Report - www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically

Report Overview

Visited public
2024-12-22 23:49:08
Tags
Submit Tags
URL
www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Finishing URL
www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
IP / ASN
172.67.154.136
#13335 CLOUDFLARENET
Title
control valves used for steam heating coils are typically:

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
lazy.agczn.my.id	unknown	2023-10-22	2024-05-12	2024-12-16	945 B	2.5 kB	104.21.16.1
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-22	892 B	852 B	3.121.166.192
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-22	418 B	375 B	185.196.197.72
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-12-19	739 B	495 B	192.243.61.225
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2024-12-17	949 B	163 kB	45.133.44.2
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-22	404 B	86 kB	185.196.197.71
positivelyassertappreciation.com	unknown	2024-08-14	2024-12-22	2024-12-22	504 B	507 B	192.243.59.12
noisesperusemotel.com	unknown	2024-01-19	2024-01-19	2024-12-16	884 B	22 kB	172.240.108.76
rashseedlingexpenditure.com	unknown	2024-11-26	2024-12-22	2024-12-22	4.5 kB	42 kB	172.240.253.132
railroadunofficial.com	unknown	2024-08-14	2024-09-20	2024-09-20	2.6 kB	6.0 kB	172.240.253.132
www.asialgst.com.tw	unknown	unknown	2022-05-03	2024-02-24	3.4 kB	458 kB	104.21.80.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-22	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically	ScriptElement	331 B	2024-04-10	2024-12-30
Pretty URL www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically IP 104.21.80.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35 Last Seen2024-12-30 02:55 Times Seen286 Hash fa3c78fb72e524df0dd06cb9615fb353 d810a6bd489d5cabe5f49050a8890f118c608af2 9cd071e14d9fc4ce751551f653d30f35cb1af8689e427f9ebabf5a3dd0f8788b Loading...

	www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically	ScriptElement	98 B	2024-04-10	2025-05-18
Pretty URL www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically IP 104.21.80.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35 Last Seen2025-05-18 14:52 Times Seen659 Hash 943d0828305b7fffcee63720ab297353 0af67ef5eeb188730502b4885f171e4c343fb22e ac5930440fe8be9005bae09ce1c2e9458c90f7428bcd7c7eb0191df1e90c71d6 Loading...

	www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically	ScriptElement	424 B	2024-05-03	2025-01-06
Pretty URL www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically IP 104.21.80.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-03 06:59 Last Seen2025-01-06 15:04 Times Seen18 Hash 6a47e78bb560f465bdbe3c5c4a2c09e2 9b95ee53cafa0524efe38772595798871b521c51 e688d216f7589b4d1d19a5926f9751b508856620e2054e6b1daa7bf24890a0df Loading...

	www.asialgst.com.tw/js/highlight.min.js	ScriptElement	123 kB	2024-08-28	2025-05-18
Pretty URL www.asialgst.com.tw/js/highlight.min.js IP 104.21.80.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen292 Hash ce552ffc8630869b9d3a215fca292098 6324f32bee04e9925adde9522dfe78eeae4858d5 30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812 Loading...

	noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js	ScriptElement	24 kB	2024-12-22	2024-12-22
Pretty URL noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 23:49 Last Seen2024-12-22 23:49 Times Seen1 Hash fce9e47f43c83df955ffa6a155d26e43 ac303ccfae51f91763cfc46ca9b1a96ed00ff2e0 fd84d9188ac6e005f4da54d7cd2043293850fae1c994f84475105d0633cf66e9 Loading...

	lazy.agczn.my.id/js15_as.js?hash=qmE6iyLfnrJv&host=www.asialgst.com.tw&path=%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&ref=	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL lazy.agczn.my.id/js15_as.js?hash=qmE6iyLfnrJv&host=www.asialgst.com.tw&path=%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&ref= IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 07:46 Times Seen5433970 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rashseedlingexpenditure.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js	ScriptElement	95 kB	2024-12-22	2024-12-22
Pretty URL rashseedlingexpenditure.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 23:49 Last Seen2024-12-22 23:49 Times Seen1 Hash 7d874ad37f00dfe96a75305a3d0c0061 1d7ec1da4da915d2c383ade3e0f86f189e4b7c0b d74b6f0038480aa6a1459a564a3d2afb547e66d01bf46b0a692fbffff7e23345 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	unknown	ScriptElement	145 B	2024-04-10	2025-01-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 17:35 Last Seen2025-01-08 08:00 Times Seen345 Hash 76389ae0d77274c26f00362c534bcd9f bc0f50806c254f8fd5be99843357c6a9637d5d3f 982d76832b490215d621bd9f712da7c6a6cc9ab0d16adef0203885492f8678fe Loading...

	www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically	ScriptElement	358 B	2024-08-28	2025-05-18
Pretty URL www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically IP 104.21.80.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen290 Hash 307edac2bd62b6f19385c5536829d90b 6f9190c70649d6e3ba068981d500e0b002e44a95 9fa7264cd962450aea00f182bf47d25821832bf69b4b7df75a049abfb510efc0 Loading...

	noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js	ScriptElement	25 kB	2024-12-22	2024-12-22
Pretty URL noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 23:49 Last Seen2024-12-22 23:49 Times Seen1 Hash b6b7f715230a7f9f3e0151ee5202d8bd 1a1345d149dff09d0730677ffe6ce3cfd4556753 dc2fc23781263bf32425ff08780873d586b3f4a48b7b051516ca11da20ed67b5 Loading...

	lazy.agczn.my.id/tag.js	ScriptElement	904 B	2024-10-11	2025-05-18
Pretty URL lazy.agczn.my.id/tag.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 05:13 Last Seen2025-05-18 14:52 Times Seen275 Hash f613be6d1cb212afb7ae84007056445d 2fb9979f24cd6cfd3b959630aeb5c3e7b784d9cb a240184536984e9c3a0c758f14a57cbda4fefd001cb3a0379c52b5f1b2e498a9 Loading...

	unknown	ScriptElement	3.3 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 23:49 Last Seen2024-12-22 23:49 Times Seen1 Hash fc7cb54bd327d2d51fc829523126e621 2aed2af0faa9a2dd581279247e563f9ef818d729 d226014beb7740a50ed8f6e268924e6f7104bb02671cb967ca073fab16150711 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6525460043965084679d9ba21d62976d	2.1 kB	2024-12-22 23:49	2024-12-22 23:49
Pretty Observations First Seen2024-12-22 23:49 Last Seen2024-12-22 23:49 Times Seen1 Hash 6525460043965084679d9ba21d62976d ba19808553a3d22a5553173c52dc19e0d62609f1 76f26fd605a68831c3cebe03acf57891f58d8bf814d91afc137cd95b88448ea2 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6defbbaf352e34a9d2124cf0c1e55791	113 B	2024-04-10 17:35	2024-12-30 02:55
Pretty Observations First Seen2024-04-10 17:35 Last Seen2024-12-30 02:55 Times Seen286 Hash 6defbbaf352e34a9d2124cf0c1e55791 547089e9ec285313ce862da13689cd23f7d7119b 5dc4f940c224807d139769648b9a4f19057d318dc9846b0ef2c5b7c69a4380cc Loading...

HTTP Transactions (24)

URL IP Response Size

GET noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js

172.240.108.76

200 OK

11 kB

URL GET HTTP/1.1
noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectnoisesperusemotel.com
Fingerprint54:73:A3:19:E8:BD:79:0A:44:2D:45:D4:4B:AE:AA:41:6E:3D:24:33
ValidityFri, 15 Nov 2024 21:30:30 GMT - Thu, 13 Feb 2025 21:30:29 GMT

File type
JavaScript source, ASCII text, with very long lines (25133), with no line terminators
Size
11 kB (11314 bytes)
Hash
b6b7f715230a7f9f3e0151ee5202d8bd
1a1345d149dff09d0730677ffe6ce3cfd4556753
dc2fc23781263bf32425ff08780873d586b3f4a48b7b051516ca11da20ed67b5

HTTP Headers

GET /d1a5e500ed255cc4ebf822ff2ae48229/invoke.js HTTP/1.1
Host: noisesperusemotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: noisesperusemotel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 15f7174d63185535ddf5f9e9ba102704
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js

172.240.108.76

200 OK

9.4 kB

URL GET HTTP/1.1
noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectnoisesperusemotel.com
Fingerprint54:73:A3:19:E8:BD:79:0A:44:2D:45:D4:4B:AE:AA:41:6E:3D:24:33
ValidityFri, 15 Nov 2024 21:30:30 GMT - Thu, 13 Feb 2025 21:30:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (23576), with no line terminators
Size
9.4 kB (9437 bytes)
Hash
fce9e47f43c83df955ffa6a155d26e43
ac303ccfae51f91763cfc46ca9b1a96ed00ff2e0
fd84d9188ac6e005f4da54d7cd2043293850fae1c994f84475105d0633cf66e9

HTTP Headers

GET /0a4243b915b6aef7ce6409f3497d95fb/invoke.js HTTP/1.1
Host: noisesperusemotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: noisesperusemotel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c50eae5ca9d4dbd469ec2bb3db378d31
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET lazy.agczn.my.id/tag.js

104.21.16.1

200 OK

774 B

URL GET HTTP/2
lazy.agczn.my.id/tag.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint15:37:71:50:43:B8:56:49:C3:9C:10:6B:95:FA:98:27:AA:92:1A:79
ValiditySun, 08 Dec 2024 15:30:45 GMT - Sat, 08 Mar 2025 15:30:44 GMT

File type
ASCII text, with very long lines (377), with CRLF line terminators
Size
774 B (774 bytes)
Hash
f613be6d1cb212afb7ae84007056445d
2fb9979f24cd6cfd3b959630aeb5c3e7b784d9cb
a240184536984e9c3a0c758f14a57cbda4fefd001cb3a0379c52b5f1b2e498a9

HTTP Headers

GET /tag.js HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:43 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=120
last-modified: Thu, 10 Oct 2024 17:00:10 GMT
etag: W/"388-192775fa590"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7xXllNumRL%2Fdr4pqOh5PlilDnsOPex%2FzGfuFO3i7JiaAG2Fj2zUgrG3Ulu7G6ZOCR061dJpwkw%2FHSFe5ASMpxfTHEwRCkYaw%2FcJeRvEHuUX2ixWKFvXKfk%2BSHpcA%2FLB18hY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f64011c291756a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=567&min_rtt=399&rtt_var=151&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3277&recv_bytes=1188&delivery_rate=6454680&cwnd=254&unsent_bytes=0&cid=7f37c1a6eb8a06f0&ts=442&x=0"
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

3.121.166.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.121.166.192:443
ASN
#16509 AMAZON-02

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
fb3044d96e5f42c5f2eb5e3eec0c5a62
44e7142cc290340e4af99751b81a7eb1213beb65
563b9f7ee069798c492252f6ab3c0d45827d84a9dff9395f4a95257e6540f5c1

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.asialgst.com.tw
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.asialgst.com.tw
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=78392632-d58d-4904-8fe3-d8437c61fb80:3:1; expires=Wed, 20 Dec 2034 23:48:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

3.121.166.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.121.166.192:443
ASN
#16509 AMAZON-02

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e17277553484af3d58867bb683c0df13
fd7f59c473913d65f38ae2102ba0207526c25ef5
788aca2286023197adf6716e0c3b9ac6c461de01aa67db331c97e61ab31f180e

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.asialgst.com.tw
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.asialgst.com.tw
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5d2a7722-cac5-4fbd-be01-0ca48dbc3fed:2:1; expires=Wed, 20 Dec 2034 23:48:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET lazy.agczn.my.id/js15_as.js?hash=qmE6iyLfnrJv&host=www.asialgst.com.tw&path=%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&ref=

104.21.16.1

200 OK

0 B

URL GET HTTP/2
lazy.agczn.my.id/js15_as.js?hash=qmE6iyLfnrJv&host=www.asialgst.com.tw&path=%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&ref=
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint15:37:71:50:43:B8:56:49:C3:9C:10:6B:95:FA:98:27:AA:92:1A:79
ValiditySun, 08 Dec 2024 15:30:45 GMT - Sat, 08 Mar 2025 15:30:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js15_as.js?hash=qmE6iyLfnrJv&host=www.asialgst.com.tw&path=%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&ref= HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-length: 0
x-powered-by: Express
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWSGHmjDRHvJmGRsDhCnwIi1AOUnLn1TU%2BpOX1P884LN4BZqHKv7PyYBS2XIvuDTNTWu38n8%2FAe6vu1KrMzDb7NgZRNA5rRWtRjBJYSuZV84h%2BCBmh2Z8oiMCatnFpbxuXAS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f64011f6b9d56a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=679&min_rtt=399&rtt_var=337&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4526&recv_bytes=1353&delivery_rate=6454680&cwnd=256&unsent_bytes=0&cid=7f37c1a6eb8a06f0&ts=964&x=0"
X-Firefox-Spdy: h2

GET rashseedlingexpenditure.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1

172.240.253.132

200 OK

4.2 kB

URL GET HTTP/1.1
rashseedlingexpenditure.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrashseedlingexpenditure.com
Fingerprint59:40:95:06:96:10:7E:EE:58:0F:ED:0F:C7:37:9D:14:13:4F:03:0C
ValidityTue, 26 Nov 2024 08:16:01 GMT - Mon, 24 Feb 2025 08:16:00 GMT

File type
JSON text data
Size
4.2 kB (4177 bytes)
Hash
813e88ff1008718e470372f071cf7d48
1fb6980d9f62ee076198c7abdf3d0185c766bd07
615b624d2023b8762d768acacbf9c7e547c7ef3f57af8bd61248476dcfa32b3d

HTTP Headers

GET /ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1 HTTP/1.1
Host: rashseedlingexpenditure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.asialgst.com.tw
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: application/json
Content-Length: 4177
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.asialgst.com.tw
Access-Control-Allow-Origin: https://www.asialgst.com.tw
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl22784088=1; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
pdhtkv49=true; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
uncs49=1; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
Host: rashseedlingexpenditure.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ad7e0ab5b22a6285f291a9a6b836b93f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET rashseedlingexpenditure.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js

172.240.253.132

200 OK

34 kB

URL GET HTTP/1.1
rashseedlingexpenditure.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrashseedlingexpenditure.com
Fingerprint59:40:95:06:96:10:7E:EE:58:0F:ED:0F:C7:37:9D:14:13:4F:03:0C
ValidityTue, 26 Nov 2024 08:16:01 GMT - Mon, 24 Feb 2025 08:16:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33715 bytes)
Hash
7d874ad37f00dfe96a75305a3d0c0061
1d7ec1da4da915d2c383ade3e0f86f189e4b7c0b
d74b6f0038480aa6a1459a564a3d2afb547e66d01bf46b0a692fbffff7e23345

HTTP Headers

GET /de/40/74/de40747527625eb4f2cfd573cb92ac16.js HTTP/1.1
Host: rashseedlingexpenditure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: rashseedlingexpenditure.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8266d0652b3069564ddb9db6c7f3f90d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET railroadunofficial.com/watch.826902377576.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&tz=0&dev=e&res=14.2071&rb=&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1

172.240.253.132

307 Temporary Redirect

0 B

URL GET HTTP/1.1
railroadunofficial.com/watch.826902377576.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&tz=0&dev=e&res=14.2071&rb=&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrailroadunofficial.com
Fingerprint64:8B:23:B0:0C:AA:FE:FC:2F:C5:22:E2:08:9C:23:5C:CB:42:67:B7
ValidityFri, 13 Dec 2024 21:30:23 GMT - Thu, 13 Mar 2025 21:30:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.826902377576.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&tz=0&dev=e&res=14.2071&rb=&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1 HTTP/1.1
Host: railroadunofficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.asialgst.com.tw
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.asialgst.com.tw
Access-Control-Allow-Origin: https://www.asialgst.com.tw
Access-Control-Allow-Credentials: true
Location: https://railroadunofficial.com/watch.826902377576.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1734911384&rb=&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&res=14.2071&rmtc=t&shu=d30d6e043a75a55742f1360a298009ed9136bf6f40d731e5b6c74cf4a8c6993ca32d53bf2e5cae995fdbe49a845fd8f1cbcdb1cc7d7736dc635d01093ad8d018d3e5f0d9526181144c287ffa8eae11242eb6b51338c72ec9825f93&tz=0&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1
Set-Cookie: u_pl22609139=1; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmFzaWFsZ3N0LmNvbS50dy9pbWdlbjQ1Mi9jb250cm9sLXZhbHZlcy11c2VkLWZvci1zdGVhbS1oZWF0aW5nLWNvaWxzLWFyZS10eXBpY2FsbHkiLCJhciI6W119fQ.cfU3WuHeSMqsFYQdSvh6HiuZl-ML_n9ItWNAPpMRsiI; expires=Sun, 22 Dec 2024 23:49:44 GMT; path=/; secure; SameSite=None
Host: railroadunofficial.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1ae7b9f945bf42aff335b41f1a13d031
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET rashseedlingexpenditure.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWtkxRet95vwWzgrh9npopcK0nmvP16nHUGMMRKMk3FGcUBlqPeqXqfs6qpnffTrtJtgQGbZs9TVy%2Blk4sco%2Bgc4SGdQZEBIL4QsjAv%2FhIHBpXRPsPVCce%2B55xacOrc%2B3fdnpA5PT9fe1EMhJV1uVsPKczej6EplUyg%2FqAxW4ltx40rF9F9sx9Xw%2BcrrPO3q5VoYhWEURpV1YXimB8szEiK%2F146q7bDaqFWjZgMD819sfQBLA7D%2BGbkEwaZLD4LLEOkEqvfdGrddp%2FMXXut5SZ026LOjd1RX6UKhtygzEyBTR%2BfT0PZk%2FT60OpzLhe7%2FM5iIKQl%2Bvo9EHZ2LRNI%2FmOtMJLhCwi6i6E%2FA5QSCTpDqPQh2QoCU4eoWVO%2FuVW0KuvOEpTN2SpYeP4IopmTp98tQvW9XpRhUbmjpndDKYpCVEIMJRGeC3B%2FDDQOI4hip%2BwSC%2FUqWH29C9Q62rNQQrJy%2FXYgJRDaB5CNQG8DPjgjgswA%2BD9Bjp5U0iqJWyFIarrTTtM5aPIlZGNFWFtEojFfg05m8EVw%2BQipHSM0ucrOLrrhz0rwE43%2BE3S5hWQDrpiR4axd9VqLgBIUlKChBIQgKR1D0y0Mmbc2Wd5m0PonOc%2B0818uxdp19eqhdhysCakYwrDwQ%2BUd2D6m7MB5m9oOxzizbz8%2FI0zPbgve%2BuIkuP62EtFFr1JN21ExiyrNWyuNG2M7qjXaLtZtZAitKCPu%2FuRNDMSWtj1vIxZRcOH6EhB7DymOk4gKoj0CLEnS7xFB9Q72hjneVriruwHSJ3C3B7QT78ow8M9%2FcS3%2F8BJ4%2BJOeB1JTITYkPxQOCjrw9vq4LcnBdF5Z8v5U70RNDOtvqDUcd%2F%2F9Xb%2FCdQhu2sWZHX76SzohZee9tbt0mVUyojiVfrwrGuFnXJuXkhw37Lk%2Buebu96o3y%2Bea1V9c3ernh1gqtJqDiZOsvpGJKLj775%2Fy7Vn67BWEmML5Ezy%2BUCj1Bmu%2FC5oue1QRGLnCSByh8OTa1ZNGUgkDyBaZJCfsvnCzqsaGz21SU%2B%2FY2OiYAdXtQvRJ9U6IvS1A5gvVPjV1uHr78y2ez%2BByJDMaJNMFBIo2888RkK04rrXo9pHG7GbValLeSRm0liyNGaa0R1%2BKY1uHstLN9%2BP7fAQAA%2F%2F8oYUopgwQAAA%3D%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
rashseedlingexpenditure.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWtkxRet95vwWzgrh9npopcK0nmvP16nHUGMMRKMk3FGcUBlqPeqXqfs6qpnffTrtJtgQGbZs9TVy%2Blk4sco%2Bgc4SGdQZEBIL4QsjAv%2FhIHBpXRPsPVCce%2B55xacOrc%2B3fdnpA5PT9fe1EMhJV1uVsPKczej6EplUyg%2FqAxW4ltx40rF9F9sx9Xw%2BcrrPO3q5VoYhWEURpV1YXimB8szEiK%2F146q7bDaqFWjZgMD819sfQBLA7D%2BGbkEwaZLD4LLEOkEqvfdGrddp%2FMXXut5SZ026LOjd1RX6UKhtygzEyBTR%2BfT0PZk%2FT60OpzLhe7%2FM5iIKQl%2Bvo9EHZ2LRNI%2FmOtMJLhCwi6i6E%2FA5QSCTpDqPQh2QoCU4eoWVO%2FuVW0KuvOEpTN2SpYeP4IopmTp98tQvW9XpRhUbmjpndDKYpCVEIMJRGeC3B%2FDDQOI4hip%2BwSC%2FUqWH29C9Q62rNQQrJy%2FXYgJRDaB5CNQG8DPjgjgswA%2BD9Bjp5U0iqJWyFIarrTTtM5aPIlZGNFWFtEojFfg05m8EVw%2BQipHSM0ucrOLrrhz0rwE43%2BE3S5hWQDrpiR4axd9VqLgBIUlKChBIQgKR1D0y0Mmbc2Wd5m0PonOc%2B0818uxdp19eqhdhysCakYwrDwQ%2BUd2D6m7MB5m9oOxzizbz8%2FI0zPbgve%2BuIkuP62EtFFr1JN21ExiyrNWyuNG2M7qjXaLtZtZAitKCPu%2FuRNDMSWtj1vIxZRcOH6EhB7DymOk4gKoj0CLEnS7xFB9Q72hjneVriruwHSJ3C3B7QT78ow8M9%2FcS3%2F8BJ4%2BJOeB1JTITYkPxQOCjrw9vq4LcnBdF5Z8v5U70RNDOtvqDUcd%2F%2F9Xb%2FCdQhu2sWZHX76SzohZee9tbt0mVUyojiVfrwrGuFnXJuXkhw37Lk%2Buebu96o3y%2Bea1V9c3ernh1gqtJqDiZOsvpGJKLj775%2Fy7Vn67BWEmML5Ezy%2BUCj1Bmu%2FC5oue1QRGLnCSByh8OTa1ZNGUgkDyBaZJCfsvnCzqsaGz21SU%2B%2FY2OiYAdXtQvRJ9U6IvS1A5gvVPjV1uHr78y2ez%2BByJDMaJNMFBIo2888RkK04rrXo9pHG7GbValLeSRm0liyNGaa0R1%2BKY1uHstLN9%2BP7fAQAA%2F%2F8oYUopgwQAAA%3D%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrashseedlingexpenditure.com
Fingerprint59:40:95:06:96:10:7E:EE:58:0F:ED:0F:C7:37:9D:14:13:4F:03:0C
ValidityTue, 26 Nov 2024 08:16:01 GMT - Mon, 24 Feb 2025 08:16:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWtkxRet95vwWzgrh9npopcK0nmvP16nHUGMMRKMk3FGcUBlqPeqXqfs6qpnffTrtJtgQGbZs9TVy%2Blk4sco%2Bgc4SGdQZEBIL4QsjAv%2FhIHBpXRPsPVCce%2B55xacOrc%2B3fdnpA5PT9fe1EMhJV1uVsPKczej6EplUyg%2FqAxW4ltx40rF9F9sx9Xw%2BcrrPO3q5VoYhWEURpV1YXimB8szEiK%2F146q7bDaqFWjZgMD819sfQBLA7D%2BGbkEwaZLD4LLEOkEqvfdGrddp%2FMXXut5SZ026LOjd1RX6UKhtygzEyBTR%2BfT0PZk%2FT60OpzLhe7%2FM5iIKQl%2Bvo9EHZ2LRNI%2FmOtMJLhCwi6i6E%2FA5QSCTpDqPQh2QoCU4eoWVO%2FuVW0KuvOEpTN2SpYeP4IopmTp98tQvW9XpRhUbmjpndDKYpCVEIMJRGeC3B%2FDDQOI4hip%2BwSC%2FUqWH29C9Q62rNQQrJy%2FXYgJRDaB5CNQG8DPjgjgswA%2BD9Bjp5U0iqJWyFIarrTTtM5aPIlZGNFWFtEojFfg05m8EVw%2BQipHSM0ucrOLrrhz0rwE43%2BE3S5hWQDrpiR4axd9VqLgBIUlKChBIQgKR1D0y0Mmbc2Wd5m0PonOc%2B0818uxdp19eqhdhysCakYwrDwQ%2BUd2D6m7MB5m9oOxzizbz8%2FI0zPbgve%2BuIkuP62EtFFr1JN21ExiyrNWyuNG2M7qjXaLtZtZAitKCPu%2FuRNDMSWtj1vIxZRcOH6EhB7DymOk4gKoj0CLEnS7xFB9Q72hjneVriruwHSJ3C3B7QT78ow8M9%2FcS3%2F8BJ4%2BJOeB1JTITYkPxQOCjrw9vq4LcnBdF5Z8v5U70RNDOtvqDUcd%2F%2F9Xb%2FCdQhu2sWZHX76SzohZee9tbt0mVUyojiVfrwrGuFnXJuXkhw37Lk%2Buebu96o3y%2Bea1V9c3ernh1gqtJqDiZOsvpGJKLj775%2Fy7Vn67BWEmML5Ezy%2BUCj1Bmu%2FC5oue1QRGLnCSByh8OTa1ZNGUgkDyBaZJCfsvnCzqsaGz21SU%2B%2FY2OiYAdXtQvRJ9U6IvS1A5gvVPjV1uHr78y2ez%2BByJDMaJNMFBIo2888RkK04rrXo9pHG7GbValLeSRm0liyNGaa0R1%2BKY1uHstLN9%2BP7fAQAA%2F%2F8oYUopgwQAAA%3D%3D HTTP/1.1
Host: rashseedlingexpenditure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Cookie: u_pl22784088=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: rashseedlingexpenditure.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: dbac56942d1c6292d4e0bf62b219d484
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.asialgst.com.tw/profil.png

104.21.80.227

200 OK

194 kB

URL GET HTTP/3
www.asialgst.com.tw/profil.png
IP
104.21.80.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectasialgst.com.tw
Fingerprint7B:3C:A2:AC:8B:66:09:AB:CA:8F:43:78:3E:C3:93:96:60:4E:67:20
ValidityMon, 09 Dec 2024 15:41:44 GMT - Sun, 09 Mar 2025 15:41:43 GMT

File type
PNG image data, 923 x 740, 8-bit/color RGBA, non-interlaced
Size
194 kB (194148 bytes)
Hash
0ecb16fcde3387b3713c23171a893d09
cfe3c161fb283b1edaad6d93d60b538dfb4fd26e
4a82536fd7a10df27764bc1d956a7423736b4e2c09332d7fabfe25c15f7119c6

HTTP Headers

GET /profil.png HTTP/1.1
Host: www.asialgst.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-type: image/png
content-length: 194148
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"2f664-19160ce8180"
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdkXVyTlF4lvmSc3d81gMBGJMLF%2Foa3GNYV97ga6OEHdFRWsGupagNLaKV4i3VtrNk0D5xEixB1KEezYIj1aacE5dB9pbCUBfpzM8YcoR9SbgZTD0GslXOVrJWtpRIcSLJx%2BeY71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f64011f9cf55688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3801&min_rtt=1045&rtt_var=2807&sent=33&recv=12&lost=0&retrans=0&sent_bytes=26605&recv_bytes=1996&delivery_rate=9995895&cwnd=24000&unsent_bytes=0&cid=2dbc9847a31d3ab6&ts=1241&x=1", cfExtPri, cfHdrFlush;dur=0

GET cdn.storageimagedisplay.com/cti/f1/73/e5/f173e5b31aca4549d4aaa5a0f1ee70bf/1675417618.jpg

45.133.44.2

200 OK

22 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/f1/73/e5/f173e5b31aca4549d4aaa5a0f1ee70bf/1675417618.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3
Size
22 kB (22289 bytes)
Hash
098d043c6a69bd440b0480ec326b0254
6bfbead2bee0465f73cf4bba506f804b146d990c
d45076e92cdc6c92980ea0c0d1637377e6a0d9f45bcb96152621cb61b895c941

HTTP Headers

GET /cti/f1/73/e5/f173e5b31aca4549d4aaa5a0f1ee70bf/1675417618.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-type: image/jpeg
content-length: 22289
server: nginx/1.21.6
last-modified: Fri, 03 Feb 2023 09:47:06 GMT
etag: "63dcd81a-5711"
expires: Tue, 24 Dec 2024 23:48:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET rashseedlingexpenditure.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtkxRet95vwWzgrh9npopcK0nmvP9OOIMYYCcbJOKM4oDLU1%2BuUXf3qWfWqX6fdBAMyy56lrl5OJxM%2FRtE%2FwEFeBkUGhPRCyMK48E8YGFxK9wRbLxT3nntuwalz69N9f0bq8PR07U0zUlrT5WY1rDx3M4quVDZV4oeV4UrrVqtxpWIHL3Za1fD5yuuS98xyLYzCMAqjyrqyMjbD5RkJld7rRNVOWG3UqlGzgaH9L3Y%2BgKMBxOCMXIIS06UHwWUoXiLpf7cmXS8z6Quv9b2mmbEYiKN3kl5i8gT9RRnbAHFydD4N407W78Mkh3O5MIN%2FBpmakuDn%2B2DJ0blIsMHBXCfTkAmYuIh8UELqEoqW4GYPSpwQgAtc3ULSv3vV2JzuPGHpjJ2SpcePoPIpWfr9MpL%2Bt6taDSs3jPaZMonDMC6ghiVUt0Tqj5GNAqj8GDz7BEr8SpYfbyLpH2w5baBEMX%2B7UiVUXELLMagL4GdHBfBxAJ8G6IvTCo%2BiqB0KTsOVDud10ZasJcKItuOIRmFrBZ7P5I2RpWNwPQa3u0jtLnrqzknzEqz%2FEW67gBMBXDYlwVu7GIgCuSTIHUFOCXJFkGcE%2BaA4FNrVXHFXaOdZdJ5r57leTEzW3aeHJuvKhIDaMawoDlT6kdsDzy5MRrH7YGJiJ%2FbTM%2FL0zLbgvS9uoidPKyFt1Bp11omarEVl3Oay1Qg7cb3RaYtOM2ZwqoBy%2F5s7MVJT0v64jVRNyYXjR2D0GE4fg6sLoD4CzQvQ7QKj5BvqLc1kLzHVRGYQpkCaLSHbCfb1GXlmvrmX%2FvgJkj8k5wFuC6S2wIfqAUFX355cNzk5uG5yR77fSjPVVyM62%2BqNjGby%2F1%2B9IXdyY8XGmht%2F%2BQqfEbPy3tvSZZs0ESrpOvL1qhJC2nVjuSQ%2FbLh3Jbvm3faqt4lPN6%2B9ur7RT610TpmkBFUnW3%2BBqym5%2BOyf8%2B9a%2Be0WlC1hfYG%2BXyhVpgRPd%2BHSRc8ZAqsXmKUBcl9MbI0tmloRaLnAlBVw%2F8JsUU8snd2mqth3t9G1AWi2h6RfYGALDHQBqsdw%2FqlJltqHL%2F%2Fy2Sw%2BB9PBhGkbHDBt9Z0nJjt1WqmHos1kLNtMNpqNWHLBmk0W8pizulhZ4cjctLt9%2BP7fAQAA%2F%2F%2BotZ%2FBgwQAAA%3D%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
rashseedlingexpenditure.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtkxRet95vwWzgrh9npopcK0nmvP9OOIMYYCcbJOKM4oDLU1%2BuUXf3qWfWqX6fdBAMyy56lrl5OJxM%2FRtE%2FwEFeBkUGhPRCyMK48E8YGFxK9wRbLxT3nntuwalz69N9f0bq8PR07U0zUlrT5WY1rDx3M4quVDZV4oeV4UrrVqtxpWIHL3Za1fD5yuuS98xyLYzCMAqjyrqyMjbD5RkJld7rRNVOWG3UqlGzgaH9L3Y%2BgKMBxOCMXIIS06UHwWUoXiLpf7cmXS8z6Quv9b2mmbEYiKN3kl5i8gT9RRnbAHFydD4N407W78Mkh3O5MIN%2FBpmakuDn%2B2DJ0blIsMHBXCfTkAmYuIh8UELqEoqW4GYPSpwQgAtc3ULSv3vV2JzuPGHpjJ2SpcePoPIpWfr9MpL%2Bt6taDSs3jPaZMonDMC6ghiVUt0Tqj5GNAqj8GDz7BEr8SpYfbyLpH2w5baBEMX%2B7UiVUXELLMagL4GdHBfBxAJ8G6IvTCo%2BiqB0KTsOVDud10ZasJcKItuOIRmFrBZ7P5I2RpWNwPQa3u0jtLnrqzknzEqz%2FEW67gBMBXDYlwVu7GIgCuSTIHUFOCXJFkGcE%2BaA4FNrVXHFXaOdZdJ5r57leTEzW3aeHJuvKhIDaMawoDlT6kdsDzy5MRrH7YGJiJ%2FbTM%2FL0zLbgvS9uoidPKyFt1Bp11omarEVl3Oay1Qg7cb3RaYtOM2ZwqoBy%2F5s7MVJT0v64jVRNyYXjR2D0GE4fg6sLoD4CzQvQ7QKj5BvqLc1kLzHVRGYQpkCaLSHbCfb1GXlmvrmX%2FvgJkj8k5wFuC6S2wIfqAUFX355cNzk5uG5yR77fSjPVVyM62%2BqNjGby%2F1%2B9IXdyY8XGmht%2F%2BQqfEbPy3tvSZZs0ESrpOvL1qhJC2nVjuSQ%2FbLh3Jbvm3faqt4lPN6%2B9ur7RT610TpmkBFUnW3%2BBqym5%2BOyf8%2B9a%2Be0WlC1hfYG%2BXyhVpgRPd%2BHSRc8ZAqsXmKUBcl9MbI0tmloRaLnAlBVw%2F8JsUU8snd2mqth3t9G1AWi2h6RfYGALDHQBqsdw%2FqlJltqHL%2F%2Fy2Sw%2BB9PBhGkbHDBt9Z0nJjt1WqmHos1kLNtMNpqNWHLBmk0W8pizulhZ4cjctLt9%2BP7fAQAA%2F%2F%2BotZ%2FBgwQAAA%3D%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrashseedlingexpenditure.com
Fingerprint59:40:95:06:96:10:7E:EE:58:0F:ED:0F:C7:37:9D:14:13:4F:03:0C
ValidityTue, 26 Nov 2024 08:16:01 GMT - Mon, 24 Feb 2025 08:16:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtkxRet95vwWzgrh9npopcK0nmvP9OOIMYYCcbJOKM4oDLU1%2BuUXf3qWfWqX6fdBAMyy56lrl5OJxM%2FRtE%2FwEFeBkUGhPRCyMK48E8YGFxK9wRbLxT3nntuwalz69N9f0bq8PR07U0zUlrT5WY1rDx3M4quVDZV4oeV4UrrVqtxpWIHL3Za1fD5yuuS98xyLYzCMAqjyrqyMjbD5RkJld7rRNVOWG3UqlGzgaH9L3Y%2BgKMBxOCMXIIS06UHwWUoXiLpf7cmXS8z6Quv9b2mmbEYiKN3kl5i8gT9RRnbAHFydD4N407W78Mkh3O5MIN%2FBpmakuDn%2B2DJ0blIsMHBXCfTkAmYuIh8UELqEoqW4GYPSpwQgAtc3ULSv3vV2JzuPGHpjJ2SpcePoPIpWfr9MpL%2Bt6taDSs3jPaZMonDMC6ghiVUt0Tqj5GNAqj8GDz7BEr8SpYfbyLpH2w5baBEMX%2B7UiVUXELLMagL4GdHBfBxAJ8G6IvTCo%2BiqB0KTsOVDud10ZasJcKItuOIRmFrBZ7P5I2RpWNwPQa3u0jtLnrqzknzEqz%2FEW67gBMBXDYlwVu7GIgCuSTIHUFOCXJFkGcE%2BaA4FNrVXHFXaOdZdJ5r57leTEzW3aeHJuvKhIDaMawoDlT6kdsDzy5MRrH7YGJiJ%2FbTM%2FL0zLbgvS9uoidPKyFt1Bp11omarEVl3Oay1Qg7cb3RaYtOM2ZwqoBy%2F5s7MVJT0v64jVRNyYXjR2D0GE4fg6sLoD4CzQvQ7QKj5BvqLc1kLzHVRGYQpkCaLSHbCfb1GXlmvrmX%2FvgJkj8k5wFuC6S2wIfqAUFX355cNzk5uG5yR77fSjPVVyM62%2BqNjGby%2F1%2B9IXdyY8XGmht%2F%2BQqfEbPy3tvSZZs0ESrpOvL1qhJC2nVjuSQ%2FbLh3Jbvm3faqt4lPN6%2B9ur7RT610TpmkBFUnW3%2BBqym5%2BOyf8%2B9a%2Be0WlC1hfYG%2BXyhVpgRPd%2BHSRc8ZAqsXmKUBcl9MbI0tmloRaLnAlBVw%2F8JsUU8snd2mqth3t9G1AWi2h6RfYGALDHQBqsdw%2FqlJltqHL%2F%2Fy2Sw%2BB9PBhGkbHDBt9Z0nJjt1WqmHos1kLNtMNpqNWHLBmk0W8pizulhZ4cjctLt9%2BP7fAQAA%2F%2F%2BotZ%2FBgwQAAA%3D%3D HTTP/1.1
Host: rashseedlingexpenditure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Cookie: u_pl22784088=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: rashseedlingexpenditure.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8617225221229f4f4be59cd1281000b4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9c9c02638808d3101e4ef12ae385fb3d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80
ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6ae73c3e91888ea885d68fee6b8958e1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET railroadunofficial.com/watch.826902377576.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1734911384&rb=&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&res=14.2071&rmtc=t&shu=d30d6e043a75a55742f1360a298009ed9136bf6f40d731e5b6c74cf4a8c6993ca32d53bf2e5cae995fdbe49a845fd8f1cbcdb1cc7d7736dc635d01093ad8d018d3e5f0d9526181144c287ffa8eae11242eb6b51338c72ec9825f93&tz=0&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1

172.240.253.132

200 OK

2.0 kB

URL GET HTTP/1.1
railroadunofficial.com/watch.826902377576.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1734911384&rb=&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&res=14.2071&rmtc=t&shu=d30d6e043a75a55742f1360a298009ed9136bf6f40d731e5b6c74cf4a8c6993ca32d53bf2e5cae995fdbe49a845fd8f1cbcdb1cc7d7736dc635d01093ad8d018d3e5f0d9526181144c287ffa8eae11242eb6b51338c72ec9825f93&tz=0&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectrailroadunofficial.com
Fingerprint64:8B:23:B0:0C:AA:FE:FC:2F:C5:22:E2:08:9C:23:5C:CB:42:67:B7
ValidityFri, 13 Dec 2024 21:30:23 GMT - Thu, 13 Mar 2025 21:30:22 GMT

File type
JavaScript source, ASCII text, with very long lines (2462)
Size
2.0 kB (2008 bytes)
Hash
94c24eae994c3df58ea027fdfe491fdf
a4e6155339bded19f3926ccc11bebedcb1b0e8d6
941a22d6c0296bec98497383683f0d22b2c0b1a7f9ecb184802a49477530e585

HTTP Headers

GET /watch.826902377576.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1734911384&rb=&refer=https%3A%2F%2Fwww.asialgst.com.tw%2Fimgen452%2Fcontrol-valves-used-for-steam-heating-coils-are-typically&res=14.2071&rmtc=t&shu=d30d6e043a75a55742f1360a298009ed9136bf6f40d731e5b6c74cf4a8c6993ca32d53bf2e5cae995fdbe49a845fd8f1cbcdb1cc7d7736dc635d01093ad8d018d3e5f0d9526181144c287ffa8eae11242eb6b51338c72ec9825f93&tz=0&uuid=78392632-d58d-4904-8fe3-d8437c61fb80%3A3%3A1 HTTP/1.1
Host: railroadunofficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.asialgst.com.tw
Referer: https://www.asialgst.com.tw/
DNT: 1
Connection: keep-alive
Cookie: u_pl22609139=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmFzaWFsZ3N0LmNvbS50dy9pbWdlbjQ1Mi9jb250cm9sLXZhbHZlcy11c2VkLWZvci1zdGVhbS1oZWF0aW5nLWNvaWxzLWFyZS10eXBpY2FsbHkiLCJhciI6W119fQ.cfU3WuHeSMqsFYQdSvh6HiuZl-ML_n9ItWNAPpMRsiI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.asialgst.com.tw
Access-Control-Allow-Origin: https://www.asialgst.com.tw
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=78392632-d58d-4904-8fe3-d8437c61fb80:3:1; expires=Sun, 29 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Mon, 23 Dec 2024 23:48:44 GMT; path=/; secure; SameSite=None
Host: railroadunofficial.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 87311157e426c09e9adb77e90ea65a05
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET positivelyassertappreciation.com/pixel/purst?dl=0&th=0&sc=0&rs=1733&rd=1733&fd=497&bv=24.12.6652&tmpl=136

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
positivelyassertappreciation.com/pixel/purst?dl=0&th=0&sc=0&rs=1733&rd=1733&fd=497&bv=24.12.6652&tmpl=136
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectpositivelyassertappreciation.com
FingerprintE0:44:18:59:C4:FB:14:BA:D7:7C:C6:8E:E8:B0:46:C7:F7:19:00:F1
ValidityFri, 13 Dec 2024 21:26:59 GMT - Thu, 13 Mar 2025 21:26:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1733&rd=1733&fd=497&bv=24.12.6652&tmpl=136 HTTP/1.1
Host: positivelyassertappreciation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Dec 2024 23:48:45 GMT
Content-Length: 0
Connection: keep-alive
Host: positivelyassertappreciation.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.storageimagedisplay.com/cti/7d/77/a2/7d77a2636ed6c3c92f428e166d024bfe/1707813818.png

45.133.44.2

200 OK

140 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/7d/77/a2/7d77a2636ed6c3c92f428e166d024bfe/1707813818.png
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
140 kB (139767 bytes)
Hash
966bed299453e601c8406eedb711fdf8
84186a42e8ca60c25e756222d0a2f9197a7f4786
3516e8b320223c89168e9ef12182f06c7cfd8c9c2c5dc11e7a20a02da9b5984f

HTTP Headers

GET /cti/7d/77/a2/7d77a2636ed6c3c92f428e166d024bfe/1707813818.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:45 GMT
content-type: image/png
content-length: 139767
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:43:47 GMT
etag: "65cb2bc3-221f7"
expires: Tue, 24 Dec 2024 23:48:45 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=5d2a7722-cac5-4fbd-be01-0ca48dbc3fed&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=5d2a7722-cac5-4fbd-be01-0ca48dbc3fed&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5d2a7722-cac5-4fbd-be01-0ca48dbc3fed&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 23:48:45 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0b7bed9581f7f2d9bb0ff77a47e4d194
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.asialgst.com.tw/image/control-valves-used-for-steam-heating-coils-are-typically.jpeg

104.21.80.227

200 OK

25 kB

URL GET HTTP/3
www.asialgst.com.tw/image/control-valves-used-for-steam-heating-coils-are-typically.jpeg
IP
104.21.80.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectasialgst.com.tw
Fingerprint7B:3C:A2:AC:8B:66:09:AB:CA:8F:43:78:3E:C3:93:96:60:4E:67:20
ValidityMon, 09 Dec 2024 15:41:44 GMT - Sun, 09 Mar 2025 15:41:43 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 994x300, components 3
Size
25 kB (25146 bytes)
Hash
4fc05efd1aabeb98515a71bbf02c9603
5b7846b5bbe9cb5d4883e31b0fa5a5f1a3bb8c64
c2a61eedb205c8021b6845dbae1acc80ebcf6dbfc45af29f42dd984cf65bf36d

HTTP Headers

GET /image/control-valves-used-for-steam-heating-coils-are-typically.jpeg HTTP/1.1
Host: www.asialgst.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: MISS
last-modified: Sun, 22 Dec 2024 23:48:44 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evNN8KXlPlqStseP4tmk4gcALHnysofmgdqwsBy65vk4HLMdLI8tJ1hTg9lJym5KI1tQeibhkxtLUIMUepbVKZ4z8MwXfDRqDcdFgn2nXkejwZORlnRsjxn5aAXNh6saVXMYqvOu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f64011f9cf85688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4568&min_rtt=1969&rtt_var=2594&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=1910&delivery_rate=301531&cwnd=12000&unsent_bytes=0&cid=2dbc9847a31d3ab6&ts=1117&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.asialgst.com.tw/js/highlight.min.js

104.21.80.227

200 OK

123 kB

URL GET HTTP/3
www.asialgst.com.tw/js/highlight.min.js
IP
104.21.80.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectasialgst.com.tw
Fingerprint7B:3C:A2:AC:8B:66:09:AB:CA:8F:43:78:3E:C3:93:96:60:4E:67:20
ValidityMon, 09 Dec 2024 15:41:44 GMT - Sun, 09 Mar 2025 15:41:43 GMT

File type
JavaScript source, ASCII text, with very long lines (7910), with CRLF line terminators
Size
123 kB (122939 bytes)
Hash
ce552ffc8630869b9d3a215fca292098
6324f32bee04e9925adde9522dfe78eeae4858d5
30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812

HTTP Headers

GET /js/highlight.min.js HTTP/1.1
Host: www.asialgst.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 23:48:44 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"1e03b-19160ce8180"
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bv5XkW3fl8VZ9cBsBhNRxfcyfD4h3G2Tccc%2Fku2yz%2F9Vwpwl%2B46KHIAKu7DZfwQ7F%2FCTVXsEd0LuwE64%2BfY9DS9VDVLaxQtAuWW2q%2FpQguZop5WUHKj8Mr%2FLyuUKHbUHGbOrWfBN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f64011fad045688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2896&min_rtt=778&rtt_var=1927&sent=200&recv=16&lost=0&retrans=0&sent_bytes=226305&recv_bytes=2173&delivery_rate=28877356&cwnd=189600&unsent_bytes=0&cid=2dbc9847a31d3ab6&ts=1355&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.asialgst.com.tw/favicon.ico

104.21.80.227

200 OK

1.6 kB

URL GET HTTP/3
www.asialgst.com.tw/favicon.ico
IP
104.21.80.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectasialgst.com.tw
Fingerprint7B:3C:A2:AC:8B:66:09:AB:CA:8F:43:78:3E:C3:93:96:60:4E:67:20
ValidityMon, 09 Dec 2024 15:41:44 GMT - Sun, 09 Mar 2025 15:41:43 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 61x60, components 3
Size
1.6 kB (1560 bytes)
Hash
defa547c534dc5efbd17a38ce1811a02
57430b1294a8c02fd41735363606ea5c01bd9db0
63303e092d818e3fed497001e848905956c646fe608d29c0c28fed2d2a15a9ce

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.asialgst.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=5d2a7722-cac5-4fbd-be01-0ca48dbc3fed%3A2%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=rashseedlingexpenditure.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 23:48:45 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
age: 277173
cf-cache-status: HIT
last-modified: Thu, 19 Dec 2024 18:49:11 GMT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnSck%2BHfbkP0cYOSY3calBdLS3YfTP9P1NDGv9O3UkoZtQ896Q552byhoKwAGr6XLSO6eYxrEXzOsfynEJCTJv8mZFtHPsT65nju77CSsssQnkz%2F5iWpN2CQfQXSXNw77AE6iBY5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f640125ea325688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3009&min_rtt=778&rtt_var=2078&sent=238&recv=19&lost=0&retrans=0&sent_bytes=270325&recv_bytes=3087&delivery_rate=7911158&cwnd=189600&unsent_bytes=0&cid=2dbc9847a31d3ab6&ts=1823&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.asialgst.com.tw/apple-touch-icon.png

104.21.80.227

404 Not Found

32 kB

URL GET HTTP/3
www.asialgst.com.tw/apple-touch-icon.png
IP
104.21.80.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Certificate
IssuerGoogle Trust Services
Subjectasialgst.com.tw
Fingerprint7B:3C:A2:AC:8B:66:09:AB:CA:8F:43:78:3E:C3:93:96:60:4E:67:20
ValidityMon, 09 Dec 2024 15:41:44 GMT - Sun, 09 Mar 2025 15:41:43 GMT

File type

Size
32 kB (32276 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.asialgst.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=5d2a7722-cac5-4fbd-be01-0ca48dbc3fed%3A2%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=rashseedlingexpenditure.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 22 Dec 2024 23:48:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1cc050zbKa6CVKlYiUbLPqPsQnvyr85Ep2WMdP5ObO1yj4GGd5eAH947omrKFfGfPwc3zXONXusMnqK9d5rX1v7B7n7uJIp5NXRRCLnVu7x4Z6lIfsgwBbLzY13Cxydm5XaHeAm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f640125ea315688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2782&min_rtt=778&rtt_var=2014&sent=241&recv=20&lost=0&retrans=0&sent_bytes=272515&recv_bytes=3132&delivery_rate=232592&cwnd=189600&unsent_bytes=0&cid=2dbc9847a31d3ab6&ts=2043&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically

104.21.80.227

200 OK

76 kB

URL User Request GET HTTP/2
www.asialgst.com.tw/imgen452/control-valves-used-for-steam-heating-coils-are-typically
IP
104.21.80.227:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectasialgst.com.tw
Fingerprint7B:3C:A2:AC:8B:66:09:AB:CA:8F:43:78:3E:C3:93:96:60:4E:67:20
ValidityMon, 09 Dec 2024 15:41:44 GMT - Sun, 09 Mar 2025 15:41:43 GMT

File type
HTML document, ASCII text, with very long lines (7920)
Size
76 kB (76317 bytes)
Hash
841d68f0a109020c92484def737c02b5
8e43f40d0bb9d4c3f5c3618dc38912586a2f819c
46e24ad97eec0e6ad6973581df74fa13f1e498100ce3524f46efc04746404415

HTTP Headers

GET /imgen452/control-valves-used-for-steam-heating-coils-are-typically HTTP/1.1
Host: www.asialgst.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 23:48:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lBFLBvIJokV8w2MuxjsPupPj1sEGw%2FJSIRbYTDdzibqF0SwCwbMG85His8d9bZT44HwOHkuq7JYUDP2oW869VjOkE4zrU%2FGGDJnje%2FuGRjZSLiELQyNQydsZVcdME7ihf9jAdZ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f640117face0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6953&min_rtt=704&rtt_var=12133&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1298&delivery_rate=3004149&cwnd=254&unsent_bytes=0&cid=996dcbed48f0fa16&ts=409&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL