r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8afcbdfc50b3ac9488d629a1a4923b81
933fe7b84c2fbd931da70e92c86fa89110e7cfe7
9857b3b813177c23f90a7e53c7ec1f878362b1da27bc19493bebffc358a4b852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9857B3B813177C23F90A7E53C7EC1F878362B1DA27BC19493BEBFFC358A4B852"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19043
Expires: Mon, 02 Jan 2023 08:24:19 GMT
Date: Mon, 02 Jan 2023 03:06:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 116c0a4485584a949c2edff4a949549f
de064c35dd7ce008d69932915ddb3d04fe7f2eeb
4fc3e38254e220857100a1b2a7c96209fc9d1141ccfb9057181da9745e78fb8e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FC3E38254E220857100A1B2A7C96209FC9D1141CCFB9057181DA9745E78FB8E"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5228
Expires: Mon, 02 Jan 2023 04:34:04 GMT
Date: Mon, 02 Jan 2023 03:06:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e71f8c03e957e6b1526fc3f1537b3d95
6f1e5a549978b3cc67fa6142fd4bf45d2730bf71
29e3d9e5d2fec1b8e13beafa7970157db0c8b07392c4dd53fc033b609f2fc7ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29E3D9E5D2FEC1B8E13BEAFA7970157DB0C8B07392C4DD53FC033B609F2FC7AD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3316
Expires: Mon, 02 Jan 2023 04:02:12 GMT
Date: Mon, 02 Jan 2023 03:06:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 02 Jan 2023 02:47:22 GMT
content-type: application/json
age: 1174
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gz08KCTU8FIulodTQ07I3fGYTQYKZdtPrI0Zne/mgBGiICPTU7ipxQ2H8TnGbYNW36eZ5bmICxs=
x-amz-request-id: NS0C06D0C7RFWHEW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 02 Jan 2023 03:00:19 GMT
age: 397
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jan 2023 03:06:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 02 Jan 2023 02:08:11 GMT
age: 3526
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2a99db6956684dc306ada584f1907d8
21c3fc85b00308907c1cffcb36b1ba1a4617f613
cf568c4a26fb352228e849b18fbca0f6fd3b3a89055cd5f4fc0cdd11f9b9733e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1993
Cache-Control: max-age=109985
Content-Type: application/ocsp-response
Date: Mon, 02 Jan 2023 03:06:57 GMT
Etag: "63b14d29-1d7"
Expires: Tue, 03 Jan 2023 09:40:02 GMT
Last-Modified: Sun, 01 Jan 2023 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
jingau.com.tw/it/webstaticmktg2014designfontPP/SansPayPalSansBig-Bold.woff/691532e405a5e06e5259f16985df0861/index.htm
103.118.24.38302 Moved Temporarily 0 B URL HTTP/1.1 jingau.com.tw/it/webstaticmktg2014designfontPP/SansPayPalSansBig-Bold.woff/691532e405a5e06e5259f16985df0861/index.htm
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /it/webstaticmktg2014designfontPP/SansPayPalSansBig-Bold.woff/691532e405a5e06e5259f16985df0861/index.htm HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Mon, 02 Jan 2023 03:06:57 GMT
Server: Apache
Set-Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117; path=/
Location: http://jingau.com.tw/index.php/404
X-Powered-By: PleskLin
Content-Length: 0
Connection: close
Content-Type: text/html
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lyWZdxc9lJxP42IyfCdEIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XSMIhgiQY4WFbBfop6avQZNgi/8=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15582
Expires: Mon, 02 Jan 2023 07:26:41 GMT
Date: Mon, 02 Jan 2023 03:06:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15582
Expires: Mon, 02 Jan 2023 07:26:41 GMT
Date: Mon, 02 Jan 2023 03:06:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15582
Expires: Mon, 02 Jan 2023 07:26:41 GMT
Date: Mon, 02 Jan 2023 03:06:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15582
Expires: Mon, 02 Jan 2023 07:26:41 GMT
Date: Mon, 02 Jan 2023 03:06:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15582
Expires: Mon, 02 Jan 2023 07:26:41 GMT
Date: Mon, 02 Jan 2023 03:06:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2eac6cb10f73a9133b10b29991d36d28
50dbba1b337a139007815016c1e1d91309a3ac0e
8f8783c086623f20451d3e5321e2ca2ca64d559370e94b0c2aeb8dfe3c95207d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5150
x-amzn-requestid: ebece8b2-8256-42b6-8ae3-3654d2b7b319
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d6ZBEFUZoAMF2OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ada206-10bdc2ae5ee1d4494ebcdaad;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 14:19:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M-erf0gwboJTnX5LWgKYpEjsq5bHuAShdResjK97rTMV1bQNDUof6w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 07:41:04 GMT
age: 69955
etag: "50dbba1b337a139007815016c1e1d91309a3ac0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e628ac1e25757ac0177f4a392d6b7ddb
d457e65190f24dce30af852e07b2d55f1fe5d808
b51790825ceb10ba7d5ec69081c098b7c82e72e4128dc1c23fa4f45495fbfa65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5684
x-amzn-requestid: a8295357-6fcf-436d-8884-cbc529f3cba4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxSEVGMcIAMFdXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a9fd4e-3067d9957e1e512174ab34bc;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 20:00:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XU-AgqVtSS4DT7lnUIav920Fg5fSbvOYZ_EFXNedq9TLrt2clB7TUQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 22:12:08 GMT
age: 17691
etag: "d457e65190f24dce30af852e07b2d55f1fe5d808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4257ad28-284d-4097-833e-46c10e7e821c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4257ad28-284d-4097-833e-46c10e7e821c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24938cd841215227aa0cf216dd3fe03
10be50c441c19542d419bb103499cb7460735f54
b5cd96b6ee8799ccea59abd1129e1599b5f682604c48c54126fd6c8ccef1f492
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4257ad28-284d-4097-833e-46c10e7e821c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9461
x-amzn-requestid: 88757846-7eae-4cfe-941b-20ad5a1ca562
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRxsHSWoAMFscQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcd7-3790be59473b7101219694fa;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uxq5NPtIpQX20p8DYrhu22eyD9KRaWJ0oLj8WzrqSZjraFBYNq2D8Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:58:42 GMT
age: 18497
etag: "10be50c441c19542d419bb103499cb7460735f54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F192b4d4b-2139-4686-9439-7c53c5d2398c.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F192b4d4b-2139-4686-9439-7c53c5d2398c.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a33d068aabe41c29c55f7cd956e5d639
51077469940440d7c94860ede7de655b52149d9d
f67f01870a33d5e4fb2d157c76161ddbe9fecf97a157f890a18393158db63db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F192b4d4b-2139-4686-9439-7c53c5d2398c.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13061
x-amzn-requestid: acc8f5ea-61aa-4368-bd07-39be5646947d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eBxtFEHMoAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b09653-6d760b315f99a80612a7572e;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 20:06:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACdQ3G1eT31FsW_bZFuJ5gp7ZZR_ayj1rxZ57T6lp6Fk7zovJWyf6w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 04:04:25 GMT
age: 82954
etag: "51077469940440d7c94860ede7de655b52149d9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ddd6cf-0328-450a-a7f4-c28c8b3cf3af.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ddd6cf-0328-450a-a7f4-c28c8b3cf3af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 934b99c25a7ac4eb00230727421b28c7
59e7e7189f8bdac19da2d8d1ff6a9129865f2649
8ae6d3bea08eb1b5c999f9826cb64ef21477dd1f4c8b53d00c5432a1fd48426b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ddd6cf-0328-450a-a7f4-c28c8b3cf3af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8732
x-amzn-requestid: b6b571a4-3c90-4fe9-9359-4453ac838509
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCYkqE-EIAMFViA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0d484-7b7f99d966d056a526967e3c;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 00:32:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tUf3EJ-W1FDRgoOsZV2a2c2ZaiItC6TJziSmZDEcKRBl-n7NzkMy2g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 07:48:28 GMT
age: 69511
etag: "59e7e7189f8bdac19da2d8d1ff6a9129865f2649"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F649080f2-6482-455e-a545-e676f3e25ccb.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F649080f2-6482-455e-a545-e676f3e25ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1396aaf449ebdf802078412dadb62629
0ce4a7cdebab08ae6da21386b8e3eeb22ef8fa79
590aaa2428b715f36c0012b6e630de46e21760d03af492e4a1d0762cea1b61fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F649080f2-6482-455e-a545-e676f3e25ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: ff1837be-1bbb-4a61-bb18-31aa3376a1c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d__ZbG_IoAMFwvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afdf6f-73adde3b54daa25e17eefb18;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:06:23 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: UYpln1bE0PbRHtzD-YHqaBqiLR07LikJ9SgmsomGtEm5rUU7InjylQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 07:37:05 GMT
age: 70194
etag: "0ce4a7cdebab08ae6da21386b8e3eeb22ef8fa79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Tinos
142.250.74.106200 OK 542 B URL HTTP/1.1 fonts.googleapis.com/css?family=Tinos
IP 142.250.74.106:0
Hash 67c131eb25823bebecfd95ef344bed97
4b330b0ff8755da771033da1ee63d157cfee8cdd
e9d0092f3e2c15fdf8a4702168694bc38de2e5529a6b81e9470947db391472fb
GET /css?family=Tinos HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 02 Jan 2023 03:07:03 GMT
Date: Mon, 02 Jan 2023 03:07:03 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 31 Dec 2022 16:21:57 GMT
Expires: Sun, 31 Dec 2023 16:21:57 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 125106
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
142.250.74.74200 OK 52 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (64651)
Hash 90a9d6025c5c6fb9d338400221db28c4
8db4fb29ad7009a26a3e9b60945de0dbcbc216dc
e02adbfb9cea8e180e266a1f23d446a4aa072f50d602d990880708d3b3185469
GET /ajax/libs/jqueryui/1.8/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 51653
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Dec 2022 06:06:53 GMT
Expires: Wed, 27 Dec 2023 06:06:53 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 507610
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
jingau.com.tw/index.php/404
103.118.24.38200 OK 16 kB URL HTTP/1.1 jingau.com.tw/index.php/404
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1432), with CR, LF line terminators
Hash 63a2a6d2d1c3e42aecf30fdb487dd50e
21eaf32e0f97c4f351675886db00c45794982f0b
ea8f9af7e5040a96349467bf0b094734aec9fb820359931eaa435823cf645823
Analyzer Verdict Alert fortinet Malware
GET /index.php/404 HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:06:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
X-Powered-By: PleskLin
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
jingau.com.tw/templates/theme1372/css/normalize.css
103.118.24.38200 OK 9.0 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/normalize.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash 89cd078f1b1f9b0e0855d62f264a3842
2d9393ea0494c3ee20d697e0d3ce78640ea78f32
f76c7bed17a08a2487acdf82fb487b3b06f5002c825fbf9d7169de6c3344305f
GET /templates/theme1372/css/normalize.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:03 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "fc0943-2344-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 9028
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/templates/theme1372/css/touch.gallery.css
103.118.24.38200 OK 2.4 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/touch.gallery.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash 2f0a3953db30b4daf101c4e232538b26
d33b3c6f090ac1732e3af946a267f1b58e693763
bfb56ec5071f78c2b11aeda66ea708e80a80dd541ed53a7ca2655035138f80de
GET /templates/theme1372/css/touch.gallery.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:03 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "fc094c-943-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 2371
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/templates/theme1372/css/isotope.css
103.118.24.38200 OK 1.7 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/isotope.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with CRLF line terminators
Hash e9f9fc63b8ea618a16c289e5ca72b5cd
aafa043eb3890fbd944a5db06d6e065c50d20444
cebd9df35604d5bb929571df35b9c3c573ea783459e1973f16f359474de0a49e
GET /templates/theme1372/css/isotope.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:03 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "fc0947-68d-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 1677
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/templates/theme1372/css/skeleton12.css
103.118.24.38200 OK 12 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/skeleton12.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with CRLF line terminators
Hash 52d07fe2b1fdcdd07e841d92e8a3c663
2c8450bd5a7dc46ffce2ad348b5c32048582b18e
deb87c8c629437793c7e2ab04c1c04e4172ad810d219986889e7d22e9ef65274
GET /templates/theme1372/css/skeleton12.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Wed, 15 Feb 2017 06:53:16 GMT
ETag: "fc093f-2e0d-5488c228f6f00"
Accept-Ranges: bytes
Content-Length: 11789
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/templates/theme1372/css/responsive.css
103.118.24.38200 OK 9.9 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/responsive.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with CRLF line terminators
Hash 743d43d3ddf98deef355dd90dd947bd7
e424afd16ac900d3d91b6eba5e5c8e361605c7eb
fe161923efb92e479e8aa80fded443e19e006f296d1fed278097940e354b8b47
GET /templates/theme1372/css/responsive.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "fc094a-267a-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 9850
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/templates/theme1372/css/default.css
103.118.24.38200 OK 21 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/default.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash eccedc57ae1de53228e85e240628c8b2
28389a405069ab73dc93b9430528e0cf0d50447e
7c5832ea6971022fbbbf31b799492bda24dae09d4a264cdcec38d76f14fb9efa
GET /templates/theme1372/css/default.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:03 GMT
Server: Apache
Last-Modified: Thu, 16 Feb 2017 11:57:17 GMT
ETag: "fc0945-5240-548a47fa66140"
Accept-Ranges: bytes
Content-Length: 21056
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/media/system/js/core.js
103.118.24.38200 OK 4.8 kB URL HTTP/1.1 jingau.com.tw/media/system/js/core.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with very long lines (513)
Hash 4b59c964036a5a6ba36d4cfa34968c2a
a05177eb337fb8c96cef328d673644caae9a5dc6
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/core.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f60dd3-12b0-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 4784
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/templates/theme1372/css/template.css
103.118.24.38200 OK 22 kB URL HTTP/1.1 jingau.com.tw/templates/theme1372/css/template.css
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type Unicode text, UTF-8 text, with very long lines (487), with CRLF line terminators
Hash e64d6bd553eb7fc5e8a3c246f74f6fe9
702ee8d257e36e3eddb19ab9b861cb65e69aa7d3
e55df8aa63e3ba91d221b6b15133d6a3bc6354c81d0f839d02ae2674a40eac6e
GET /templates/theme1372/css/template.css HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:03 GMT
Server: Apache
Last-Modified: Fri, 17 Feb 2017 07:17:03 GMT
ETag: "fc094d-56f0-548b4b34c79c0"
Accept-Ranges: bytes
Content-Length: 22256
X-Powered-By: PleskLin
Connection: close
Content-Type: text/css
jingau.com.tw/media/system/js/modal.js
103.118.24.38200 OK 9.7 kB URL HTTP/1.1 jingau.com.tw/media/system/js/modal.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type Unicode text, UTF-8 text, with very long lines (599)
Hash 637c3dd497107b7460a1f5a9e616a01c
bd7115c100422d2963f97a2b4c96a7fd3c1763b9
1d44d98509149be106f7f160e40e5049931817efa8a6aecec637ac3f6dcebdd0
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/modal.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f60dcf-2604-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 9732
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/plugins/system/jqueryeasy/jquerynoconflict.js
103.118.24.38200 OK 20 B URL HTTP/1.1 jingau.com.tw/plugins/system/jqueryeasy/jquerynoconflict.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with no line terminators
Hash 3179f2255b046d5f2e9a71e365287bef
462e90dd5487b4c692a7c609b7b78f1b93496343
844a36c2c43704c5ae846d0f52093463bc6e84d547d04528eefb6313129e570f
Analyzer Verdict Alert fortinet Malware
GET /plugins/system/jqueryeasy/jquerynoconflict.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f807c4-14-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 20
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/media/k2/assets/js/k2.noconflict.js
103.118.24.38200 OK 347 B URL HTTP/1.1 jingau.com.tw/media/k2/assets/js/k2.noconflict.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash e58dd22fa899f1fdd5f5e61b0d2289df
43f0f75bf699637ca92ee32ed9a0088b2fe18bda
25eca19585e340240b7a439a129e269f04af709c29f4209d82999c3247708040
Analyzer Verdict Alert fortinet Malware
GET /media/k2/assets/js/k2.noconflict.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:38:58 GMT
ETag: "f8035e-15b-4dc25f7e93880"
Accept-Ranges: bytes
Content-Length: 347
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/components/com_k2/js/k2.js
103.118.24.38200 OK 6.8 kB URL HTTP/1.1 jingau.com.tw/components/com_k2/js/k2.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash ac96c54ec7f062becbc3ab8a8b7dbe74
50abfca6640d0be3a5520b30d8d9c9c6a8dcf71b
9c365baf69bc3526a199137d42d7da9fbd73782fe6a4b5c5bdfe21749e211234
Analyzer Verdict Alert fortinet Malware
GET /components/com_k2/js/k2.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:38:56 GMT
ETag: "fa023b-1aa4-4dc25f7cab400"
Accept-Ranges: bytes
Content-Length: 6820
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/media/system/js/mootools-core.js
103.118.24.38200 OK 96 kB URL HTTP/1.1 jingau.com.tw/media/system/js/mootools-core.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with very long lines (886)
Hash cf58a30ea9b7a731712baede90b790ec
cc019ac09f68258ee3442fe7cc440adf78a3cef2
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/mootools-core.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f60dd4-1786a-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 96362
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/modules/mod_superfish_menu/js/superfish.js
103.118.24.38200 OK 3.7 kB URL HTTP/1.1 jingau.com.tw/modules/mod_superfish_menu/js/superfish.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash 8a012fff5a1f11d3b5427eefa8c8f53b
60a04836cbd908180e99166b27352e333679c9d6
24ee49af5e25731fe775a64f156ff276fdb6d24c8b6c57bb675affac6bb420f6
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_superfish_menu/js/superfish.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:05 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f805a6-e56-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 3670
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/modules/mod_superfish_menu/js/jquery.mobilemenu.js
103.118.24.38200 OK 2.0 kB URL HTTP/1.1 jingau.com.tw/modules/mod_superfish_menu/js/jquery.mobilemenu.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with CRLF line terminators
Hash 767485af8db092b3163a2a480099a337
7b810cb221d3e61a4c36b379097501b82a7400bb
e2bc37ff619b9344fb8429b5ccfa429e9cbaf599ae850c5cd7a60ad91af84d23
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_superfish_menu/js/jquery.mobilemenu.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:05 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f805aa-7e0-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 2016
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/modules/mod_superfish_menu/js/jquery.hoverIntent.js
103.118.24.38200 OK 4.4 kB URL HTTP/1.1 jingau.com.tw/modules/mod_superfish_menu/js/jquery.hoverIntent.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with CRLF line terminators
Hash 9f7822023826d577c80807db74815145
8b4df4b3ccff19035b0f5caa5f0f7c1def968514
36263bb9d427b8ec96f4e702cd6bce2a13aed9a2585648c05b674abc3294ff94
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_superfish_menu/js/jquery.hoverIntent.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:05 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f805a9-10ff-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 4351
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/plugins/system/rokbox/rokbox.js
103.118.24.38200 OK 22 kB URL HTTP/1.1 jingau.com.tw/plugins/system/rokbox/rokbox.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
File type ASCII text, with very long lines (21199)
Hash f01dd3e488f43157471b1ab98353ce25
c4ad729b8cfbc367d84c7d3e4fadb249b40b4e46
b757ec97ef1aff77e153a7679b026a6b98864ac0d57184388fabe321a4d12b54
Analyzer Verdict Alert fortinet Malware
GET /plugins/system/rokbox/rokbox.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:05 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f807ff-5529-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 21801
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/modules/mod_superfish_menu/js/sftouchscreen.js
103.118.24.38200 OK 1.4 kB URL HTTP/1.1 jingau.com.tw/modules/mod_superfish_menu/js/sftouchscreen.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash 3679e283feaa07a96b6d3b6665e91c94
4b4077b222482fc3e641df20ee730bdeb681aa8b
3500b02b5fcb6e6a9074a286528c6c08f99e04120ba36213e73232c4c29b5682
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_superfish_menu/js/sftouchscreen.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:05 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f805a8-574-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 1396
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/libraries/gantry/js/gantry-totop.js
103.118.24.38200 OK 378 B URL HTTP/1.1 jingau.com.tw/libraries/gantry/js/gantry-totop.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Hash 297561de62739072634b7b84a1a580b6
028890cb95dcb91192be0224ee93aec2aac1a474
2d6a74ba9cf1bce007dae4de11856f2b5b946521b752123ea83aee638a46896b
Analyzer Verdict Alert fortinet Malware
GET /libraries/gantry/js/gantry-totop.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:05 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:38:58 GMT
ETag: "f60402-17a-4dc25f7e93880"
Accept-Ranges: bytes
Content-Length: 378
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript
jingau.com.tw/media/system/js/mootools-more.js
103.118.24.38200 OK 0 B URL HTTP/1.1 jingau.com.tw/media/system/js/mootools-more.js
IP 103.118.24.38:0
ASN #131626 NSS INTL CO., LTD.
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/mootools-more.js HTTP/1.1
Host: jingau.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jingau.com.tw/index.php/404
Cookie: 3de0b72427826700bcfd251220ca163d=18oolram872avf9m0loguo3117
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 03:07:04 GMT
Server: Apache
Last-Modified: Tue, 07 May 2013 19:39:00 GMT
ETag: "f60de4-3a2fb-4dc25f807bd00"
Accept-Ranges: bytes
Content-Length: 238331
X-Powered-By: PleskLin
Connection: close
Content-Type: text/javascript