r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20495
Expires: Thu, 05 Jan 2023 17:24:11 GMT
Date: Thu, 05 Jan 2023 11:42:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4014
Expires: Thu, 05 Jan 2023 12:49:30 GMT
Date: Thu, 05 Jan 2023 11:42:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14847
Expires: Thu, 05 Jan 2023 15:50:03 GMT
Date: Thu, 05 Jan 2023 11:42:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 11:36:28 GMT
content-type: application/json
age: 368
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: obWBAGcgnMmaKNtdnRdoxRC/SXxby/QcGBhFMNWPvoP1oTLKHRUWaCNhiU3Z/sw4smrJkST3Fi0=
x-amz-request-id: 68VG17WHZ1BV03H8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 11:01:42 GMT
age: 2454
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 11:42:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wap.hechangmachinery.com/product_detail/id/14660
128.1.164.27301 Moved Permanently 7.3 kB URL HTTP/1.1 wap.hechangmachinery.com/product_detail/id/14660
IP 128.1.164.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11261), with CRLF, LF line terminators
Hash 55bd93e5b2cc570ba4645b1b7a4cb936
9948819345665b8d62cc3313a04ba8fe664df195
0c24fb619a45d76a62a716a1437cd304d2f8727db597cb31e7770ad70a4cddde
Analyzer Verdict Alert fortinet Phishing
GET /product_detail/id/14660 HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 05 Jan 2023 11:42:36 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-control: private
X-Powered-By: ThinkPHP
Content-Encoding: gzip
Vary: Accept-Encoding
X-Frame-Options: AllowAll
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
X-Download-Options: value
Set-Cookie: PHPSESSID=h07t5omvg932ji7pc60ie5rub4; path=/; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: unsafe-url
Upgrade: h2
Connection: Upgrade, Keep-Alive
Location: https://wap.hechangmachinery.com/product_detail/id/14660
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type
Keep-Alive: timeout=15, max=1000
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 11:08:11 GMT
age: 2065
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1713
Cache-Control: max-age=165166
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:36 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 09:35:22 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qbURcTUOxc13pftXB2ZO1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ck6A0S6AdK3CjtDz9qpI0f3JS68=
wap.hechangmachinery.com/Tpl/public/font/iconfont.css
128.1.164.27200 OK 2.5 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/public/font/iconfont.css
IP 128.1.164.27:0
File type ASCII text, with very long lines (2871)
Hash 7e7dd4aa82440c720f3542dc76b392b2
7f1a72e5a580b4ce39586fa245bf2c27d6c779d0
9a7d72d706346597cb57b0bc1ca65bc42a474ca7befd417006cbf963d3338147
GET /Tpl/public/font/iconfont.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 25 Jun 2019 07:15:09 GMT
etag: "e57-58c20b058b940-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 2519
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/public/css/common.css
128.1.164.27200 OK 664 B URL HTTP/2 wap.hechangmachinery.com/Tpl/public/css/common.css
IP 128.1.164.27:0
Hash 1697110484e939a75eef2d8dcef657ed
b9c54638b25a04d15986796b6942ea5b29981a94
bb66332033fe6eb5049d32a5ded42c8ace0e9086fecb8c13cf18f381c292e4f6
GET /Tpl/public/css/common.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 31 Dec 2019 09:23:04 GMT
etag: "63d-59afc81d1ce00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 664
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/slick.css
128.1.164.27200 OK 557 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/slick.css
IP 128.1.164.27:0
Hash d0e230b935d3f17f3b2ae2c38a6a6d8f
b9f29063a70a9599a89bcb497d833fc758ad63ba
0c38f4e97078d023aeb69238adae19262e7054147463bfe180b00fa7d85a0b7c
GET /Tpl/demo5/css/slick.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:48 GMT
etag: "6c1-577c8b33f7c00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 557
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/fontawesome-all.min.css
128.1.164.27200 OK 7.1 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/fontawesome-all.min.css
IP 128.1.164.27:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /Tpl/demo5/css/fontawesome-all.min.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:47 GMT
etag: "7918-577c8b33039c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 7053
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/slick-theme.css
128.1.164.27200 OK 778 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/slick-theme.css
IP 128.1.164.27:0
Hash 071c89cc6fd9ec7890fb7dcb967349b2
7c00dcadc2d59e54cc1424a73ef09a23f96c8d7c
1b0d80b470b5eb15415e26c677f76b6e35369eceee8ab8148d6e52d865856778
GET /Tpl/demo5/css/slick-theme.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:48 GMT
etag: "b49-577c8b33f7c00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 778
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/demo5font/iconfont.css
128.1.164.27200 OK 4.4 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/demo5font/iconfont.css
IP 128.1.164.27:0
File type ASCII text, with very long lines (5091)
Hash b609cb1aa7d7f4cae0d736dfce3cdd00
4bfb1c09366b09ee25411bf0c020b375038f490a
6f095c6e6306062305e332cd0558f0aab545631cb381d43b66ef7d5dbe87de8b
GET /Tpl/demo5/css/demo5font/iconfont.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Fri, 19 Oct 2018 02:31:27 GMT
etag: "1954-5788bb3453dc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 4369
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/owl.carousel.css
128.1.164.27200 OK 528 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/owl.carousel.css
IP 128.1.164.27:0
Hash a70757c9c5b45b8b3e693066dee5c63c
4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de
GET /Tpl/demo5/css/owl.carousel.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:47 GMT
etag: "5c4-577c8b33039c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 528
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/owl.theme.css
128.1.164.27200 OK 604 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/owl.theme.css
IP 128.1.164.27:0
Hash cdeb81450edb1663d57d584e1c940f55
0bd4b11b4d356e1ea54e33513129b17380bcc927
dc63d0042b21df6235bd6987217bfe9b5bbd23a4c3a4cfb7a11edd5b1c478cc1
GET /Tpl/demo5/css/owl.theme.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Fri, 19 Oct 2018 02:31:28 GMT
etag: "648-5788bb3548000-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 604
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/materialize.min.css
128.1.164.27200 OK 20 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/materialize.min.css
IP 128.1.164.27:0
File type ASCII text, with very long lines (65356)
Hash d57c1e4b204357099ca9650066265a07
090b6897d73b30d69e592fd362ce0f54b1023de3
b756c6ed2f95872fd483d1299162656508673f1226d3bfb35ac41160e8142645
GET /Tpl/demo5/css/materialize.min.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:48 GMT
etag: "1cb66-577c8b33f7c00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 19905
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/lightbox.min.css
128.1.164.27200 OK 900 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/lightbox.min.css
IP 128.1.164.27:0
File type ASCII text, with very long lines (2694), with no line terminators
Hash cac1a09f460960bec12e6e969e5c05a3
b3f17401f5b2211e7fbf7a1e9c13787273f898d3
d83c18fc0020c76e5be4564e083cdf6e32072cd82bc8f100aabcef5f93e833f9
GET /Tpl/demo5/css/lightbox.min.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:47 GMT
etag: "a86-577c8b33039c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 900
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/owl.transitions.css
128.1.164.27200 OK 694 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/owl.transitions.css
IP 128.1.164.27:0
Hash 362e4dd89f3c395772f34d1da91ec825
27bd3517a54cfaddcbc2e95efd7b352ce33053e9
eb2e7e8bf64be66d46606d962377640542f464c66945ec46790b91db68bdb06b
GET /Tpl/demo5/css/owl.transitions.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:48 GMT
etag: "117c-577c8b33f7c00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 694
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/public/js/common.js
128.1.164.27200 OK 634 B URL HTTP/2 wap.hechangmachinery.com/Tpl/public/js/common.js
IP 128.1.164.27:0
File type Unicode text, UTF-8 text, with very long lines (1448), with no line terminators
Hash 0b3e672f652d55db195cff46648ea7a8
dc281c8db73d4d217eb99a5b2970bd874cd07b66
19ae305cb0bcb37d2811e94b5042cd47dfbdda92dffc8bc1ea16360dae956262
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/public/js/common.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Wed, 11 Mar 2020 05:42:33 GMT
etag: "5b0-5a08db3ec6440-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 634
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/public/js/statitics.js
128.1.164.27200 OK 0 B URL HTTP/2 wap.hechangmachinery.com/Tpl/public/js/statitics.js
IP 128.1.164.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/public/js/statitics.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Wed, 11 Mar 2020 05:26:52 GMT
etag: "0-5a08d7bd5df00"
accept-ranges: bytes
content-length: 0
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/duobianxing/iconfont.css
128.1.164.27200 OK 1.3 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/duobianxing/iconfont.css
IP 128.1.164.27:0
File type ASCII text, with very long lines (1395)
Hash 617fff0cb2d799238aa1bdfaf128158a
9074f718ed4e0c107c792f72214c161f5c1006fe
1ef839d800423afaeebb9cfdad8e16ddf73abf3c3abaf2415795d7d0a008f2f7
GET /Tpl/demo5/duobianxing/iconfont.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:49 GMT
etag: "7c2-577c8b34ebe40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 1332
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/js/custom-portfolio.js
128.1.164.27200 OK 169 B URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/custom-portfolio.js
IP 128.1.164.27:0
Hash 238609049a86d6326ca0eb8de938547b
0c0303cf5a50e6ac354dffc3de3e1e770730e4c5
1ab5f9135127471d911aa077e51346e562df947736276b16b5a8b5870797fb89
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/custom-portfolio.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:59 GMT
etag: "fc-577c8b3e754c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 169
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/css/style.css
128.1.164.27200 OK 7.4 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/css/style.css
IP 128.1.164.27:0
Hash 9eae02a1f3119ffc4315f21bdfe6f967
d0ecea0707aa7db3111a13336ad24ab995f3b280
cec4731a387d0bbb7809b5758e3842bf85e2f59168954e164930e2a69b2f6155
GET /Tpl/demo5/css/style.css HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Thu, 29 Apr 2021 02:26:05 GMT
etag: "b636-5c113379b0940-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 7374
content-type: text/css
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/js/custom.js?1672918957
128.1.164.27200 OK 3.2 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/custom.js?1672918957
IP 128.1.164.27:0
Hash d3b1e0ff333b15ea752ad3e32c356cfc
4401f9cd71ea633251827f2dfc0bb9c2c922d278
705205be52a13dd22bf007d1d096cc37360b5ed5a0a03232cea145238c046924
GET /Tpl/demo5/js/custom.js?1672918957 HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Wed, 17 Jun 2020 05:49:23 GMT
etag: "2374-5a84138cf3ec0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 3221
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/js/lightbox.min.js
128.1.164.27200 OK 2.9 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/lightbox.min.js
IP 128.1.164.27:0
File type ASCII text, with very long lines (9089)
Hash d327fefef7276d6a0f27bf354e39bc84
f063fbaf1287f6ecd27d465760d7f9181886c117
ffc92c8c98159b93b68521ca0fb6a039a93dcdc243eb72f1eeb464280e4d4cac
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/lightbox.min.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:59 GMT
etag: "249c-577c8b3e754c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 2896
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/js/owl.carousel.min.js
128.1.164.27200 OK 6.5 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/owl.carousel.min.js
IP 128.1.164.27:0
File type ASCII text, with very long lines (635)
Hash 52dcceca1a5279318db4eb1a274c2cd3
e53de7bb9b9b4c78d01871df740e153f75c8d2f0
76f7bc9e2f31513fb2903602954e5658efc5b0325748be43a0cf36338be814c3
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/owl.carousel.min.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:53:00 GMT
etag: "5d52-577c8b3f69700-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 6465
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/js/slick.min.js
128.1.164.27200 OK 10 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/slick.min.js
IP 128.1.164.27:0
File type ASCII text, with very long lines (32076)
Hash 7a6b74fb1418a5e7a5518d5a9fe2bb06
aef7197c8eeedcb350e55e20d07d203cc1891ad9
30d505b8d798cdf8fc55db71deb5b5e51453a33868c362886942066d6e2ab33c
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/slick.min.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:53:00 GMT
etag: "a3e1-577c8b3f69700-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 10170
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wap.hechangmachinery.com/Tpl/demo5/images/contact.png
128.1.164.27200 OK 1.2 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/images/contact.png
IP 128.1.164.27:0
File type PNG image data, 23 x 20, 8-bit/color RGBA, interlaced\012- data
Hash c812ed1e847419b343e4cdc824fae6d3
fe931eb43893f1380767598a4cd9ade5324753e2
78d9d93304cbc44b5f31b0e749c115cfe2ca84a8199a5d3a4007e1ffa1c6f1d4
GET /Tpl/demo5/images/contact.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Mon, 24 Dec 2018 03:28:52 GMT
etag: "4dc-57dbc32228500"
accept-ranges: bytes
content-length: 1244
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/code_char.php?webid=1117&time=5812040311823941672918957;
128.1.164.27200 OK 300 B URL HTTP/2 wap.hechangmachinery.com/code_char.php?webid=1117&time=5812040311823941672918957;
IP 128.1.164.27:0
File type PNG image data, 50 x 40, 2-bit colormap, non-interlaced\012- data
Hash 778ad35b5debf28462d57bc71233c968
854ac83c28ba3b988c7d20d1bb23da3ffcd919a2
c44ff29ba28803e73d07edadd61234fd3ec8c58b1f0a1a0722a89e3d59bde816
GET /code_char.php?webid=1117&time=5812040311823941672918957; HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 300
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/js/jquery.filterizr.min.js
128.1.164.27200 OK 3.8 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/jquery.filterizr.min.js
IP 128.1.164.27:0
File type ASCII text, with very long lines (12136)
Hash 8a962fbacee857c378f8f92dcb5d77b8
d4ae5190731ac8c5a04cc8dee0db4791d3957ba6
2a54e52fb1cdbd90c293edb3059db54ea1fb03d1e440eb02b80ef1ca0b8efd05
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/jquery.filterizr.min.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:59 GMT
etag: "2f69-577c8b3e754c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 3823
content-type: application/javascript
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/images/email.png
128.1.164.27200 OK 1.3 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/images/email.png
IP 128.1.164.27:0
File type PNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 36cb59f472b4d50ded7f3d38d70b3038
97d1d7a0672cf271799b7dfbbd52e85de0d268e1
5be02c130ea257ff47542ee8d7ddd749dee77134e8700c6adfac70fb6c776641
GET /Tpl/demo5/images/email.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Mon, 24 Dec 2018 03:28:52 GMT
etag: "519-57dbc32228500"
accept-ranges: bytes
content-length: 1305
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wap.hechangmachinery.com/Tpl/demo5/images/skype.png
128.1.164.27200 OK 1.7 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/images/skype.png
IP 128.1.164.27:0
File type PNG image data, 30 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c89bcebf01dea966b260363e7b57708
4ec64187460f628a7889e4d3e384a40c6fef30b7
0adbb0b0d10cdc848b6b85a6a9a4163f6f12225a1e3965e986299cf15c6b03c9
GET /Tpl/demo5/images/skype.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Mon, 24 Dec 2018 03:28:53 GMT
etag: "6a1-57dbc3231c740"
accept-ranges: bytes
content-length: 1697
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c8811382bcd40ec65e7a6e339e94904
38d741442c52bcdde863d1a2d593ce0c81c7efbd
ce5c1060c028784381224586783b9b0943fd14947bb15bb38e6d401a1a221c23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wap.hechangmachinery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 58123
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/public/js/translator.js
128.1.164.27200 OK 781 B URL HTTP/2 wap.hechangmachinery.com/Tpl/public/js/translator.js
IP 128.1.164.27:0
File type exported SGML document, ASCII text
Hash 1627370954644d95eb5fe95a794694ec
322b88dd8739f2575c5927185100b9bd048089b8
d1991e8ebabcd0acc1e50e69457975b57b268eda48512ff4e25b3f84f2730e2a
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/public/js/translator.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Thu, 26 Sep 2019 01:29:51 GMT
etag: "880-5936ab4b301c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 781
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wap.hechangmachinery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:13 GMT
expires: Sat, 30 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 511764
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Dosis:400,500,600,700|Roboto:400,500,700
142.250.74.74200 OK 65 kB URL HTTP/2 fonts.googleapis.com/css?family=Dosis:400,500,600,700|Roboto:400,500,700
IP 142.250.74.74:0
Hash efe91a916ba9db011d564e21e8c2de91
b2e3ac70b16a6893f0e9272eb987b3bca915c954
b74b2ebc43368738b30c3d4e2b34d457a40763b620785a7ab793625ca29ad625
GET /css?family=Dosis:400,500,600,700|Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 05 Jan 2023 11:42:37 GMT
date: Thu, 05 Jan 2023 11:42:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/images/whatsapp.png
128.1.164.27200 OK 5.5 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/images/whatsapp.png
IP 128.1.164.27:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash feeb091ea9c55da1d84cf82dd71513d8
c8e0a45af7205d955f0c6c737fe3fbf231e68e4c
acfc716eee8b4c4012186e95d0d4039c467309800849bacaecc367966a6d4770
GET /Tpl/demo5/images/whatsapp.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Mon, 24 Dec 2018 03:28:54 GMT
etag: "157d-57dbc32410980"
accept-ranges: bytes
content-length: 5501
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c8811382bcd40ec65e7a6e339e94904
38d741442c52bcdde863d1a2d593ce0c81c7efbd
ce5c1060c028784381224586783b9b0943fd14947bb15bb38e6d401a1a221c23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wap.hechangmachinery.com/Tpl/demo5/js/jquery.min.js
128.1.164.27200 OK 30 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/jquery.min.js
IP 128.1.164.27:0
File type ASCII text, with very long lines (32065)
Hash 6dbec7b4e518958353337d8d21b5fda3
e9f54533f95314c6e30d659fc970051eb15451f5
03878c0bca35ec2a9f240eb0bcad7596f9d4549bc4efc5e18436ea4fb14acad3
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/jquery.min.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:59 GMT
etag: "14e4a-577c8b3e754c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-length: 29822
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 21:48:03 GMT
expires: Fri, 29 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 568474
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/4971552993425871.png
128.1.164.27200 OK 12 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/4971552993425871.png
IP 128.1.164.27:0
File type PNG image data, 445 x 122, 8-bit/color RGB, non-interlaced\012- data
Hash b345cbdf8f00379b9fd4116dafa8552c
19ee4b4c2130a7ed36a4cc58666226ea02b7b573
ba46ad682e8fca596fd210764749f557c2492a1dc9ab1db3c4f6d8031808b5fb
GET /muploadfiles/128.1.164.27/webid1117/uploadimage/201903/4971552993425871.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:40 GMT
etag: "2f08-5e65293818900"
accept-ranges: bytes
content-length: 12040
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 16:40:43 GMT
expires: Fri, 29 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 586914
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js
142.250.74.174200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (679)
Size 109 kB (109069 bytes)
Hash de70cca71a002835d2d2e36d34adc509
19df5ef5e91da5a7ac9ac6d58ed26eb39aa65425
53068fee4e27a994ee67cea47396a03452d3fa6e8b63fe6ca2e110c2f36f5e43
GET /s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/MIncfWcewvk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109069
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 20:24:17 GMT
expires: Wed, 03 Jan 2024 20:24:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 141500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/MIncfWcewvk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 20:24:17 GMT
expires: Wed, 03 Jan 2024 20:24:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 141500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/MOD/201904/1554367247597.png
128.1.164.27200 OK 16 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/MOD/201904/1554367247597.png
IP 128.1.164.27:0
File type PNG image data, 400 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 89641ad2d31f3ac8303c672e95f30ca4
a69d666cc743fb6249e775ac8069f1c813214e63
09e65f104b5c974c879989af4277c38e1aa36f7e7b3752e3b09887a93e9b75ee
GET /muploadfiles/128.1.164.27/webid1117/MOD/201904/1554367247597.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:40 GMT
etag: "406f-5e65293818900"
accept-ranges: bytes
content-length: 16495
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/5161552993529517.png
128.1.164.27200 OK 22 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/5161552993529517.png
IP 128.1.164.27:0
File type PNG image data, 134 x 171, 8-bit/color RGB, non-interlaced\012- data
Hash 950cdba95e3889f7660b92d16b36e560
03becaa7101f0050a54ac0df6482c1e4d9404a40
1a249b9c673cd1015639be76b3a1415c94ce08af137d44cf4f3dee0f1cb47368
GET /muploadfiles/128.1.164.27/webid1117/uploadimage/201903/5161552993529517.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:41 GMT
etag: "5465-5e6529390cb40"
accept-ranges: bytes
content-length: 21605
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/images/skypeshow.png
128.1.164.27200 OK 22 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/images/skypeshow.png
IP 128.1.164.27:0
File type PNG image data, 520 x 285, 8-bit/color RGBA, non-interlaced\012- data
Hash d36e044c1a4a0f799596b08e0e13d71d
5fb1a814eff6dfa0b6137a28ca4a76285b7f51c9
ef7509cc342e973964d4c1580480739c40f13a86b79a1e7e2d318d3c39823aed
GET /Tpl/demo5/images/skypeshow.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Thu, 03 Jan 2019 05:36:45 GMT
etag: "5429-57e8725e4f540"
accept-ranges: bytes
content-length: 21545
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/source/202207/161473137984wap.jpg
128.1.164.27200 OK 25 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/source/202207/161473137984wap.jpg
IP 128.1.164.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 532x700, components 3\012- data
Hash 9ec2790488f6c9dc8945103e3b0b8a29
2bc4ee621a628f2a28cd6c96de9de8c7b8f84456
7f49e797cc9d326a7d2cf754e36e71c7761eaae91682f8a8145e8e01f8d11a46
GET /muploadfiles/128.1.164.27/webid1117/source/202207/161473137984wap.jpg HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:39 GMT
etag: "626f-5e652937246c0"
accept-ranges: bytes
content-length: 25199
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/jpeg
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/7711552993526264.png
128.1.164.27200 OK 91 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/7711552993526264.png
IP 128.1.164.27:0
File type PNG image data, 274 x 171, 8-bit/color RGB, non-interlaced\012- data
Hash 4bb7425c445748d8f8ca960de8b55044
b523ae2e23be39318d016b461e0d252b4a4cd2a1
2ad0e72f51d55db5dd3d65f1575b52ec48f823ff1baa733393f27135dbd3f84e
GET /muploadfiles/128.1.164.27/webid1117/uploadimage/201903/7711552993526264.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:41 GMT
etag: "16384-5e6529390cb40"
accept-ranges: bytes
content-length: 91012
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/MOD/201904/1554367257277.png
128.1.164.27200 OK 110 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/MOD/201904/1554367257277.png
IP 128.1.164.27:0
File type PNG image data, 560 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 110 kB (110295 bytes)
Hash 272f80d1e219b0fe2a0a5cc8d0b7d9c6
30394d8711690e3507bb74cd67f98158fe15c499
da8bc00f2c3fa859977cf801ef5090730c0447dff10dffa135c15314bf37bc6f
GET /muploadfiles/128.1.164.27/webid1117/MOD/201904/1554367257277.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:40 GMT
etag: "1aed7-5e65293818900"
accept-ranges: bytes
content-length: 110295
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/source/202207/2376161827707010wap.jpg
128.1.164.27200 OK 118 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/source/202207/2376161827707010wap.jpg
IP 128.1.164.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x800, components 3\012- data
Size 118 kB (118382 bytes)
Hash 162e87e9549545e6ebc9f975218412e4
ea83a36c42b093fb13d644ff04525f07dbee3606
dfcf83a5b9a651a5f8be266d26b6a343ce2437fe974af61362e102df805c4fd0
GET /muploadfiles/128.1.164.27/webid1117/source/202207/2376161827707010wap.jpg HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:39 GMT
etag: "1ce6e-5e652937246c0"
accept-ranges: bytes
content-length: 118382
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/jpeg
X-Firefox-Spdy: h2
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/source/202207/1279416182770704wap.jpg
128.1.164.27200 OK 131 kB URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/source/202207/1279416182770704wap.jpg
IP 128.1.164.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x800, components 3\012- data
Size 131 kB (131236 bytes)
Hash 7e807d286ed2ce664c7a49f8b2e77666
e3b06a1d209715c6d0b821209f886e24c040eff8
5792ad2a9bd2e77917a7378cc2f8342a4ef48c67ec5421a8ba88ea6d3a105ee1
GET /muploadfiles/128.1.164.27/webid1117/source/202207/1279416182770704wap.jpg HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:39 GMT
etag: "200a4-5e652937246c0"
accept-ranges: bytes
content-length: 131236
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/jpeg
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/fonts/fontawesome-webfont.woff2?v=4.7.0
128.1.164.27200 OK 77 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 128.1.164.27:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://wap.hechangmachinery.com/Tpl/demo5/css/fontawesome-all.min.css
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:51 GMT
etag: "12d68-577c8b36d42c0"
accept-ranges: bytes
content-length: 77160
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: font/woff2
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/fonts/roboto/Roboto-Regular.woff2
128.1.164.27200 OK 49 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/fonts/roboto/Roboto-Regular.woff2
IP 128.1.164.27:0
File type Web Open Font Format (Version 2), TrueType, length 49236, version 1.0\012- data
Hash 2751ee43015f9884c3642f103b7f70c9
ed1558b0541f5e01ce48c7db1588371b990eec19
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/fonts/roboto/Roboto-Regular.woff2 HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://wap.hechangmachinery.com/Tpl/demo5/css/materialize.min.css
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:54 GMT
etag: "c054-577c8b39b0980"
accept-ranges: bytes
content-length: 49236
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: font/woff2
X-Firefox-Spdy: h2
yun.one-all.com//muploadfiles/128.1.164.27/webid1117/uploadimage/201912/3211575856755473.jpg
47.97.165.200404 Not Found 3 B URL HTTP/1.1 yun.one-all.com//muploadfiles/128.1.164.27/webid1117/uploadimage/201912/3211575856755473.jpg
IP 47.97.165.200:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
GET //muploadfiles/128.1.164.27/webid1117/uploadimage/201912/3211575856755473.jpg HTTP/1.1
Host: yun.one-all.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 11:42:38 GMT
Server: Apache
X-Frame-Options: AllowAll
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
X-Download-Options: value
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: unsafe-url
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 03 Nov 2015 03:29:46 GMT
ETag: "3-5239a815f5e80"
Accept-Ranges: bytes
Content-Length: 3
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=200
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21140
Expires: Thu, 05 Jan 2023 17:34:58 GMT
Date: Thu, 05 Jan 2023 11:42:38 GMT
Connection: keep-alive
wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/6021552993523786.png
128.1.164.27200 OK 503 B URL HTTP/2 wap.hechangmachinery.com/muploadfiles/128.1.164.27/webid1117/uploadimage/201903/6021552993523786.png
IP 128.1.164.27:0
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
GET /muploadfiles/128.1.164.27/webid1117/uploadimage/201903/6021552993523786.png HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 16 Aug 2022 02:33:40 GMT
etag: "b9d9-5e65293818900"
accept-ranges: bytes
content-length: 47577
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: image/png
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ce88a04d7f32ce0497bd84db44da8d4
761049019c342553004815ea394dcf282f2cc613
038aa4e5da1428524de833071814998d6c1d8b8b60d4e9c10e60d8a75f7b88fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5601
x-amzn-requestid: 54813ea9-9435-4355-910b-5b4d1eadf2ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGlhgHU1oAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b282d6-17e772ae5b70371367792063;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:08:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pigrktUzOcu_-Z-HnUPOnmF7yhHIdOv9bB9x7VVONHr7YZXwZAEvZA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 06:44:19 GMT
age: 17899
etag: "761049019c342553004815ea394dcf282f2cc613"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 41ee9ad4-ddfd-42a5-b66c-167c4bda9153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCvUGHnlIAMFw8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f8e6-4ac2abc739dc4ff640301707;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:07:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QVwr9xaKtzkI-Lnp683K6kKaWfnnmPs0o6HG7PBuAc9QbcMqczguNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 06:16:00 GMT
age: 19598
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7711a1490729319952a150b84e91a5d6
11fda31d48a4df3fd6346d92f45a680f500bff64
e9663e981c6716c243b58ac99549dfbe6dd8371c42d50add46457b5911f63529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11381
x-amzn-requestid: f30a66f8-72cb-44a6-b87d-55d501050dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKzmH6soAMFZOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1b0-6fc1643036a4012935a38bb3;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iJNA1pytmUSUBG4YeU7rcEKCs04k9rPEuQ6o6FP5bWaQ25M7yGrySA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:49:59 GMT
age: 49959
etag: "11fda31d48a4df3fd6346d92f45a680f500bff64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 23:39:12 GMT
age: 43406
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2165a068-222a-4ded-97fd-4b0e851a096a.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2165a068-222a-4ded-97fd-4b0e851a096a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 858fd50b78673524f2ec1b0712d3d0ad
a844d19f9bbc210ea3134b925173e3fb4baa764f
2b9460f2a4a0f0c4662cf847d30f2e5fa2d714a6c39e0eda2ed34294a92c7e7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2165a068-222a-4ded-97fd-4b0e851a096a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2897
x-amzn-requestid: 8c6896e3-ea36-400f-a1df-13dccf6bb211
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3qiFzJIAMF7LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fdc-08198522625baf3c334cf71b;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UMPjRKqLmb6ZuJtWVjdA1nSRBdFfGxen53DbBRs47No6SK02OeKqhg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:51:08 GMT
age: 49890
etag: "a844d19f9bbc210ea3134b925173e3fb4baa764f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3e7735d-7041-4efd-8259-09922584e17d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3e7735d-7041-4efd-8259-09922584e17d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6730605ea953d8e0a3cd57e04d91297
e51e26f367a7da059df9dd0318cfad7b6941245a
013a74eb6f82f90daf91e8cdc87592b9c4f8065215b7aee0d3ba78f6d70a1687
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3e7735d-7041-4efd-8259-09922584e17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10667
x-amzn-requestid: 5e318d3d-5579-4d8c-8112-db0d43f92545
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5aMJGNFoAMFlCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad3d80-1ee997db0db071f366e1190b;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SotovCf1V1OPYGCcd68qGm_KjD8R9UhPVRdNcBtCeriID5jCv1Gufw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 22:02:06 GMT
age: 49232
etag: "e51e26f367a7da059df9dd0318cfad7b6941245a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wap.hechangmachinery.com/Tpl/demo5/fonts/roboto/Roboto-Regular.woff
128.1.164.27200 OK 62 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/fonts/roboto/Roboto-Regular.woff
IP 128.1.164.27:0
File type Web Open Font Format, TrueType, length 61736, version 2.980\012- data
Hash ba3dcd8903e3d0af5de7792777f8ae0d
74734dde8d94e7268170f9b994dedfbdcb5b3a15
2cd6b07b7855716761250290ce3cf447ccc98e793e484294d3fa8ccbb55b016a
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/fonts/roboto/Roboto-Regular.woff HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://wap.hechangmachinery.com/Tpl/demo5/css/materialize.min.css
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks; _gcl_au=1.1.1691128315.1672918948; _ga_CB9ES19SFT=GS1.1.1672918948.1.0.1672918948.0.0.0; _ga=GA1.1.1678842709.1672918948
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:38 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:52:54 GMT
etag: "f128-577c8b39b0980"
accept-ranges: bytes
content-length: 61736
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:38 GMT
vary: Accept-Encoding
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: application/x-font-woff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 229b5d490cc831bc64606e58940d3c7e
28d120b40eeaca79d98bd619756b11c349b6f0bc
f2f2c2c36d50d54d6aed0bda750cd98711686333eaef793d16d0e7f354eba219
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 11:37:29 GMT
expires: Thu, 05 Jan 2023 11:52:29 GMT
cache-control: public, max-age=900
age: 309
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 05 Jan 2023 11:42:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 229b5d490cc831bc64606e58940d3c7e
28d120b40eeaca79d98bd619756b11c349b6f0bc
f2f2c2c36d50d54d6aed0bda750cd98711686333eaef793d16d0e7f354eba219
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 05 Jan 2023 11:42:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ec4eb5276a6872b64135f424c57124
261ffe8ee941a2e48eb12bb5f6e5d6bc0b8e6344
38dc5616ee5568e1714ea7364b2578af0e854599f46e699fa97990bd1154da66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4888
Cache-Control: max-age=89514
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Etag: "63b55f40-1d7"
Expires: Fri, 06 Jan 2023 12:34:32 GMT
Last-Modified: Wed, 04 Jan 2023 11:13:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d8341dbbbc7d0ab790b52dfa6057f3d5
2b54eba0dd7b9f0c4c3c3a66282617b2e17f16ae
edb8a3723cd4fd09904895a4c2face9e5584b22b345da735bddc9a7a49131eae
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 05 Jan 2023 11:42:38 GMT
server: ESF
cache-control: private
content-length: 30949
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk/xfbml.customerchat.js
31.13.72.12200 OK 92 kB URL HTTP/2 connect.facebook.net/en_US/sdk/xfbml.customerchat.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (20877)
Hash 0e0d20595c66871b51d5cc91e7430ad5
33b49676898b0ef548650b1980871755d24bdd31
457b8c16107bdac80d7a7b8ce9260bcf520a58d3026abd463006997e428b6a80
GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 37cd90696d45803ac13b485492a3a5ed
etag: "bda1fbbd306b338936ea0e1b56548e29"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 05 Jan 2023 12:00:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Dg0gWVxmhxtR1cyR50MK1Q==
x-fb-debug: xuwk9Pc7j4K0Sodtx7hKdSuQauFYJvFug6vJWI8281EwfpRrxbPgm1T/jk098lPLytxZNhNk2bLjH5v1t6I5vQ==
priority: u=3,i
content-length: 92425
x-fb-trip-id: 1904183273
date: Thu, 05 Jan 2023 11:42:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
wap.hechangmachinery.com/favicon.ico
128.1.164.27404 Not Found 5.4 kB URL HTTP/2 wap.hechangmachinery.com/favicon.ico
IP 128.1.164.27:0
Hash a9f0b6b36f01575f10ff96707b202972
7c517b1bc36f63e50a3d582f07882a21ff837f43
72770d9658e3734e298107ded2efd2f6d260a0d7902fa253efcf1e0e70021472
GET /favicon.ico HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks; _gcl_au=1.1.1691128315.1672918948; _ga_CB9ES19SFT=GS1.1.1672918948.1.0.1672918948.0.0.0; _ga=GA1.1.1678842709.1672918948
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 05 Jan 2023 11:42:38 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
x-powered-by: ThinkPHP
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3233e07c7d183c3199f168189f9572e0
7b1312903e308fef974eb86e97523f3ca265f453
531e421aa04c9fd4692f7b19f51fd43dc6d9c48fb0ad8eedb0f439bb985b813a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wap.hechangmachinery.com/Tpl/demo5/js/materialize.js
128.1.164.27200 OK 89 kB URL HTTP/2 wap.hechangmachinery.com/Tpl/demo5/js/materialize.js
IP 128.1.164.27:0
Hash e32433d6e7f70adcb74313838d1e404f
411739d400d63a63081650fa49cb9db57d7d1695
f72f898b28494a697e9678c57b3179d2f8a6be4d6dce37519706f33ea917c1ca
Analyzer Verdict Alert fortinet Phishing
GET /Tpl/demo5/js/materialize.js HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
last-modified: Tue, 09 Oct 2018 09:53:00 GMT
etag: "4b72c-577c8b3f69700-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 04 Feb 2023 11:42:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: application/javascript
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-CB9ES19SFT>m=2oebu0&_p=701628109&cid=1678842709.1672918948&ul=en-us&sr=1280x1024&_s=1&sid=1672918948&sct=1&seg=0&dl=https%3A%2F%2Fwap.hechangmachinery.com%2Fproduct_detail%2Fid%2F14660&dt=high%20quality%20super%20mute%20Terminal%20crimping%20machine-Hechang%20machinery&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-CB9ES19SFT>m=2oebu0&_p=701628109&cid=1678842709.1672918948&ul=en-us&sr=1280x1024&_s=1&sid=1672918948&sct=1&seg=0&dl=https%3A%2F%2Fwap.hechangmachinery.com%2Fproduct_detail%2Fid%2F14660&dt=high%20quality%20super%20mute%20Terminal%20crimping%20machine-Hechang%20machinery&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-CB9ES19SFT>m=2oebu0&_p=701628109&cid=1678842709.1672918948&ul=en-us&sr=1280x1024&_s=1&sid=1672918948&sct=1&seg=0&dl=https%3A%2F%2Fwap.hechangmachinery.com%2Fproduct_detail%2Fid%2F14660&dt=high%20quality%20super%20mute%20Terminal%20crimping%20machine-Hechang%20machinery&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wap.hechangmachinery.com
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wap.hechangmachinery.com
date: Thu, 05 Jan 2023 11:42:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4236362fd06f1b39f04de08b2e030f18
558bf95a990021d5ff7751cb9b9c359428bc79f4
85b693496bf914f545e314238ef1a7a1396a36a7395ee5599a928d371fe39485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/MIncfWcewvk/sddefault.webp
142.250.74.118200 OK 20 kB URL HTTP/2 i.ytimg.com/vi_webp/MIncfWcewvk/sddefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45da604740d5b5c1fc6e6e63360c1df7
ff9699d67c983c48bfeb1546adef3cd08ec103cb
962f0e02c673a9defce390de0cbe56efcc137e3544e18013fc48fba5e9bf520a
GET /vi_webp/MIncfWcewvk/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20492
date: Thu, 05 Jan 2023 11:42:38 GMT
expires: Thu, 05 Jan 2023 13:42:38 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_rdBDOgD0utg2xLiAvnW5kpKCo_bHgdVLPnj1-=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_rdBDOgD0utg2xLiAvnW5kpKCo_bHgdVLPnj1-=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 8546090040896b1e7ca2e33caee88f3b
f9953c58e1c6a7456c6dc6dd2edf87de716beb8e
15b1a2621ef1fb5271210a53b886c2b5d9c542a611d089848ea85ee7f3573788
GET /ytc/AMLnZu_rdBDOgD0utg2xLiAvnW5kpKCo_bHgdVLPnj1-=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v32"
expires: Fri, 06 Jan 2023 11:42:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 11:42:38 GMT
server: fife
content-length: 4115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3233e07c7d183c3199f168189f9572e0
7b1312903e308fef974eb86e97523f3ca265f453
531e421aa04c9fd4692f7b19f51fd43dc6d9c48fb0ad8eedb0f439bb985b813a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4236362fd06f1b39f04de08b2e030f18
558bf95a990021d5ff7751cb9b9c359428bc79f4
85b693496bf914f545e314238ef1a7a1396a36a7395ee5599a928d371fe39485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 05 Jan 2023 11:42:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ebbc847992865d69fdc5e6935bed6adf
2dfcd01cfb4fc49e1ec9cd132c5c8a763d49c088
27e5d8e61efb4011e97ffb6129956afd2921f70e78b2ee89904e2b41e374d55d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1350
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 05 Jan 2023 11:42:39 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-122652084-27&cid=1678842709.1672918948&jid=401889688&gjid=1556164917&_gid=1898309860.1672918949&_u=YADAAEAAAAAAACAAIAB~&z=823917954
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-122652084-27&cid=1678842709.1672918948&jid=401889688&gjid=1556164917&_gid=1898309860.1672918949&_u=YADAAEAAAAAAACAAIAB~&z=823917954
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-122652084-27&cid=1678842709.1672918948&jid=401889688&gjid=1556164917&_gid=1898309860.1672918949&_u=YADAAEAAAAAAACAAIAB~&z=823917954 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://wap.hechangmachinery.com
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://wap.hechangmachinery.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 11:42:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-122652084-27&cid=1678842709.1672918948&jid=401889688&_u=YADAAEAAAAAAACAAIAB~&z=2013294054
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-122652084-27&cid=1678842709.1672918948&jid=401889688&_u=YADAAEAAAAAAACAAIAB~&z=2013294054
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-122652084-27&cid=1678842709.1672918948&jid=401889688&_u=YADAAEAAAAAAACAAIAB~&z=2013294054 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 11:42:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6755de1629f6b2581276d523a9d0504f
80dcdc5582ae221a35d13bf3f72ce74874da3fdb
7a8476d412250df62d5aa62caf6fde512846fab97dacac7c8ffc9c79751a2c0c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 11:42:39 GMT
Last-Modified: Thu, 05 Jan 2023 03:30:35 GMT
ETag: "63b6445b-1d7"
Expires: Sat, 07 Jan 2023 03:30:35 GMT
Cache-Control: max-age=143276
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672918959
Via: cache20.l2de2[23,23,200-0,M], cache20.l2de2[25,0], cache5.se1[46,45,200-0,M], cache5.se1[47,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 11:42:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916729189596455207e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6755de1629f6b2581276d523a9d0504f
80dcdc5582ae221a35d13bf3f72ce74874da3fdb
7a8476d412250df62d5aa62caf6fde512846fab97dacac7c8ffc9c79751a2c0c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 11:42:39 GMT
Last-Modified: Thu, 05 Jan 2023 03:30:35 GMT
ETag: "63b6445b-1d7"
Expires: Sat, 07 Jan 2023 03:30:35 GMT
Cache-Control: max-age=143276
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672918959
Via: cache19.l2de2[24,24,200-0,M], cache19.l2de2[25,0], cache8.se1[47,46,200-0,M], cache8.se1[48,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 11:42:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16729189596425838e
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 11:42:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pv.sohu.com/cityjson?ie=utf-8
211.152.136.86200 OK 72 B URL HTTP/1.1 pv.sohu.com/cityjson?ie=utf-8
IP 211.152.136.86:0
File type Unicode text, UTF-8 text, with no line terminators
Hash a602ac9d03cffedc03fa841c9a12df5a
e42f39093e29f5c6c7aad8a973d69035e860659e
f5d09365810dd11ef1204b35bfede3158a07d5592a9c9cfa449dd534f9964aa9
GET /cityjson?ie=utf-8 HTTP/1.1
Host: pv.sohu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 11:42:39 GMT
Content-Type: text/plain;charset=utf-8
Server: nginx/1.0.15
X-Cache-Lookup: Cache Miss, Cache Miss, Cache Miss, Cache Miss
Content-Length: 72
Accept-Ranges: bytes
X-NWS-LOG-UUID: 15249541656972035502
Connection: keep-alive
wap.hechangmachinery.com/product_detail/id/14660
128.1.164.27200 OK 0 B URL HTTP/2 wap.hechangmachinery.com/product_detail/id/14660
IP 128.1.164.27:0
Analyzer Verdict Alert fortinet Phishing
GET /product_detail/id/14660 HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:37 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
x-powered-by: ThinkPHP
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
set-cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks; path=/; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
www.youtube.com/embed/MIncfWcewvk
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/MIncfWcewvk
IP 142.250.74.174:0
GET /embed/MIncfWcewvk HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wap.hechangmachinery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 05 Jan 2023 11:42:37 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Y2Cyf-6xEhM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=JosB342WxE8; Domain=.youtube.com; Expires=Tue, 04-Jul-2023 11:42:37 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+498; expires=Sat, 04-Jan-2025 11:42:37 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/www-player.css
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/www-player.css
IP 142.250.74.174:0
GET /s/player/e5f6cbd5/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/MIncfWcewvk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49906
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 20:24:17 GMT
expires: Wed, 03 Jan 2024 20:24:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/css
age: 141500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js
IP 142.250.74.174:0
GET /s/player/e5f6cbd5/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/MIncfWcewvk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 610118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 20:38:25 GMT
expires: Wed, 03 Jan 2024 20:38:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 140652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wap.hechangmachinery.com/statistics
128.1.164.27200 OK 0 B URL HTTP/2 wap.hechangmachinery.com/statistics
IP 128.1.164.27:0
Analyzer Verdict Alert fortinet Phishing
POST /statistics HTTP/1.1
Host: wap.hechangmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wap.hechangmachinery.com/product_detail/id/14660
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 163
Origin: https://wap.hechangmachinery.com
Connection: keep-alive
Cookie: PHPSESSID=qcg8ju8en0mmcn12aj927guoks; _gcl_au=1.1.1691128315.1672918948
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 11:42:38 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: AllowAll
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-download-options: value
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: unsafe-url
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;
access-control-allow-origin: *, https://wap.hechangmachinery.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2