB URL HTTP/1.1 jdb568.com/Content/Plugins/jquery/jquery-1.10.2.min.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (32072), with CRLF line terminators
Hash fc0f7b3fe5dbddd7de83453643cbaa96
0b4833ec7c10737b2a0de7854d446fd0c55e60b8
84c95cbba8d5c9eba49d2c50c3d2a34231b73909494d48a00357f9a2424fd65e
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/jquery/jquery-1.10.2.min.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: application/javascript
Content-Length: 32923
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "0525f1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/json/footData.js?v=263
47.96.195.102200 OK 274 B URL HTTP/1.1 jdb568.com/Content/json/footData.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2783a35da8921717ec1a093f9b1ae4ad
16e2c1223e0e5cf18649f4daf33d9676112ddcfd
8e5b0210af8e277eb681048c4008f922453f3fb49753c991cb101b5ac4fabc90
GET /Content/json/footData.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 274
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2020 15:16:01 GMT
Accept-Ranges: bytes
ETag: "c83a8737d0c4d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Scripts/vue-resource.min.js?v=263
47.96.195.102200 OK 6.5 kB URL HTTP/1.1 jdb568.com/Scripts/vue-resource.min.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (14449), with CRLF line terminators
Hash 473290a97866197c254672ce1324f6d0
af71eeafb5de6266c9df1af04d19c6087be36f6f
e0956e3dbc4b84281cdadd366c58f722b0782f396262b6db1a561aa606ed546b
GET /Scripts/vue-resource.min.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 6454
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "cd12d31bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/requestConfig.js?v=263
47.96.195.102200 OK 1.4 kB URL HTTP/1.1 jdb568.com/Content/js/requestConfig.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash edc57baa0e2e3b6c7b42a2b130c59b6b
3b9d80bc097a4d3c22b09ae0bb6dc53c9f517bc5
5abd9e0a20f9a164b613b7715257c15ce33f26c037967c38f7200df10b67070b
GET /Content/js/requestConfig.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 1379
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 17:45:28 GMT
Accept-Ranges: bytes
ETag: "0eca349e832d71:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
api.map.baidu.com/api?v=2.0&ak=ikdKsGIjylkYLwb1f5mctBv5KxxakAB5
103.235.46.245200 OK 262 B URL HTTP/1.1 api.map.baidu.com/api?v=2.0&ak=ikdKsGIjylkYLwb1f5mctBv5KxxakAB5
IP 103.235.46.245:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document, ASCII text, with no line terminators
Hash afc9513456dc6c1561b730b5fcbcc4bf
8496ca0cd67cc2072e30061924a503fb038b5109
dc63e127c373ad85f20da7f9adadd657d259c7ac1ae3fe3da634c40a28a6d9b3
GET /api?v=2.0&ak=ikdKsGIjylkYLwb1f5mctBv5KxxakAB5 HTTP/1.1
Host: api.map.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 262
Content-Type: text/javascript;charset=utf-8
Date: Sat, 28 Jan 2023 16:39:27 GMT
Expires: Sun, 29 Jan 2023 16:39:27 GMT
Http_x_bd_logid: 2367415457
Http_x_bd_logid64: 2367415590413432586
Http_x_bd_product: map
Http_x_bd_subsys: apimap
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=019E2711EEE93702BC6934466ACFC003:FG=1; expires=Sun, 28-Jan-24 16:39:27 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
BAIDUID=C06DA506A5826D0309975C94DFC3FCBB:FG=1; expires=Sun, 28-Jan-24 16:39:27 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 23674154570549156874012900
jdb568.com/Scripts/vue.min.js?v=263
47.96.195.102200 OK 34 kB URL HTTP/1.1 jdb568.com/Scripts/vue.min.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (32070), with CRLF line terminators
Hash c7fafa7872335e399279eedda33c740d
9717983507cd5f39ea7cf9292ef9fef9a727a79c
b23fbeedb9723edbea5866eb5c75709445140c1cb871f6687141db4ab542b863
GET /Scripts/vue.min.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 33813
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "aaaad31bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/utility.js?v=263
47.96.195.102200 OK 23 kB URL HTTP/1.1 jdb568.com/Content/js/utility.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 40c70e2fca1f6ee331e31371d6edc7ec
fc4b55fe0531751fdff43efafcad66a3f0c33910
1b4d7b34f64df4706c2984d092d9284e2c540f81b7e8ac0510123ffbc09bff52
GET /Content/js/utility.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 23033
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2022 12:45:44 GMT
Accept-Ranges: bytes
ETag: "764bcc31cbead81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/area.js?v=263
47.96.195.102200 OK 64 kB URL HTTP/1.1 jdb568.com/Content/js/area.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 518d6caab6bd3410c95ce12710fa79d2
e34e81b6c3a10b2cbb6712ab37a391371531c102
3ad9398e6cd3509e93654f4a99dbe65995b05f206450f746069b1929539e2a5a
GET /Content/js/area.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 64022
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 13:01:12 GMT
Accept-Ranges: bytes
ETag: "49d266c73f17d71:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/common.js?v=263
47.96.195.102200 OK 43 kB URL HTTP/1.1 jdb568.com/Content/js/common.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 70863cc727942c50862652e429b1dd3f
38bda889c7496d894499e6d58c26576d4b736952
de67c891120068fa0aa7a78d860f1a7fc66194007141e38755904b1b4e79ca51
Analyzer Verdict Alert fortinet Malware
GET /Content/js/common.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 42732
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2022 12:45:44 GMT
Accept-Ranges: bytes
ETag: "b2d7cb31cbead81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/baseunit.js?v=263
47.96.195.102200 OK 6.7 kB URL HTTP/1.1 jdb568.com/Content/js/baseunit.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 6a7842cd0ff5b56b5d8f2dfd0a44b450
3cebd327a8a825a8876c171193579eae43e782b3
e8e58cf499a1014a4d39a0bdf7bbbb4141f90a5ce98254f143c45641168f8bdf
Analyzer Verdict Alert fortinet Malware
GET /Content/js/baseunit.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 6739
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 30 Dec 2021 15:02:35 GMT
Accept-Ranges: bytes
ETag: "158564478efdd71:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/layui/css/layui.css?v=263
47.96.195.102200 OK 18 kB URL HTTP/1.1 jdb568.com/Content/Plugins/layui/css/layui.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (65478), with CRLF line terminators
Hash bb103a0492bcec0e7d46c57e725bba8d
a40c0de52ee26fa0ce65d6caafd599d07c86f787
6411810614b78c6dff814de642a321e3b846aaa90959456da3f2458b20a068b8
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/layui/css/layui.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:26 GMT
Content-Type: text/css
Content-Length: 17496
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "5df9bb1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/app/html5shiv.js?v=263
47.96.195.102200 OK 1.6 kB URL HTTP/1.1 jdb568.com/Content/Plugins/app/html5shiv.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document, ASCII text, with very long lines (645), with CRLF line terminators
Hash 9e7e532dfb442740ed7be68fa2c69fc4
e58cb86fe87d9fa3fb87bcac0f843abf1a69c19e
899a4b0d542690c05a45e0e0341b5dcdea7e9845de54fc7da6f35c2a8f56c47c
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/app/html5shiv.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 1574
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "b61a81bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/clipboard/clipboard.js
47.96.195.102200 OK 9.8 kB URL HTTP/1.1 jdb568.com/Content/Plugins/clipboard/clipboard.js
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (580), with CRLF line terminators
Hash bb7ab54db3d5cfdef9df23776d48a6b2
3b9f2670495b3994be42eb0988bfd0a2b95736ad
942c004cc79530aaabc10f2db6f67a05d57140979f5bb8052aedc17f87e68922
Analyzer Verdict Alert fortinet Malware
GET /Content/Plugins/clipboard/clipboard.js HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 9820
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "facba91bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/webim.7moor.js?v=263
47.96.195.102200 OK 3.6 kB URL HTTP/1.1 jdb568.com/Content/js/webim.7moor.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash dbca30724b506fa87b70e3c85e70db0d
f628cbd413b9d660f9d560b8f4682d03906360b5
3e2a3c182da8f332e4b084659a8fdf7cad9c394233224c9ff0cc65b26a82d642
Analyzer Verdict Alert fortinet Malware
GET /Content/js/webim.7moor.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:28 GMT
Content-Type: application/javascript
Content-Length: 3589
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2022 12:45:44 GMT
Accept-Ranges: bytes
ETag: "8b72cc31cbead81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/js/top.js?v=263
47.96.195.102200 OK 40 kB URL HTTP/1.1 jdb568.com/Content/js/top.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (52905), with CRLF line terminators
Hash 0dcbde9dcb815ec7cb8d4fab0404567d
42991af60fba555ced5e57f388e65c7b7c898674
8e14a7aeb38e7af0eb8d6bc145267f085dfc62f58b1c7b9d7979352f3fcac9e2
Analyzer Verdict Alert fortinet Malware
GET /Content/js/top.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 40204
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 18 Nov 2022 13:01:54 GMT
Accept-Ranges: bytes
ETag: "9bb28fee4dfbd81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Plugins/layer/skin/layer.css?v=500
47.96.195.102200 OK 4.2 kB URL HTTP/1.1 jdb568.com/Content/Plugins/layer/skin/layer.css?v=500
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (333), with CRLF line terminators
Hash 0dd05cea875e71ccd5c3620bc256eb48
faa9df0905602f9763ed0259aeb1eeab724541fb
1e25055c6ab74eab7182f57fe64346e853aae62be56f1c15f71c7beeda37a1d9
GET /Content/Plugins/layer/skin/layer.css?v=500 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:28 GMT
Content-Type: text/css
Content-Length: 4168
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2020 12:12:36 GMT
Accept-Ranges: bytes
ETag: "2fd4bb1bedb8d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Api/Tenant/Key?tenantKey=jdb568
47.96.195.102200 OK 223 B URL HTTP/1.1 jdb568.com/Api/Tenant/Key?tenantKey=jdb568
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash a385b0f2946c78554e8b57fa423f7917
b2a87e7712505beedd992fbdb881b6da021034e3
7647bbe8db86666396a78928d2cb4e20c560568c082c9fee1e5b5bf791b9fa5e
Analyzer Verdict Alert fortinet Malware
GET /Api/Tenant/Key?tenantKey=jdb568 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 223
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Set-Cookie: ASP.NET_SessionId=5m1nlbcxtqdylgt5phnaztdj; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
jdb568.com/Content/Css/home_index.css?v=263
47.96.195.102200 OK 7.2 kB URL HTTP/1.1 jdb568.com/Content/Css/home_index.css?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (384), with CRLF line terminators
Hash 34e58a40ab0aa119a4f528e386862e86
b17915b33246ae374969dac4808311aba432b5db
590091771508a498f7e3ff0b14787ba610c74ab3446aa9154061d2f2c2a00069
Analyzer Verdict Alert fortinet Malware
GET /Content/Css/home_index.css?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:28 GMT
Content-Type: text/css
Content-Length: 7221
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 08 Jan 2021 13:22:35 GMT
Accept-Ranges: bytes
ETag: "46f03f54c1e5d61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
webapi.amap.com/maps?v=1.4.14&key=85026e6233e04ef41d9e3f9fe978da88
47.246.167.30200 OK 0 B URL HTTP/2 webapi.amap.com/maps?v=1.4.14&key=85026e6233e04ef41d9e3f9fe978da88
IP 47.246.167.30:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /maps?v=1.4.14&key=85026e6233e04ef41d9e3f9fe978da88 HTTP/1.1
Host: webapi.amap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 16:39:26 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-server-id: 72446e765a0ee479614554419edfe3ec15581c9f5ba7852c4a765bc02ce909c084a5d848ba9f3278a30891e97ac3cbae
etag: W/84ba2ae0a710022d26fb3970dd1e1d20
cache-control: max-age=0
x-readtime: 2
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 2102e21716749239668773664e55cc
strict-transport-security: max-age=0
timing-allow-origin: *
X-Firefox-Spdy: h2
jdb568.com/Scripts/enum-data.js?v=263
47.96.195.102200 OK 0 B URL HTTP/1.1 jdb568.com/Scripts/enum-data.js?v=263
IP 47.96.195.102:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Analyzer Verdict Alert fortinet Malware
GET /Scripts/enum-data.js?v=263 HTTP/1.1
Host: jdb568.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jdb568.com/
Cookie: acw_tc=2f624a5616749239648608157e0d8585d3242973d2cb23d000290b4d98551f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 16:39:27 GMT
Content-Type: application/javascript
Content-Length: 17171
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 12:37:06 GMT
Accept-Ranges: bytes
ETag: "f049aa0ca0d91:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Access-Token,MallAppConfig
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS