r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4267
Expires: Mon, 26 Sep 2022 14:53:54 GMT
Date: Mon, 26 Sep 2022 13:42:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 13:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G43wLs4Z7X3JfE2M6yWy7TG50EBhWGi0rmuOSH5VcxYzpFs2eT0rug==
Age: 1649
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l0mo94rKq7qRhkJS9DWJcD-NfUy7rxUwUxOHOu0a_8jCE1ykx4a_2g==
age: 32852
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 13:42:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.harford.com.cn/
47.243.50.129301 Moved Permanently 162 B IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 13:42:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.harford.com.cn/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 13:10:46 GMT
Expires: Mon, 26 Sep 2022 13:29:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i76SleHNQM4ob46fgluDWq7PFqHd9uep6J4O__pTAnMU21x5QOWsPg==
Age: 1922
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 665
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:48 GMT
Last-Modified: Mon, 26 Sep 2022 13:31:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TfOwrFIoumXSqgxxKVX+XA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TRi6MlwUDJv7Wndhb0qFxDSivDM=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31ae2cfeee388ce0aaaea480cb3c8170
eab6023683ff7fbbbcf815cecd9f9596079a8a79
1585395053b923df18dce3379aa2ad5b3a2c1c71c14d7bab61de75ca88c999c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:48 GMT
Server: ECS (amb/6B90)
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6784
Expires: Mon, 26 Sep 2022 15:35:53 GMT
Date: Mon, 26 Sep 2022 13:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6784
Expires: Mon, 26 Sep 2022 15:35:53 GMT
Date: Mon, 26 Sep 2022 13:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6784
Expires: Mon, 26 Sep 2022 15:35:53 GMT
Date: Mon, 26 Sep 2022 13:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6784
Expires: Mon, 26 Sep 2022 15:35:53 GMT
Date: Mon, 26 Sep 2022 13:42:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 53573
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 55329
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75a459d4f554d38a1701e727185c7e91
042d4b6927f80c5a44bb7baf77b763577c19ed36
c01b0d3a28ed31ec9432d879310cffa313260f97044f1ed473aa0331bdba5607
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7648
x-amzn-requestid: 359116cc-4e08-4c57-8aba-0aa7bd232c98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKWG2BIAMFlHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca42-2130239f2dab781c0f49f0e4;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sGZMSLXPUq8Ssxe_SFGePrvvnUGePGb7ZQn3RYH20EKwN2vzpA1RjQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 57237
etag: "042d4b6927f80c5a44bb7baf77b763577c19ed36"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 57914
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 988b0c94c41a21c736b330c3256d0a3c
c16a6f018bd80c6390b7a07f4e6698db7bfd28b0
3034912f83810b3999ffa90f5eeaf0f45773c592cfd3cf2bfb794ea1b150158c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9070
x-amzn-requestid: 2aceb075-d4bc-45b8-8330-5e719c565f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKEEdPoAMFsNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca40-3f120e0774b1d58a08898c39;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: feNiTFDhUx-BfoiybnKj83hCq6CCoiMeOSEHyFs8b7cLIgKvnO1Cdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:04:42 GMT
age: 56287
etag: "c16a6f018bd80c6390b7a07f4e6698db7bfd28b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 55953
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.harford.com.cn/
47.243.50.129200 OK 15 kB IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 72b6d77893b7ed0e014d5e895b9a2e64
248860d4347574215ee45dbf0ab056b030e831e2
e98eca836553d0fbe8489308d4c499f1bdd166a16f0985fbbfbe2e3a31654919
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://www.harford.com.cn/wp-json/>; rel="https://api.w.org/", <https://www.harford.com.cn/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://www.harford.com.cn/>; rel=shortlink
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.harford.com.cn/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
47.243.50.129200 OK 12 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (43771)
Hash 88f413500303dc21250157a6aa913a32
ca138ec102d96e6d7b30bf83b7dab60a16f0b5d6
65e072ca8d53bf38d5dde355a039a61f6c7204206a9a58ded75d2d2730cc0999
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Wed, 13 Jul 2022 01:41:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ce22b3-15b64"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
47.243.50.129200 OK 1.3 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (4933), with no line terminators
Hash d2d7f4c273d3b4cd972a337969b14754
b441775d1dcba61a5234df0256a40c7f58a8b059
fcfdbdf2a45072bbb545934d419cf76e5272d3193742eb8b659e938cafab4cdf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:41:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c39-1345"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.google.com/maps/api/js
216.58.211.14200 OK 54 kB URL HTTP/2 maps.google.com/maps/api/js
IP 216.58.211.14:0
File type ASCII text, with very long lines (2518)
Hash 07a72434e2db1e2ba521d3135c9c107c
8a04fe9d5c102e9a7c62098674a933b0d08e464c
b5b417a8efd4030aad15ce92f87276865f6d9e6089b845d5900a1ed688f2f426
GET /maps/api/js HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 26 Sep 2022 13:42:51 GMT
expires: Mon, 26 Sep 2022 14:12:51 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54065
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.harford.com.cn/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.15
47.243.50.129200 OK 9.1 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.15
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash 3196884f808a2af80444c66dfe941bfa
a2a7b8fa16183015f2415567a02d0dd956eb858d
7e6719a42306cbc5a8c7701c5ad6365e7e01220d2b4970ecf5d781bd8d0ed947
GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.15 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 09:10:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c6a305-cb08"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.15
47.243.50.129200 OK 2.4 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.15
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash ff742cf973c02adfbb9a9c3ca6c96753
193c469f0b7b6e68f6c528f92a6b9f2da3a5aed0
92986e8aec56577fbb6825ab0ead1300f9b3dfa073ddb1a9d3ef7204200b0af5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.15 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 09:10:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c6a305-3177"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
47.243.50.129200 OK 972 B URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:40:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69be8-aab"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 660eacb6f1559b2c596b0885b7b4a4da
51e1a22ecaf902ae5c28404e6131fca756077b67
ebfa3fd65915d83fea29b4210cfd417ad94e96d4ca0ac063d1ace29c2dc54279
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:51 GMT
Server: ECS (amb/6B91)
Content-Length: 471
www.harford.com.cn/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.16.15
47.243.50.129200 OK 485 B URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.16.15
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (1387), with no line terminators
Hash 7a4e32330a90e7ee0d000e524fb496f3
f0bf3fc1fef618dc1c178b202599cb5a2b04df7f
3fb1d39039501e918b42d217a27b8e7f1a5161ad6588922d25a801fd14cf61fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.16.15 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:40:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c0c-56b"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.6.1
47.243.50.129200 OK 2.6 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (17809), with no line terminators
Hash be0befa6b3a8509adb68e2a5a976978b
ebf3b07fac78db7fc7617a802912388fe0e28438
018ccaf9b85e8352adbac26932fb2123993f4fb96d8248a1cd5a44d7679937ad
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-4591"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
47.243.50.129200 OK 22 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 2903227875f2321a83905b2721276333
54f94947b90641ef69105a9afae86e131b9a633c
a036a516c1362cff2c70a4afae278596abd765cded85263140d9399adccd9959
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:41:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c39-33aa6"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
47.243.50.129200 OK 232 B URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 47f1feb5aaf7fb422aad353e698138de
8b77ee83100e8286bc80df691929aa655e21c9de
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Content-Length: 232
Last-Modified: Thu, 07 Jul 2022 08:41:10 GMT
Connection: keep-alive
ETag: "62c69c26-e8"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.6.1
47.243.50.129200 OK 8.9 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 5e6f0816cfea75222a4c840a9bc95c2d
73bfbef7c9dbbc5033c432b6b12c6dbffd017c43
8dadb86fcb6d0d3eafb86089bb65845d072a3964c0a12f266ea410e2faff60f0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-f523"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
47.243.50.129200 OK 4.2 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb4e3fe-2bd8"
Content-Encoding: gzip
www.harford.com.cn/wp-content/themes/buildpress/assets/js/modernizr.custom.24530.js
47.243.50.129200 OK 1.8 kB URL HTTP/1.1 www.harford.com.cn/wp-content/themes/buildpress/assets/js/modernizr.custom.24530.js
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document, ASCII text, with very long lines (3446)
Hash 8cc521ec3ebb8dfa5ecae7e85013ffd4
510e753ea6980b46d29bff769b9bc3db321249c8
754f42ea40ea9b05d9a80e3872f526ab42025a0ee247c16d63e08b34979b3c4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildpress/assets/js/modernizr.custom.24530.js HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 May 2022 17:46:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627d47f2-e3e"
Content-Encoding: gzip
www.harford.com.cn/wp-content/themes/buildpress/bower_components/respimage/respimage.min.js?ver=1.2.0
47.243.50.129200 OK 4.1 kB URL HTTP/1.1 www.harford.com.cn/wp-content/themes/buildpress/bower_components/respimage/respimage.min.js?ver=1.2.0
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (8789)
Hash c51fc93dcfcd408c158fcb30f3161e7a
70d07aabb7f64898f0db5c9f60324a40fc3a3859
59ec427d1f3130075d3c463da169f1f6d96b5f69cdad94a443ef8ff955f54cd9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildpress/bower_components/respimage/respimage.min.js?ver=1.2.0 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Mar 2015 01:52:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"551214d6-228a"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
47.243.50.129200 OK 5.0 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 12 Apr 2022 05:56:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62551488-48b9"
Content-Encoding: gzip
www.harford.com.cn/wp-content/themes/buildpress/style.css?ver=5.6.5
47.243.50.129200 OK 37 kB URL HTTP/1.1 www.harford.com.cn/wp-content/themes/buildpress/style.css?ver=5.6.5
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type assembler source, Unicode text, UTF-8 text, with very long lines (540)
Hash 6f6d2cd25feab89ca51c3ad0681db9d9
5ed40aa30f2e16c021ca5c2da99ff0bde3052d28
7ab388880fdba7cb1cb766feaa056b1a28ea7e80ea41f91f59f64e159d281c18
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildpress/style.css?ver=5.6.5 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: text/css
Last-Modified: Thu, 12 May 2022 17:47:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627d483e-383d7"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
47.243.50.129200 OK 31 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:51 GMT
Content-Type: application/javascript
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6048e0ac-15db1"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
47.243.50.129200 OK 2.6 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Sep 2020 15:53:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f735862-2bf8"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.harford.com.cn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:26:57 GMT
expires: Thu, 21 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 411355
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.harford.com.cn/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
47.243.50.129200 OK 1.2 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Jun 2019 20:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cfaccce-105a"
Content-Encoding: gzip
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.harford.com.cn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 334954
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.harford.com.cn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
47.243.50.129200 OK 2.5 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6254194e-194b"
Content-Encoding: gzip
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.harford.com.cn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:26:57 GMT
expires: Thu, 21 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 411355
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.luxurywatcher.com/uploads/article/3/0/30536/1614064457301.jpg
172.104.79.40200 OK 117 kB URL HTTP/2 www.luxurywatcher.com/uploads/article/3/0/30536/1614064457301.jpg
IP 172.104.79.40:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x600, components 3\012- data
Size 117 kB (116779 bytes)
Hash 6b2d83378aedcd248b67554371d86f70
31d682e3dd3bf2f25ec6b8a3a380b7da08ab3ac7
1444c0edb36b4848e92ad211111923fb5a11a22938cbef0a17e722211ebf4fc7
GET /uploads/article/3/0/30536/1614064457301.jpg HTTP/1.1
Host: www.luxurywatcher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, public
expires: Mon, 03 Oct 2022 13:42:51 GMT
content-type: image/jpeg
last-modified: Tue, 23 Feb 2021 07:09:31 GMT
accept-ranges: bytes
content-length: 116779
date: Mon, 26 Sep 2022 13:42:51 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.harford.com.cn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
47.243.50.129200 OK 7.1 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6254194e-4ac6"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
47.243.50.129200 OK 6.5 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (21821), with no line terminators
Hash 935b2704ae65c0ae9e160f6801c1a586
b044bbd09f47ac4f5defafb667a6a283116275b5
3d5ef8e4d2685ea539cdd441135f714411d666010e88de82228dee8b8a578346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:40:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69be8-553d"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.6.1
47.243.50.129200 OK 3.5 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (9139)
Hash d6c87c7221011e280d3bb60eb9c598e4
93aa9b7f17b91719689519d4439c10d884063296
0acd2e4b6cc50829b1fb1e12b55ed2b72b201631e908a80171d39ef4a9570724
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-253d"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.6.1
47.243.50.129200 OK 1.1 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash f46e666160800ab91bb12cccc7555662
63b98922823c1f54ed1a96e1dcd0c227e3e51419
f5cc9892eb6b336791126838b53edfe9dc4b12b99aae085cadf52d8e734f5c68
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-bdd"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.6.1
47.243.50.129200 OK 982 B URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-72a"
Content-Encoding: gzip
www.nfstudio.cc/wp-content/uploads/2019/07/harford-logo2.png
47.243.50.129200 OK 9.4 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/07/harford-logo2.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 257 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b6be237ca24316ed4c9b5678647fef0
2c31da41bf77005dc3cf441c61f91b50908d6c26
ebfedbffca23ce0e25c799d23cfbd1712a69636a5b724b1fdc37c91228422cd0
GET /wp-content/uploads/2019/07/harford-logo2.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: image/png
Content-Length: 9392
Last-Modified: Fri, 05 Jul 2019 14:22:20 GMT
Connection: keep-alive
ETag: "5d1f5d1c-24b0"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1
47.243.50.129200 OK 794 B URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-85b"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.6.1
47.243.50.129200 OK 1.2 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (7043), with no line terminators
Hash 7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-1b83"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.6.1
47.243.50.129200 OK 1.0 kB URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.6.1
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.6.1 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c37-b7a"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/underscore.min.js?ver=1.13.3
47.243.50.129200 OK 7.3 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/underscore.min.js?ver=1.13.3
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (18876)
Hash 9a2ea6713769fcca4f8c5c008e529bca
d4f20ea23eb679890b61a6829a5803a90f4cd4eb
3ca9f3cece4ffaff4322dda5eac52f1dc8cf52001f3e011f9f54c3aa1c40d880
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 27 Apr 2022 14:39:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269559a-49df"
Content-Encoding: gzip
www.harford.com.cn/wp-content/themes/buildpress/assets/js/main.min.js?ver=5.6.5
47.243.50.129200 OK 9.0 kB URL HTTP/1.1 www.harford.com.cn/wp-content/themes/buildpress/assets/js/main.min.js?ver=5.6.5
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (28225), with no line terminators
Hash e0ef10e53ee3215bf601677a965a1c8d
d03a2c598404e36f0aa7fe203eab561ab77f49e5
a7fb92fc4ee2ddd57049d6e5795cdb604eee66254eb479cb74156365c9e7231e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildpress/assets/js/main.min.js?ver=5.6.5 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 May 2022 17:47:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627d483e-6e41"
Content-Encoding: gzip
www.harford.com.cn/wp-content/plugins/siteorigin-panels/js/styling.min.js?ver=2.16.15
47.243.50.129200 OK 608 B URL HTTP/1.1 www.harford.com.cn/wp-content/plugins/siteorigin-panels/js/styling.min.js?ver=2.16.15
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (1293), with no line terminators
Hash 855b0d4b3ee0b8444eba8e3ef481a41c
d87ec3c21431454c1ca6c20360301dfb67f23d90
37f7d37e98c5e22859a3c56620d6cc773d332a01dcab54a2eff4922099cc7a0f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/siteorigin-panels/js/styling.min.js?ver=2.16.15 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 07 Jul 2022 08:40:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c69c0c-50d"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
47.243.50.129200 OK 540 B URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (1191), with no line terminators
Hash 2029090ac267ecfc20a3c0b884202de9
0ad1d2ea2030ad3c98315a8342168cb0e2c2fca1
a5f0b6001e19c189db4a985f7be8577804f4620edfc4e0812483cf571618607d
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"625095f6-4a7"
Content-Encoding: gzip
www.harford.com.cn/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
47.243.50.129200 OK 906 B URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 2c6d3b562a48e0df5474999dd47e58fb
945220e990eb176c14e53cc663fb01e04e31b59f
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: application/javascript
Content-Length: 906
Last-Modified: Wed, 20 Jan 2021 13:35:18 GMT
Connection: keep-alive
ETag: "60083196-38a"
Accept-Ranges: bytes
www.harford.com.cn/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
47.243.50.129200 OK 2.3 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (6194)
Hash a1e641c778c136da1cec804b127f1f38
5770eba8af0f66363909b995046eaba36477e993
40ae7fef1ef3551142bc86d1e2dd536f22c88b782fa925e4e83caa689d3bd945
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: application/javascript
Last-Modified: Tue, 29 Sep 2020 15:53:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f735862-1940"
Content-Encoding: gzip
www.harford.com.cn/wp-content/uploads/2019/09/WechatIMG170-360x202.jpeg
47.243.50.129200 OK 12 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/09/WechatIMG170-360x202.jpeg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 360x202, components 3\012- data
Hash c72e1a558e21765f45f83ae7b6625fc8
ce767e94ace197186582460e7f9ec7ff0275f946
a13f65b229e16e0270b15273192822518d6e5257b5083b61cf62d98fed24f35e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2019/09/WechatIMG170-360x202.jpeg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/jpeg
Content-Length: 11553
Last-Modified: Mon, 16 Sep 2019 04:57:38 GMT
Connection: keep-alive
ETag: "5d7f1642-2d21"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/themes/buildpress/bower_components/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
47.243.50.129200 OK 77 kB URL HTTP/1.1 www.harford.com.cn/wp-content/themes/buildpress/bower_components/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildpress/bower_components/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.harford.com.cn/wp-content/themes/buildpress/style.css?ver=5.6.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Mon, 24 Oct 2016 06:52:54 GMT
Connection: keep-alive
ETag: "580dafc6-12d68"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/09/1557042650-360x202.jpg
47.243.50.129200 OK 24 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/09/1557042650-360x202.jpg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 360x202, components 3\012- data
Hash 553520f6a965205fdbb72f4348091654
a04d91a91f205db1390018d3b9187f18eb1c87f5
4532b796a40737e912183b0ce6ac0967a412004f2e85e4e12ff8ebfcc9ba2199
GET /wp-content/uploads/2019/09/1557042650-360x202.jpg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/jpeg
Content-Length: 24385
Last-Modified: Mon, 16 Sep 2019 04:20:34 GMT
Connection: keep-alive
ETag: "5d7f0d92-5f41"
Accept-Ranges: bytes
www.harford.com.cn/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
47.243.50.129200 OK 39 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (65266)
Hash 57a27066d663db3b5965d07507819057
6ad075a06f0fcdc7d1b7329976640856a60d2ded
0879abe690846f75efd0c89b6d7f16adc2d200c171800bbf00e2229040f756f5
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 29 Sep 2020 15:53:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f735862-267aa"
Content-Encoding: gzip
www.nfstudio.cc/wp-content/uploads/2019/09/VIEW-ALL-1.png
47.243.50.129200 OK 27 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/09/VIEW-ALL-1.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 724 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 616db848a0a9e59e151cb2ff281412c3
3a0dc6e9b6c85c8d516b74827ce0f25348c3da7d
1fbcb79eedc3553e81a99530101234cf538175fdc3ae208a508a26137c2fcc86
GET /wp-content/uploads/2019/09/VIEW-ALL-1.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 26573
Last-Modified: Tue, 17 Sep 2019 09:23:16 GMT
Connection: keep-alive
ETag: "5d80a604-67cd"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/fda.jpg
47.243.50.129200 OK 30 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/fda.jpg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2019:07:12 13:30:34], baseline, precision 8, 208x98, components 3\012- data
Hash 3495befa323fff7cd94ef0b94e25e760
7b1211c019bb5ca64d3804314fd8cb222931056c
ac7149bcafcac93de6f65282f5deb21b1c15b7e204caf0f90b578e3d7c485c4b
GET /wp-content/uploads/2019/07/fda.jpg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/jpeg
Content-Length: 30162
Last-Modified: Fri, 12 Jul 2019 05:35:42 GMT
Connection: keep-alive
ETag: "5d281c2e-75d2"
Accept-Ranges: bytes
youtu.be/92roRCOZ1DE?_=1
172.217.21.174303 See Other 0 B IP 172.217.21.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /92roRCOZ1DE?_=1 HTTP/1.1
Host: youtu.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
content-type: application/binary
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 13:42:54 GMT
location: https://www.youtube.com/watch?_=1&v=92roRCOZ1DE&feature=youtu.be
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SHORT_URL"
report-to: {"group":"SHORT_URL","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SHORT_URL"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
server: ESF
content-length: 0
x-xss-protection: 0
set-cookie: YSC=zymJ8j-AGsc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+029; expires=Wed, 25-Sep-2024 13:42:53 GMT; path=/; domain=.youtu.be; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nfstudio.cc/wp-content/uploads/2019/09/Hammer-Marks.png
47.243.50.129200 OK 86 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/09/Hammer-Marks.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 724 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eaf9a62f7c21e80aaff7428c43acba5
43576139d044fa679472e44898afcdcc15d9bf64
bc5da7b450d0fef567b120f842bae015c230473089c3eed4771a9d883aa87457
GET /wp-content/uploads/2019/09/Hammer-Marks.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:52 GMT
Content-Type: image/png
Content-Length: 86328
Last-Modified: Tue, 17 Sep 2019 09:04:06 GMT
Connection: keep-alive
ETag: "5d80a186-15138"
Accept-Ranges: bytes
www.nfstudio.cc/wp-content/uploads/2019/09/Perforated.png
47.243.50.129200 OK 52 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/09/Perforated.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 724 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash f5fc8303c589aad2482b5031340b0bac
074aa11427130233367e6b9787c1beadbb8790d5
289ed83f43dcbe46058d216e037dfbd8168c79c221632153b0cc7f79353c3dad
GET /wp-content/uploads/2019/09/Perforated.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 51866
Last-Modified: Tue, 17 Sep 2019 09:04:52 GMT
Connection: keep-alive
ETag: "5d80a1b4-ca9a"
Accept-Ranges: bytes
www.nfstudio.cc/wp-content/themes/buildpress/assets/images/title-area-pattern.png
47.243.50.129200 OK 84 B URL HTTP/1.1 www.nfstudio.cc/wp-content/themes/buildpress/assets/images/title-area-pattern.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 8 x 8, 8-bit grayscale, non-interlaced\012- data
Hash e5065d40e5692707dd035134ae21e619
a31c99b1ed932ceeb45a96a705445d03d26edee8
26944c2903b328352f2315ed3131315bfb18e8e25fee42adcca1bc4756a524ae
GET /wp-content/themes/buildpress/assets/images/title-area-pattern.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 84
Last-Modified: Thu, 12 May 2022 17:46:26 GMT
Connection: keep-alive
ETag: "627d47f2-54"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/NSF.jpg
47.243.50.129200 OK 31 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/NSF.jpg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2019:07:12 13:42:09], baseline, precision 8, 208x98, components 3\012- data
Hash b57efe43c1a899a33bd798d574ae93d1
710912e6b4d7e21a3c4f78664598d95b4970fadf
074c0d1fe361c2c0423ecd36774cb928fbed80d4b3efd0a03fd473fce5dedd12
GET /wp-content/uploads/2019/07/NSF.jpg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/jpeg
Content-Length: 30632
Last-Modified: Fri, 12 Jul 2019 05:42:54 GMT
Connection: keep-alive
ETag: "5d281dde-77a8"
Accept-Ranges: bytes
www.harford.com.cn/wp-includes/js/mediaelement/mejs-controls.svg
47.243.50.129200 OK 4.6 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/js/mediaelement/mejs-controls.svg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4597)
Hash f0849a5e79712b10e1531925e3edb879
a5fd4a315cb977532daca83c130ce8ffc57f6f3f
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mejs-controls.svg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:54 GMT
Content-Type: image/svg+xml
Content-Length: 4598
Last-Modified: Tue, 01 Aug 2017 04:43:52 GMT
Connection: keep-alive
ETag: "59800708-11f6"
Accept-Ranges: bytes
www.nfstudio.cc/wp-content/uploads/2019/09/Pouring.png
47.243.50.129200 OK 52 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/09/Pouring.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 724 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 234b81b2500353910a583a4d7a98465e
9f14076721d2a69f020ab29edeb2c12f4dd05dd9
c205eed1af73753619d46082fb928416514d337c9a6da0ed5ab042d099199b98
GET /wp-content/uploads/2019/09/Pouring.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 52209
Last-Modified: Tue, 17 Sep 2019 09:05:06 GMT
Connection: keep-alive
ETag: "5d80a1c2-cbf1"
Accept-Ranges: bytes
www.nfstudio.cc/wp-content/uploads/2019/09/FRY-PAN.png
47.243.50.129200 OK 60 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/09/FRY-PAN.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 724 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ece4591f5c67f0de2652cddcea61c3a
90374db7b76f776f1525e7bce91d92f7fc80c8cf
bef65ca75d8113e84cefdcda4d285c47aba94861dd533657727c188fb3a3560f
GET /wp-content/uploads/2019/09/FRY-PAN.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 60454
Last-Modified: Tue, 17 Sep 2019 09:05:26 GMT
Connection: keep-alive
ETag: "5d80a1d6-ec26"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/iaf.png
47.243.50.129200 OK 79 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/iaf.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 208 x 98, 8-bit/color RGB, non-interlaced\012- data
Hash d150595cb03949422e5f3fd7fc911208
a818d3ba36bb67935459d9ad6c6b8f2de0ac50f1
03e546de16b3f8b3475134b558eb71d20f3d31247140347491c55f4bfd4a3b26
GET /wp-content/uploads/2019/07/iaf.png HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 79067
Last-Modified: Fri, 12 Jul 2019 05:57:16 GMT
Connection: keep-alive
ETag: "5d28213c-134db"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/iso9001.png
47.243.50.129200 OK 79 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/iso9001.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 208 x 98, 8-bit/color RGB, non-interlaced\012- data
Hash 8c9bf0f333225aeea3d1f17f2f8c4224
3a2b3e06c7a8967ad487e0232aa3bb702b27bf6d
5562d0114c8b58c5344e40f2705eef42c982b2043e7d7fe35b805db882e5d12b
GET /wp-content/uploads/2019/07/iso9001.png HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 79067
Last-Modified: Fri, 12 Jul 2019 06:01:54 GMT
Connection: keep-alive
ETag: "5d282252-134db"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/iso18001.png
47.243.50.129200 OK 79 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/iso18001.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 208 x 98, 8-bit/color RGB, non-interlaced\012- data
Hash 7e95f722ef7460d1f24f590ab2542c92
800be92cdbcfaefaf4abf41fe92ac9b9e48021eb
6f713b846f12b70ea25e63dd69f09183964e8c9cbdcf160f20f4eb0644fee3fa
GET /wp-content/uploads/2019/07/iso18001.png HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 79067
Last-Modified: Fri, 12 Jul 2019 06:08:26 GMT
Connection: keep-alive
ETag: "5d2823da-134db"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/iso14001.png
47.243.50.129200 OK 79 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/iso14001.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 208 x 98, 8-bit/color RGB, non-interlaced\012- data
Hash 464b5bbfb48deed2184d88fde0c9c169
4470c4343195fab2683eb8af658174b8629651de
65a2ace6cfbd433456cacf126c683ce11164617a3d00501c5165ea0dba60ffe0
GET /wp-content/uploads/2019/07/iso14001.png HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 79067
Last-Modified: Fri, 12 Jul 2019 06:04:16 GMT
Connection: keep-alive
ETag: "5d2822e0-134db"
Accept-Ranges: bytes
www.nfstudio.cc/wp-content/uploads/2019/07/logo33.png
47.243.50.129200 OK 133 kB URL HTTP/1.1 www.nfstudio.cc/wp-content/uploads/2019/07/logo33.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 257 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (133076 bytes)
Hash ed134086e6489619e9a54233638ae568
743dbe7e4d6f4a77e8ce4c84210a2b7b374398c1
42cc5e9ced6d06f05b9ad18911f8b41b81068fc5f608a6c811d992b3f751442e
GET /wp-content/uploads/2019/07/logo33.png HTTP/1.1
Host: www.nfstudio.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/png
Content-Length: 133076
Last-Modified: Fri, 12 Jul 2019 06:40:38 GMT
Connection: keep-alive
ETag: "5d282b66-207d4"
Accept-Ranges: bytes
www.harford.com.cn/wp-content/uploads/2019/07/cnas.jpg
47.243.50.129200 OK 34 kB URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/07/cnas.jpg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2019:07:12 13:54:25], baseline, precision 8, 208x98, components 3\012- data
Hash 20ae55cbb391d128b3d698d35c6296d0
a76be07383a71ea7ba80d47c196cf7d5c95b6ae4
1cc3956ca8fd93d1f07f98e5f22412b9d712a4b6c6f412a560fa22cf894e2231
GET /wp-content/uploads/2019/07/cnas.jpg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:54 GMT
Content-Type: image/jpeg
Content-Length: 34160
Last-Modified: Fri, 12 Jul 2019 05:54:36 GMT
Connection: keep-alive
ETag: "5d28209c-8570"
Accept-Ranges: bytes
www.harford.com.cn/?wc-ajax=get_refreshed_fragments
47.243.50.129200 OK 514 B URL HTTP/1.1 www.harford.com.cn/?wc-ajax=get_refreshed_fragments
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash aea03b2749cfada44eeae6c08dc4317a
a04c2018dccde4b1a963e5b71f7692c278a50dce
b3e0f52abd25f9ae0c6846f9d2df442e35f01c4fb2fdd1c973f78737f98c3e4c
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.harford.com.cn
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:55 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: https://www.harford.com.cn
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.138200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.138:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.harford.com.cn
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 26 Sep 2022 13:42:55 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.harford.com.cn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 177057
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.harford.com.cn/favicon.ico
47.243.50.129302 Found 0 B URL HTTP/1.1 www.harford.com.cn/favicon.ico
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 26 Sep 2022 13:42:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://www.harford.com.cn/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://www.harford.com.cn/wp-includes/images/w-logo-blue-white-bg.png
www.harford.com.cn/wp-includes/images/w-logo-blue-white-bg.png
47.243.50.129200 OK 4.1 kB URL HTTP/1.1 www.harford.com.cn/wp-includes/images/w-logo-blue-white-bg.png
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.harford.com.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:55 GMT
Content-Type: image/png
Content-Length: 4119
Last-Modified: Tue, 16 Nov 2021 00:04:02 GMT
Connection: keep-alive
ETag: "6192f572-1017"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a6a622459e93134f2a6fa008e26ceee0
7f797c40d60ce008b1cd5b4fcbe6786537ce2d1a
b289d9acf3ca227dd635803a39c05ee4d8f4ae6f807473e1339f22d12e3bd3c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 26 Sep 2022 13:42:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 13:33:02 GMT
expires: Mon, 26 Sep 2022 13:48:02 GMT
cache-control: public, max-age=900
age: 594
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 27 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash 2e26171e99a335613f61b131bfbb4e55
1581802d8fb42302fc9192f5c6c4f92aaa83b594
90ece1884c726f51b8f54ce8b9e73eff67146871d7b529641afbe0f0b963306b
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 26 Sep 2022 13:42:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f68d5997174b31fce0e382455eeccbb8
5b8e1030912583a0b64dacfe291c939fb891cdcc
a6e177411d40f8196c051a3a33a81817e0e250c629b86a88234b8a6d27953ae2
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 26 Sep 2022 13:42:56 GMT
server: ESF
cache-control: private
content-length: 30761
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a6a622459e93134f2a6fa008e26ceee0
7f797c40d60ce008b1cd5b4fcbe6786537ce2d1a
b289d9acf3ca227dd635803a39c05ee4d8f4ae6f807473e1339f22d12e3bd3c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f864de16e2c738477abbf4addaae65f8
30fff82640e6e005aa148ef47d7de74a741c2467
0882106567d5f02552bcaf89d607f9c2d945191dad38332843dfe355f7d5d6c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36059)
Hash 653ca66c61b84cbd83869ee18f017d75
90a6545ff9e57c4b7aead2902a6b490020062f8d
9a2bb3e8ba9e5b19e7d5ceef273a3ef848af3472f0e779f6764037e78dfdccea
GET /js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:09:23 GMT
expires: Thu, 21 Sep 2023 05:09:23 GMT
cache-control: public, max-age=31536000
age: 462813
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/92roRCOZ1DE/default.webp
142.250.74.54200 OK 3.6 kB URL HTTP/2 i.ytimg.com/vi_webp/92roRCOZ1DE/default.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b04afa175f81032f09ac2d0e5c9d764
cbecf85077aaed9856241a0473253a90422943d0
baa988208e9c90347efeeec1787291c0c73c7b219b08f253cffb4ac5309a7c5d
GET /vi_webp/92roRCOZ1DE/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 3610
date: Mon, 26 Sep 2022 13:42:56 GMT
expires: Mon, 26 Sep 2022 15:42:56 GMT
cache-control: public, max-age=7200
etag: "1562917923"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f864de16e2c738477abbf4addaae65f8
30fff82640e6e005aa148ef47d7de74a741c2467
0882106567d5f02552bcaf89d607f9c2d945191dad38332843dfe355f7d5d6c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/92roRCOZ1DE/sddefault.webp
142.250.74.54200 OK 46 kB URL HTTP/2 i.ytimg.com/vi_webp/92roRCOZ1DE/sddefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9986e49d3c6611e6f2a23e02b42c0336
3469e9ecc14c053a2c1b666df74d8e667226d2aa
b22563fb10bbd719aabb8b355ebd1ec000897133ef38a028b4436407e76cc8de
GET /vi_webp/92roRCOZ1DE/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 45462
date: Mon, 26 Sep 2022 13:42:56 GMT
expires: Mon, 26 Sep 2022 15:42:56 GMT
cache-control: public, max-age=7200
etag: "1562917923"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.harford.com.cn/wp-content/uploads/2019/08/feng01.jpg
47.243.50.129200 OK 0 B URL HTTP/1.1 www.harford.com.cn/wp-content/uploads/2019/08/feng01.jpg
IP 47.243.50.129:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /wp-content/uploads/2019/08/feng01.jpg HTTP/1.1
Host: www.harford.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 13:42:53 GMT
Content-Type: image/jpeg
Content-Length: 1229043
Last-Modified: Sat, 10 Aug 2019 06:45:34 GMT
Connection: keep-alive
ETag: "5d4e680e-12c0f3"
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700%7CMontserrat%3A400%2C700&subset=latin
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700%7CMontserrat%3A400%2C700&subset=latin
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro%3A400%2C700%7CMontserrat%3A400%2C700&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.harford.com.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 13:42:51 GMT
date: Mon, 26 Sep 2022 13:42:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2