Report - wal-valley.com/

Report Overview

Submitted URL
wal-valley.com/
IP
121.5.158.166
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited
Submitted
2022-09-20 03:45:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
wal-valley.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	766 B	816 B	121.5.158.166
statuse.digitalcertvalidation.com	16484	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	644 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.230.192
www.wal-valley.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	4.1 MB	121.5.158.166
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	38 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-20	medium	wal-valley.com/	Phishing
2022-09-20	medium	www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2	Phishing
2022-09-20	medium	www.wal-valley.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Phishing
2022-09-20	medium	www.wal-valley.com/	Phishing
2022-09-20	medium	wal-valley.com/	Phishing
2022-09-20	medium	www.wal-valley.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.wal-valley.com/wp-content/themes/huagu/js/dobxslider.js?ver=6.0.2	4.5 kB	2023-03-07	2023-03-07
Pretty URL www.wal-valley.com/wp-content/themes/huagu/js/dobxslider.js?ver=6.0.2 IP 121.5.158.166 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:49 Last Seen2023-03-07 21:34:49 Times Seen1 Hash 9d6ed1a64572a8ca91fb329cfbd9c0d6 64175a9caa3aca4a5d20506de420f647ae56798b 69ac6d924aabf74fbde2fc3d4a1eaf2aa362c1e4f62a4f6238ccdd7a9ab7212a Loading...

	www.wal-valley.com/wp-content/themes/huagu/js/tool.js?ver=6.0.2	290 B	2023-03-07	2023-03-07
Pretty URL www.wal-valley.com/wp-content/themes/huagu/js/tool.js?ver=6.0.2 IP 121.5.158.166 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:49 Last Seen2023-03-07 21:34:49 Times Seen1 Hash 0e3d0e97177ea2dafb7ef15298bc96b1 3481d08dc409004513be25b5246ef77aeb85244c 91130a9c188cf7f17837fbfafa9810e124a7815ec083eb8761d1fe926cc982a4 Loading...

	www.wal-valley.com/	2.2 kB	2023-03-07	2023-03-07
Pretty URL www.wal-valley.com/ IP 121.5.158.166 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:49 Last Seen2023-03-07 21:34:49 Times Seen1 Hash ef011f7d64e97fbe85f83e3b5caf3b8a dab36bb647ca5f2f42681c35b3aaaee40b367774 2a133d5d376e7a18616d4d05b6f47b653be3e28a994ad2da6476ba2d5694054a Loading...

	www.wal-valley.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-17
Pretty URL www.wal-valley.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 121.5.158.166 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-17 22:14:13 Times Seen31722 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.wal-valley.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-17
Pretty URL www.wal-valley.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 121.5.158.166 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-17 22:14:13 Times Seen68463 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.wal-valley.com/wp-content/themes/huagu/js/jquery.bxslider.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-09
Pretty URL www.wal-valley.com/wp-content/themes/huagu/js/jquery.bxslider.min.js?ver=6.0.2 IP 121.5.158.166 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:49 Last Seen2024-04-09 15:51:17 Times Seen333 Hash b860635957ed570deb2cf994bd9a4913 f436db7bcccd473aac7a1e48f8b17157516c8cbd cd70bb1d6baa27c8bef116f4ebc43cec49be7a06af1e59635870a651376918ed Loading...

	www.wal-valley.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-17
Pretty URL www.wal-valley.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-17 08:02:08 Times Seen37986 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

HTTP Transactions (65)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 03:13:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VjCr6IpCnB4Y6fpbIU2_s0l0RfFtnKOHumdjmZwIXrSAzjBdvonrXA==
Age: 1916

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2593
Expires: Tue, 20 Sep 2022 04:28:12 GMT
Date: Tue, 20 Sep 2022 03:44:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pEJcngpB92Z_xiaLJVeV62_mJdKRHPvOG34xPqNlV0Xhc69nGhbV0w==
age: 83386
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:44:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

wal-valley.com/

121.5.158.166

301 Moved Permanently

162 B

URL HTTP/1.1
wal-valley.com/
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://wal-valley.com/
Strict-Transport-Security: max-age=31536000

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 03:03:22 GMT
Expires: Tue, 20 Sep 2022 03:51:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cHwGEytla-JpT1AIw-qv2a6JzK2kX8khcIFD4qacNBxjJD83yvAZuQ==
Age: 2497

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4634
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 03:45:00 GMT
Last-Modified: Tue, 20 Sep 2022 02:27:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

statuse.digitalcertvalidation.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
statuse.digitalcertvalidation.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0893019da6164b042c9418cb6622a1c5
f02e13cbf7a9d4700659c4ea5fbc4278d92bfb5f
f2efd9c09df587400f53e2dd150f96c2788cbd24943e9554c1ac08194fafe1e2

HTTP Headers

POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 03:45:00 GMT
Server: ECS (amb/6B83)
Content-Length: 471

push.services.mozilla.com/

35.161.230.192

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.230.192:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MDMuY+ShvV04j9V7v46UPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JKVh9IUeWDsj7lX6w6hNkHMAMfU=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 20 Sep 2022 05:23:38 GMT
Date: Tue, 20 Sep 2022 03:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 20 Sep 2022 05:23:38 GMT
Date: Tue, 20 Sep 2022 03:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 20 Sep 2022 05:23:38 GMT
Date: Tue, 20 Sep 2022 03:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 20 Sep 2022 05:23:38 GMT
Date: Tue, 20 Sep 2022 03:45:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9873 bytes)
Hash
7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 20117
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5402 bytes)
Hash
5f4438521bfdc6871ae384abcb7da547
a17fc7a7c30999b8789011c2064f5a8704b00eee
2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 0442580c-9024-46b1-8ad5-5c7e8d35371d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfMALHT2oAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322c067-254ecd9003455f090f7d5ef9;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 06:04:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y4IeHZWMs_JdT2dG8d3BNqpxvU3lcYDsXub1CuCoVBxzTPsjuU_5Ww==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 18:11:38 GMT
age: 34403
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2

121.5.158.166

200 OK

11 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
data
Size
11 kB (11284 bytes)
Hash
8fcf0c242b2fc3f96385fe88531a799e
54f211bc46b9d8e3011cc7c26b99f146b5035e79
b37a38a53b257994c60fddd673d4caf02815a02541784996f2ad0b22cdd30e27

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/huagu/style.css?ver=6.0.2 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 08:37:45 GMT
vary: Accept-Encoding
etag: W/"62f8b459-3ab3"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.wal-valley.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

121.5.158.166

200 OK

26 kB

URL HTTP/2
www.wal-valley.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
data
Size
26 kB (26121 bytes)
Hash
772f8922cf5b0eed39ce5fc07cbe0596
07aa88cf0f7df897f3411fbac0c3faf0f4863582
28569b72bf00fdbc7282c0bfbb4042ab0123c9f8af0936a5de9a6f1941011c4f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 04:25:54 GMT
vary: Accept-Encoding
etag: W/"6312d752-15b64"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf62dac-1ffa-4daa-b23e-b3be303c9660.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5827 bytes)
Hash
29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf62dac-1ffa-4daa-b23e-b3be303c9660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 9a4bb6fa-13e5-4271-a5be-c551a570a5d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugoqHKbIAMF9WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e16a-53ccce5d5ab40afc1d0901af;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m_-3SrgDfwcLY1kI5UKd2rrKapa8I3AwVwi-le2zWh40lt-GfIbNIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:08:56 GMT
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
age: 20165
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (2951 bytes)
Hash
1e8175cd370c35ad06cb2d009c3f7095
4f71cdda787ce98a58f2fe9ce8ba2e7ec7b150d2
649f5309448c163e4d379f02c4af8d9b6801935eea1939c61c010b7f76af1591

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2951
x-amzn-requestid: 087a36dd-984f-49d1-8a37-b357967e67ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugIiH7KoAMF5uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09c-38b316cc31454446524f7b01;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eaJ3KQP30-QAP5UBuWX8BEjGmcp_cJgDVeIfQoU2c0U_WQzb1x-t5A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:27 GMT
age: 20134
etag: "4f71cdda787ce98a58f2fe9ce8ba2e7ec7b150d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/js/tool.js?ver=6.0.2

121.5.158.166

200 OK

290 B

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/js/tool.js?ver=6.0.2
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
ASCII text, with CRLF line terminators
Size
290 B (290 bytes)
Hash
0e3d0e97177ea2dafb7ef15298bc96b1
3481d08dc409004513be25b5246ef77aeb85244c
91130a9c188cf7f17837fbfafa9810e124a7815ec083eb8761d1fe926cc982a4

HTTP Headers

GET /wp-content/themes/huagu/js/tool.js?ver=6.0.2 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: application/javascript
content-length: 290
last-modified: Sat, 06 Nov 2021 02:08:22 GMT
etag: "6185e396-122"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/logo.png

121.5.158.166

200 OK

15 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/logo.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 260 x 39, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15096 bytes)
Hash
7468f68bf11120414b9009e992419621
de34b6a5dbb4df8dc46aca822e209602e6ba5674
521a902dc7efd040b1b0532bb996b1f758f9067c6bb9942f533dbf60710231ed

HTTP Headers

GET /wp-content/themes/huagu/images/logo.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 15096
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-3af8"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/xinwen.jpg

121.5.158.166

200 OK

3.8 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/xinwen.jpg
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 148x100, components 3\012- data
Size
3.8 kB (3848 bytes)
Hash
eb24d9cc2713e8c8321df961f087963e
97374bb67e9d8270b2156e517f8a2b3ac6132ce0
444bd2ae9699b77df823899a06b85f02af9134f16ccf54b6087efa8d65a952b0

HTTP Headers

GET /wp-content/themes/huagu/images/xinwen.jpg HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/jpeg
content-length: 3848
last-modified: Sat, 03 Sep 2022 04:33:37 GMT
etag: "6312d921-f08"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/filmcap-150x120.png

121.5.158.166

200 OK

14 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/filmcap-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13560 bytes)
Hash
eec487ab18c5df2ee79487daef9bf442
3877ec19b6c602350ecc8cf0db4a74926ac9ca33
088b5d15900f79ced96a9c0df4f88fe7c51f039c7abf49e2b4f094fd5b2c8bc0

HTTP Headers

GET /wp-content/uploads/2021/10/filmcap-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 13560
last-modified: Fri, 22 Oct 2021 13:34:49 GMT
etag: "6172bdf9-34f8"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/faladianrong-DX-150x120.png

121.5.158.166

200 OK

9.0 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/faladianrong-DX-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (8993 bytes)
Hash
c9c5f27e9c68be73a6b7b17c36f5fb5f
f4715571e302ba1820190cc1b52f296c8ccd54cd
ad18faf9d963ab48fd1382eecf0b0f603c3ba46aa400288016b454f44908c51f

HTTP Headers

GET /wp-content/uploads/2021/10/faladianrong-DX-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 8993
last-modified: Fri, 22 Oct 2021 13:30:22 GMT
etag: "6172bcee-2321"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/yamindianzu-150x120.png

121.5.158.166

200 OK

12 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/yamindianzu-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12521 bytes)
Hash
40a90cef8265a208309bd2a65a00eef8
49c906e8da1d7a25e7f759851dcecafedf60f764
e6dade597934f41100b0bbd0ccab358a626ca480b15db0d63457f93c665cb2bb

HTTP Headers

GET /wp-content/uploads/2021/10/yamindianzu-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 12521
last-modified: Sat, 16 Oct 2021 08:39:42 GMT
etag: "616a8fce-30e9"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/mcu-150x120.png

121.5.158.166

200 OK

7.8 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/mcu-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
7.8 kB (7814 bytes)
Hash
aeeee50743c07bda6d5b0dee9c3d6b82
6d7f6d8aa426c1478a20cd8c9d62f1ae2a6e1d03
85ce969cd187d47cf7155d76605d8149a512300e98df36f70adf722327895406

HTTP Headers

GET /wp-content/uploads/2021/10/mcu-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 7814
last-modified: Sat, 16 Oct 2021 08:35:44 GMT
etag: "616a8ee0-1e86"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/sanjiguan-150x120.png

121.5.158.166

200 OK

5.5 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/sanjiguan-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5537 bytes)
Hash
034e4cb64b005758479caa57455e9a22
5ee054ecb7152a00a2b98091b4963f0fed00a755
42ad988d1f7397d47941a6bb35462c554840282b6fbfea11aeb09754cc8580ba

HTTP Headers

GET /wp-content/uploads/2021/10/sanjiguan-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 5537
last-modified: Sat, 16 Oct 2021 09:17:30 GMT
etag: "616a98aa-15a1"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/jingzhen-150x120.png

121.5.158.166

200 OK

14 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/jingzhen-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14173 bytes)
Hash
c4829143bb6f3856862ff62b8556f5ae
62019c32efd9c9aa984f5fde6b79529e4a5501a9
bab688069b427919a85d61767e69c096e51158ef01b2ab862d6f20b756688208

HTTP Headers

GET /wp-content/uploads/2021/10/jingzhen-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 14173
last-modified: Fri, 22 Oct 2021 13:46:52 GMT
etag: "6172c0cc-375d"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/gonglvdiangan-150x120.png

121.5.158.166

200 OK

16 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/gonglvdiangan-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16381 bytes)
Hash
6ae40209f1b0511429849b275e1a183a
385546305580a53e8f2b0c9ca008d8fc3fbf52ec
b7fe9dbd951048a43464273167e0f3472b6972fa08140e33812fa7e387b41afe

HTTP Headers

GET /wp-content/uploads/2021/10/gonglvdiangan-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 16381
last-modified: Sat, 16 Oct 2021 12:32:44 GMT
etag: "616ac66c-3ffd"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/mlci-150x120.png

121.5.158.166

200 OK

14 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/mlci-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13871 bytes)
Hash
d8930163dd44fc013f4ee14ffeaeee64
ca9b380c44d27837de5d07bda57eef4b23bfe9d5
497168d7109288d0f993591327ee8ec46752827dab5124f81c5356c4f9569d67

HTTP Headers

GET /wp-content/uploads/2021/10/mlci-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 13871
last-modified: Sat, 23 Oct 2021 11:28:13 GMT
etag: "6173f1cd-362f"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/faladianrong-150x120.png

121.5.158.166

200 OK

15 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/faladianrong-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14619 bytes)
Hash
9abb3fb942fe2b7b4fba491539beaf52
205c80fb9265a407ea1a3b314a97ac8431bf579f
c19241498b62e3264c9b54475880663de645c3244e0b767305adc6bc0bcfcbac

HTTP Headers

GET /wp-content/uploads/2021/10/faladianrong-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 14619
last-modified: Sat, 16 Oct 2021 12:41:36 GMT
etag: "616ac880-391b"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/mlcc-150x120.png

121.5.158.166

200 OK

20 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/mlcc-150x120.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19969 bytes)
Hash
9edb82701b4d03b2dcaeef9b2e4002c6
07bf35ea555524aaef447b619e3877a9f506b325
efbd5e47f19a658cece64471bfcff238fc27e0521c6ff724852087c6f2cbbbd6

HTTP Headers

GET /wp-content/uploads/2021/10/mlcc-150x120.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 19969
last-modified: Sat, 23 Oct 2021 11:27:14 GMT
etag: "6173f192-4e01"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/fengexian.png

121.5.158.166

200 OK

2.7 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/fengexian.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 2 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2745 bytes)
Hash
0b6a80e79d05d63d9f11755fd6762dae
fcd3a019a8d1c54f33691eb21ecd8139d05a286a
beb7648497a1fb01eed3998e150f059d2089f324bf55edb857e77d1b55d0d11c

HTTP Headers

GET /wp-content/themes/huagu/images/fengexian.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 2745
last-modified: Sat, 03 Sep 2022 04:33:32 GMT
etag: "6312d91c-ab9"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/search.png

121.5.158.166

200 OK

3.8 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/search.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 241 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3776 bytes)
Hash
983671b0f45f642e2c0735fcaeb51db2
90fb9a078b6496a57fc5252be7d623d5173809a7
70ea96124eac536a258718904a5205bd115added9098f5760ae3677d5402ff35

HTTP Headers

GET /wp-content/themes/huagu/images/search.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 3776
last-modified: Sat, 03 Sep 2022 04:33:34 GMT
etag: "6312d91e-ec0"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/module.png

121.5.158.166

200 OK

4.6 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/module.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 1201 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4649 bytes)
Hash
9b09c3aff5f5876c14a386411fd74944
cde4eff3e0e85055cdd94161bd3ec829ad73d4ab
297dc6446013e999865925da6cf4e65c781b45e5395a83da548a042abfaaac63

HTTP Headers

GET /wp-content/themes/huagu/images/module.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 4649
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-1229"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/more.png

121.5.158.166

200 OK

3.1 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/more.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 32 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3132 bytes)
Hash
db7efc7893576cfa74c9b80864c30a74
394cd84c5e985e85c56c7cbf655d6e57f5ae6ac9
04d04ad4ba969f4f07ab3547e50fe7b5d7450f350ba1e9e1f7c9d7f8278d73b0

HTTP Headers

GET /wp-content/themes/huagu/images/more.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 3132
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-c3c"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/yuandian.png

121.5.158.166

200 OK

2.8 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/yuandian.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2765 bytes)
Hash
fb5bda5717b3a71adf42e4826b57e4c9
b25436450691b31430d36721c76741734668382e
a94e65fac754ccff583adefb9a879b2c5e3de0954aa27aa3d91c4f39f5d44428

HTTP Headers

GET /wp-content/themes/huagu/images/yuandian.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 2765
last-modified: Sat, 03 Sep 2022 04:33:37 GMT
etag: "6312d921-acd"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/

121.5.158.166

200 OK

13 kB

URL HTTP/2
www.wal-valley.com/
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
data
Size
13 kB (13154 bytes)
Hash
1936f4a26f7c3556cb7d8d6eef5f35ac
49fae940db1b6657a3e58332f518e609b0b05220
2b24e10134c07249452c56111e41453d0e995764269d3f1b2643e76cfb60ace6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.wal-valley.com/index.php?rest_route=/>; rel="https://api.w.org/"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/controls.png

121.5.158.166

404 Not Found

146 B

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/controls.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/themes/huagu/images/controls.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/wp-content/themes/huagu/style.css?ver=6.0.2
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/yingyong-1.png

121.5.158.166

200 OK

43 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/yingyong-1.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 142 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42847 bytes)
Hash
fd2c8a14e98a1dcb50656e58cdea4caa
4585ba7e1d7a6ee5a7d72104859b94be9839ec1f
d22b18bb49cedd171c2e94f9d97a19fb8de46979030fda5c89c05b7d9e555eb7

HTTP Headers

GET /wp-content/themes/huagu/images/yingyong-1.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 42847
last-modified: Sat, 03 Sep 2022 04:33:37 GMT
etag: "6312d921-a75f"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/yingyong-2.png

121.5.158.166

200 OK

18 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/yingyong-2.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 142 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18265 bytes)
Hash
0ef3974fe27481c1bf4def44b1127b04
1aea5ceace8c4575a152cbea74520302d7b758fe
dab3cc7a1b5f47e1cf21bcc2d91571caf7f806d356b028f336fbf6fe8bcc6b16

HTTP Headers

GET /wp-content/themes/huagu/images/yingyong-2.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 18265
last-modified: Sat, 03 Sep 2022 04:33:37 GMT
etag: "6312d921-4759"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/yingyong-3.png

121.5.158.166

200 OK

17 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/yingyong-3.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 142 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16696 bytes)
Hash
444368b95243a6b876fa3a6fcaba4fa6
a3dda9dfe3228cf1ff24bd81e010966520f24489
8fc676db87bd50c372fd30ecbb47b7cee45237af15ad0718273ad524bfd150d5

HTTP Headers

GET /wp-content/themes/huagu/images/yingyong-3.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 16696
last-modified: Sat, 03 Sep 2022 04:33:37 GMT
etag: "6312d921-4138"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/yingyong-4.png

121.5.158.166

200 OK

30 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/yingyong-4.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 142 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (29949 bytes)
Hash
df04c6f3c04251db9760f3bdaf2ca022
420f63b112d9f607ad1b09a7797ba942cff5b637
71216ab3e1e9efa88a480e4eafe136b43a9b6fff9afecd33602bdaf6cb86c6c4

HTTP Headers

GET /wp-content/themes/huagu/images/yingyong-4.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 29949
last-modified: Sat, 03 Sep 2022 04:33:37 GMT
etag: "6312d921-74fd"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/pinpai-1.png

121.5.158.166

200 OK

13 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/pinpai-1.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 189 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12968 bytes)
Hash
f35d342d30064ab2f77ea9703047d329
16e6b9487ddd4997f5cdc0ff0d638886ca519048
e34a93f99ee1409f02389145fcfee3eaf3e5140d666c9a4e4dc000910ed96607

HTTP Headers

GET /wp-content/themes/huagu/images/pinpai-1.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 12968
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-32a8"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/pinpai-2.png

121.5.158.166

200 OK

5.9 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/pinpai-2.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 189 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5854 bytes)
Hash
1096a06c39d01d9f8407b865ce1349d1
22c34fbaff9e7ab09e5ef4050b5083a94135bafe
e07df2afe6232e76dcaf5b9ea78d54239c3c15d3cd0eedd3f782f9a646a73f95

HTTP Headers

GET /wp-content/themes/huagu/images/pinpai-2.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 5854
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-16de"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/pinpai-3.png

121.5.158.166

200 OK

7.3 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/pinpai-3.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 189 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7327 bytes)
Hash
b162236e9aecad7cb2de7c7b815c2432
151a7ee12983c4cbff676b13aa46bb61a6850054
e23f7b2c2ba02f83afe992c5c3447ad34aec6fbb6448faa746f39b2b53cebd32

HTTP Headers

GET /wp-content/themes/huagu/images/pinpai-3.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 7327
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-1c9f"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/pinpai-4.png

121.5.158.166

200 OK

14 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/pinpai-4.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 189 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14272 bytes)
Hash
203a7fdaa23bcaff37f85b30f8a69745
fae3a8888be48a25ddc7cbd4edefe21bccbb696c
62ade679f1841212361c77100b0ac57aec633a47ec349c023c29ce874f9ad9c4

HTTP Headers

GET /wp-content/themes/huagu/images/pinpai-4.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 14272
last-modified: Sat, 03 Sep 2022 04:33:34 GMT
etag: "6312d91e-37c0"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/pinpai-5.png

121.5.158.166

200 OK

11 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/pinpai-5.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 189 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10674 bytes)
Hash
2f9422bbef2a135e3aa0ab2f616efbcd
7fb59cd621b96c14cdcb38b419aa899807dbcecd
4d9206413b17026069341c9da9fb6a6cecedfe02db4fa0e27f573173eb95cc68

HTTP Headers

GET /wp-content/themes/huagu/images/pinpai-5.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 10674
last-modified: Sat, 03 Sep 2022 04:33:34 GMT
etag: "6312d91e-29b2"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/pinpai-6.png

121.5.158.166

200 OK

7.9 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/pinpai-6.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 189 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7889 bytes)
Hash
2c65c49e4038c62d2da99fe6c2244bf7
7fbb3646731f05621edb16f747a45391df935a5c
8d7db7256169d20b6bf1e91852ec62176cbc9031e598a2e75dd8149083349e58

HTTP Headers

GET /wp-content/themes/huagu/images/pinpai-6.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 7889
last-modified: Sat, 03 Sep 2022 04:33:34 GMT
etag: "6312d91e-1ed1"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/gwbeian.png

121.5.158.166

200 OK

19 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/gwbeian.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19256 bytes)
Hash
d0289dc0a46fc5b15b3363ffa78cf6c7
29c400bc3b89f6085766dac4e0330ded5cb73d52
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

HTTP Headers

GET /wp-content/themes/huagu/images/gwbeian.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 19256
last-modified: Sat, 03 Sep 2022 04:33:33 GMT
etag: "6312d91d-4b38"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/zimaoqu-148x100.png

121.5.158.166

200 OK

39 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/zimaoqu-148x100.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 148 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (38898 bytes)
Hash
d0a73beb511b42ecf3f94bbb611c7ec8
9e7ae67aa3ca12843f61e4443aa6953bcf2536c6
5bcca74eec36f80bb413189538d54c58719c0fb68808597f79fd0154d2b87e2d

HTTP Headers

GET /wp-content/uploads/2021/10/zimaoqu-148x100.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 38898
last-modified: Sat, 23 Oct 2021 07:08:52 GMT
etag: "6173b504-97f2"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/jingzhen-02.png

121.5.158.166

200 OK

20 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/jingzhen-02.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19807 bytes)
Hash
a0e63819a6f7efa9ab2a3500f2411ef3
0f157f041433a543b8e07300b797f76f1f13f37f
7640c888c2258630541271b4e433bc04de701f35dfc82e5897e06f30bca9d4f6

HTTP Headers

GET /wp-content/uploads/2021/10/jingzhen-02.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 19807
last-modified: Mon, 25 Oct 2021 01:56:00 GMT
etag: "61760eb0-4d5f"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/uploads/2021/10/tiepiandianrong.png

121.5.158.166

200 OK

21 kB

URL HTTP/2
www.wal-valley.com/wp-content/uploads/2021/10/tiepiandianrong.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 150 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20684 bytes)
Hash
52f19b8e1f6b529ea8c23dae402b7e62
0124c5b694fa78711898c7c51e2840b9b801f098
e4572d7b59b3cef19079f0cf36ccf0f7282878f39d4feda12d6647a61a82f301

HTTP Headers

GET /wp-content/uploads/2021/10/tiepiandianrong.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 20684
last-modified: Mon, 25 Oct 2021 02:21:13 GMT
etag: "61761499-50cc"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/slider-1.png

121.5.158.166

200 OK

889 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/slider-1.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 1200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
889 kB (888884 bytes)
Hash
642a94a6e57e0bda2bfdff893308c994
17b29c641a4cc10a72cf140f1e6f199085b3ebf6
e0c3974c80889b2078fde42c2b7569df1fdb76084ff6de8ed9352285a3e78feb

HTTP Headers

GET /wp-content/themes/huagu/images/slider-1.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 888884
last-modified: Sat, 03 Sep 2022 04:33:35 GMT
etag: "6312d91f-d9034"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/slider-2.png

121.5.158.166

200 OK

674 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/slider-2.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 1200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
674 kB (674427 bytes)
Hash
2e25278345f5abb6846ebeb7509f87af
b50c022c5c488fccde0b7aef0a866b31d171877d
c8fa1294f73fd259200d1c0bf376c3ec570cb21cd903bd1c11ad61a754f0967e

HTTP Headers

GET /wp-content/themes/huagu/images/slider-2.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 674427
last-modified: Sat, 03 Sep 2022 04:33:35 GMT
etag: "6312d91f-a4a7b"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/slider-3.png

121.5.158.166

200 OK

661 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/slider-3.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 1200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
661 kB (661004 bytes)
Hash
268edd0cf0db2d0faa45ec935f96b253
1d496be95ddd50f135b355fc162462c8f0fcae4d
7ccae1a5a2b4b22ac632fe511af7bf0b76dc8c2969f7ed88b8f226482a1c0660

HTTP Headers

GET /wp-content/themes/huagu/images/slider-3.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 661004
last-modified: Sat, 03 Sep 2022 04:33:35 GMT
etag: "6312d91f-a160c"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/slider-4.png

121.5.158.166

200 OK

539 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/slider-4.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 1200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
539 kB (538752 bytes)
Hash
a0dbd274056909479bd819c21d270598
37c85c268a3c642596ad09753a6f47551e3bc547
9adb18924ca155f0fc429f0a2b41f9fa7251d3a3ae5de923b367e5648e270ac6

HTTP Headers

GET /wp-content/themes/huagu/images/slider-4.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 538752
last-modified: Sat, 03 Sep 2022 04:33:36 GMT
etag: "6312d920-83880"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/images/slider-5.png

121.5.158.166

200 OK

836 kB

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/images/slider-5.png
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
PNG image data, 1200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
836 kB (836140 bytes)
Hash
7cf3bbf0a800ee5087ad23b540d5f6db
f5885d08cfe8676774a984b89236bc5c9054de6a
27eb3f49fd0368ee035f2f753d03f3eebe33d759dc4d4bbe3b9daa8943536b96

HTTP Headers

GET /wp-content/themes/huagu/images/slider-5.png HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: image/png
content-length: 836140
last-modified: Sat, 03 Sep 2022 04:33:36 GMT
etag: "6312d920-cc22c"
expires: Thu, 20 Oct 2022 03:45:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wal-valley.com/favicon.ico

121.5.158.166

404 Not Found

146 B

URL HTTP/2
www.wal-valley.com/favicon.ico
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 20 Sep 2022 03:45:03 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F099b68b9-9e16-49e4-85b1-93b59b2ba2e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8746 bytes)
Hash
f816c646aefe417c3b980f432b98b41f
39c46ac3c49f0e2067aa6937a95839845b372dea
b9d8cb82c21257f9d5b5d82cf12bbf8aff690321f39c26e4a89f8a4d89fb00a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F099b68b9-9e16-49e4-85b1-93b59b2ba2e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8746
x-amzn-requestid: 23ee3cce-0abd-436a-b4d8-a2ad451cbeaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7zElLoAMF0cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-1e03d3ee7a0033dd78620f20;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ChuMpL0m_XtTffIvROFslpQUwz13cx8rKF8UfD3LTfMtHvKKm5VNAQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:08:46 GMT
age: 20182
etag: "39c46ac3c49f0e2067aa6937a95839845b372dea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wal-valley.com/

121.5.158.166

301 Moved Permanently

0 B

URL HTTP/2
wal-valley.com/
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 20 Sep 2022 03:45:00 GMT
content-type: text/html; charset=UTF-8
location: https://www.wal-valley.com/
set-cookie: PHPSESSID=70dp7aj6fjn591e7pr0nl9qg9k; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.wal-valley.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

121.5.158.166

200 OK

0 B

URL HTTP/2
www.wal-valley.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/js/jquery.bxslider.min.js?ver=6.0.2

121.5.158.166

200 OK

0 B

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/js/jquery.bxslider.min.js?ver=6.0.2
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/huagu/js/jquery.bxslider.min.js?ver=6.0.2 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2013 06:46:26 GMT
vary: Accept-Encoding
etag: W/"52394c42-4ab3"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.wal-valley.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

121.5.158.166

200 OK

0 B

URL HTTP/2
www.wal-valley.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding
etag: W/"6048e0ac-15db1"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.wal-valley.com/wp-content/themes/huagu/js/dobxslider.js?ver=6.0.2

121.5.158.166

200 OK

0 B

URL HTTP/2
www.wal-valley.com/wp-content/themes/huagu/js/dobxslider.js?ver=6.0.2
IP
121.5.158.166:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/huagu/js/dobxslider.js?ver=6.0.2 HTTP/1.1
Host: www.wal-valley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wal-valley.com/
Cookie: PHPSESSID=oun6lrs8qrmi0el95t1iqjnmqe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 03:45:01 GMT
content-type: application/javascript
last-modified: Mon, 08 Nov 2021 10:07:47 GMT
vary: Accept-Encoding
etag: W/"6188f6f3-11be"
expires: Tue, 20 Sep 2022 15:45:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (65)

URL HTTP/1.1

IP

ASN

File type

Size