Report - wx.gdcn.workers.dev/

Report Overview

Submitted URL
wx.gdcn.workers.dev/
IP
172.67.178.65
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 17:04:04
Access
public
Website Title
微信公众平台
Final URL
wx.gdcn.workers.dev/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
res.wx.qq.com	12670	1995-05-04	2012-12-11	2024-04-18	13 kB	905 kB	43.152.140.102
wx.gdcn.workers.dev	unknown	unknown	No data	No data	4.1 kB	38 kB	104.21.17.200
badjs.weixinbridge.com	40664	2014-10-23	2017-01-29	2024-04-02	1.1 kB	331 B	223.167.82.188
mp.weixin.qq.com	11188	1995-05-04	2012-11-03	2024-04-02	470 B	189 B	203.205.239.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-19 17:03:37	low	Client IP	104.21.17.200	ET INFO Observed Cloudflare workers.dev Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat
2024-04-19	medium	wx.gdcn.workers.dev/	WeChat

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	wx.gdcn.workers.dev/	5.5 kB	2024-04-19	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:13 Times Seen1 Hash 007a83cf9a0ca3773382139ee58302b7 5ef51cf908321477e1210a09b2f562ce8d09aa1f cd74b50e1046c49f6dd05e55a30d5c26462048f53851c414d4702c0e3b3ed9ea Loading...

	wx.gdcn.workers.dev/	1.5 kB	2023-11-04	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash c065dea3e45ff0da6f3ac175ec4a021a 16314847f01869fb8ca02fef34a00fb751b35a82 88638752ba0fca7b205db848e9e9566e76f93f3199def88d32b4faab66b70268 Loading...

	unknown	205 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 2c8842539777454c45490cee77d14179 09f2f0167e3e18d8ff9b1655dc340f4e8e71caa0 ecf9536c3d3ab3a674878861d2ccb358e058665e211b37e461a95ba7a7858576 Loading...

	res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/base/jserr6d68bf.js	7.8 kB	2024-01-03	2024-04-19
Pretty URL res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/base/jserr6d68bf.js IP 43.152.140.102 ASN #139341 ACE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 17:08:04 Last Seen2024-04-19 19:04:14 Times Seen8 Hash 04f27dac52f2f7511630849d610a3612 6c5cc26206f76ee5c867bf58ae1465d39a755ed6 9bd37a50210fe5298263f9b45f5a68455c9a2a3c3961d6a806d2abcb446dc2fc Loading...

	wx.gdcn.workers.dev/	868 B	2023-11-04	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 56b823939fbe8449a217eea68a418723 1db5cf87e1983ab87e6960112aaee18801b59e1c 32628a854277d0827ac9f2119786f20e8bfd7f9ca1cdaa049c7558ac503161a3 Loading...

	unknown	819 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 3210c982d1d3d465a6e0bba2d0002d4a 862edb611fa2da4614c705c17514738b7305178c 6aac6f75ed98bb94282bdea899417cc76ff8d8aa6680fb8d5a4720e83c503568 Loading...

	unknown	373 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 31fd4610447cf7c3df16a792477f8fc8 58c5ba143c7e9b182292ce393caf50c1b06bd5f8 8d6612313a1b83b591222e1eff5590344cff014c0ddfa6a6a09e29d220e68be1 Loading...

	unknown	111 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 8be438de2762c16fb17d97f2250099c2 25303369daa1974ac318c79587fe0b1cdc65fae9 3f98ac1f90f80cb64b6d24b108bedf8cf2b9af7f1a791f4265fbd42ede6715b6 Loading...

	unknown	1.1 kB	2024-03-10	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-03-10 17:22:14 Last Seen2024-04-19 19:04:13 Times Seen3 Hash 0f374079964a55492b0a83a3533163ba 0ed264e3947a44d3dc3ebd9e30277928e7edc3b1 b5af6cb4cc5af69207438556a80f91439351b7939c90dfa0292a08a7e59757c5 Loading...

	wx.gdcn.workers.dev/	106 B	2023-11-04	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash e90258eece0bfc734888584b1dd38427 36d45fc4c7115781dbe1df1bc21b024cdf4d11e3 1bd263ef5653327f0e1d402426e68e106749e4a88d7d5dcfb2df50c26b9e9b95 Loading...

	wx.gdcn.workers.dev/	9.6 kB	2024-04-19	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:13 Times Seen1 Hash a7b3aa7955eb90f7cfc4fd09dd68f3e1 5f7878c97ba3fbc104b6f1b948475539f31dfaa4 02e8b920305d0837d1d4ee62b6f4957b46e6490936f81f7ffa9479610d207f1c Loading...

	unknown	2.7 kB	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 9e28f0c88c32589732240f2d7eb5afea d409885a6376785d4a0cc642c3d29a1629c2ed0d eb453d8c0a9558e9b83f84611e465dc0808630cebaca1110569216f77de438e4 Loading...

	unknown	1.1 kB	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 0555b18fa741ab3474dde2c7f407f5b7 5c4b161661ac67bd53b4f5429f5568e0b3e2dcf0 10120f5436b52814e7d17a7957995c479b810f1dcec51c44472762f679af2ae8 Loading...

	unknown	17 kB	2024-04-19	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:13 Times Seen1 Hash 042704100e80f97921c47ea4e963ce29 873ed8beba83ef1a63cbf2f6c313ae3380be6adb 98a2302171b4e781545ead63bda22de0ff055ded0964328d28a6c334b4a01cc3 Loading...

	unknown	174 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:13 Times Seen7 Hash 097474e2bed6db5adace4823e3176e15 27a483cedf8bec0402384544010a4d9179965d02 72ce2de888185f97782109223a282359fe66791f07324d99554e498a09bd73f1 Loading...

	unknown	150 B	2024-04-19	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:13 Times Seen1 Hash 38ead800e6d344a7496739fe8190f1b6 27e7ef1f42e246a3faadfbabeda56571e46c1c75 a9eb72e7d777e67583b9781d1f969c36d8214381ba8d8a4052ec360aeef58bc8 Loading...

	res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.f59f377f.js	90 kB	2024-04-19	2024-04-19
Pretty URL res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.f59f377f.js IP 43.152.140.102 ASN #139341 ACE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:14 Times Seen2 Hash f59f377ff1ce8be026ffb1e4da0b51ee 1e7dc5b836504b87ec7dccc0d0c94cf47bc23dd7 b6f14b9725f44f9e92b608b71db4d4a77b1b3a255b90f399a3a42b26eaf18513 Loading...

	res.wx.qq.com/mpres/zh_CN/htmledition/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.38e563a1.js	1.4 MB	2024-04-19	2024-04-19
Pretty URL res.wx.qq.com/mpres/zh_CN/htmledition/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.38e563a1.js IP 43.152.140.102 ASN #139341 ACE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:14 Times Seen2 Hash 38e563a1a1edeb995c1b9a1d75cf27ad 0e40ea81e1c3431cd7fa1a337bc34f7f269e7c74 b66fff0ba725aa8dfdea7b9c899a306abe3dc46513769ef9ac97320d87ec2bf1 Loading...

	res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.f05733b8.js	52 kB	2024-04-19	2024-04-19
Pretty URL res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.f05733b8.js IP 43.152.140.102 ASN #139341 ACE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 19:04:13 Last Seen2024-04-19 19:04:14 Times Seen2 Hash f05733b8be2c5f9f97f0a1de7cd47aa7 1cdf8a6a9a68a0bd91627ad6abaeea17955b5a7e abfbbc80e926c8d1e513bc5feb8e5e43e95470c0ecdd8ac725e8e6861619f6e8 Loading...

	res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/common/badjs6d68bf.js	6.0 kB	2024-01-03	2024-04-19
Pretty URL res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/common/badjs6d68bf.js IP 43.152.140.102 ASN #139341 ACE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 17:08:04 Last Seen2024-04-19 19:04:14 Times Seen8 Hash 350ec2d746d4c583cd7dbdfa51f7e7ba 3ac3198a4b5771102819a39bb3310ece6a87f506 db1f3fe32c32cb10a35f6054bddea907767a85c83dd1a28df1ec6bc7e3ca35ba Loading...

	unknown	228 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:14 Times Seen7 Hash f4e2d38a0a5764c4b5f8db59a6ee7f91 594f60441561829a098612b566425e6b8a0848b2 ed19c32c4840992d0d1db87848815a608979f4dcff5486818485a2357d02a0bd Loading...

	unknown	4.1 kB	2024-04-19	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-19 19:04:14 Last Seen2024-04-19 19:04:14 Times Seen1 Hash 35f2ca1bd307760da9f6c19f37e911ee b820c36268965759208d9b6fccd10514b4bd66f8 c637fe67b669332409c5c799435d6905f3640a4171a6b00b4e5fd821409be5c7 Loading...

	wx.gdcn.workers.dev/	165 B	2023-11-04	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:14 Times Seen7 Hash fcc4183fa156c07684c40456ff4ca3db b10a45cc2762ecbd959472811a5680abb8d7e724 39c0bf39cf9373d601301208d89c04097623f66b128f910cac39a81400e4e089 Loading...

	wx.gdcn.workers.dev/	384 B	2023-11-04	2024-04-19
Pretty URL wx.gdcn.workers.dev/ IP 104.21.17.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:14 Times Seen7 Hash 15e2eb17166b4e60d44a73ba737ef2c1 d7ab366d60d0159b7a523a5a880769c8df3093ac cbf60cb40e6c61542fc0ee580b13af909705e7370d1b520c926c101f3580f7b5 Loading...

	unknown	269 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:14 Times Seen7 Hash 66042813bd792dd0c10b662afccb328b fb97cb57b3148336c30980e590e1b01122f9cc7c 115b1a0219dd6f446cf2186f79e464f87ae1850661bba30957444c1e81c2f3d3 Loading...

	unknown	261 B	2023-11-04	2024-04-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-04 00:02:26 Last Seen2024-04-19 19:04:14 Times Seen7 Hash 5c13b8b0d65f21add4415240cf9f6980 a2533033412eebd48e98ff943cbe6222bec82db9 a3a7da84ec921a91065417d7b0aad034d269ae1b658d879d8f93c6a935e561db Loading...

	res.wx.qq.com/mpres/zh_CN/htmledition/pages/threerd~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~threerd.c2973e91.js	94 kB	2024-01-03	2024-04-19
Pretty URL res.wx.qq.com/mpres/zh_CN/htmledition/pages/threerd~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~threerd.c2973e91.js IP 43.152.140.102 ASN #139341 ACE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 17:08:04 Last Seen2024-04-19 19:04:14 Times Seen8 Hash c2973e9123d7badf5c550a20b50961ae 68a70737ede159b0b3520a2db306522249f6e35c cf70407d2d45fef23da9c9d599a83a7646dc094db22b21af85676195ec48ab21 Loading...

HTTP Transactions (34)

URL IP Response Size

res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.f59f377f.js

43.152.140.102

200 OK

26 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.f59f377f.js
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20897)
Size
26 kB (25555 bytes)
Hash
f59f377ff1ce8be026ffb1e4da0b51ee
1e7dc5b836504b87ec7dccc0d0c94cf47bc23dd7
b6f14b9725f44f9e92b608b71db4d4a77b1b3a255b90f399a3a42b26eaf18513

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.f59f377f.js HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Mon, 25 Mar 2024 06:50:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Mon, 25 Mar 2024 06:59:15 GMT
Expires: Tue, 25 Mar 2025 06:59:15 GMT
Content-Type: application/x-javascript
X-Verify-Code: 1f3c28c480b327f9703d94a4b3324919
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 25555
Accept-Ranges: bytes
X-NWS-LOG-UUID: 17900717873827551004
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css

43.152.140.102

200 OK

7.0 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (39596)
Size
7.0 kB (6953 bytes)
Hash
7a4fe79a9f10a6093fabf6b5a77b0f3e
56e8342ba7b46117b154d34e96e39760f65b0c60
ce21319f631ea1ff85e85f0047a72ef755c9848fcab720c4371951c9ea77bdba

HTTP Headers

GET /mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:13:02 GMT
Expires: Sat, 19 Apr 2025 08:13:02 GMT
Content-Type: text/css
X-Verify-Code: 09cb5056aab29575f2d9d2ad73106651
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 6953
Accept-Ranges: bytes
X-NWS-LOG-UUID: 17441214979564892713
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.1713513501034.css

43.152.140.102

200 OK

40 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.1713513501034.css
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (40358 bytes)
Hash
f2cc2ed7f7c978055b32fabc95fcf956
96b235be880e6f09ba5eb381050e13a100c0a2ac
3cb1d3a224ea7f1308a0779d56472acf9e7dd0e0bd01dcc86a50ce9efaef54a6

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.1713513501034.css HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Content-Encoding: gzip
Server: nginx/1.8.1
Date: Fri, 19 Apr 2024 08:11:46 GMT
Expires: Sat, 19 Apr 2025 08:11:46 GMT
Content-Type: text/css
X-Verify-Code: dc5406430a49ff73b7d315c581b3814f
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 40358
Accept-Ranges: bytes
X-NWS-LOG-UUID: 14277816978048281423
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/common/badjs6d68bf.js

43.152.140.102

200 OK

2.3 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/common/badjs6d68bf.js
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6001)
Size
2.3 kB (2343 bytes)
Hash
350ec2d746d4c583cd7dbdfa51f7e7ba
3ac3198a4b5771102819a39bb3310ece6a87f506
db1f3fe32c32cb10a35f6054bddea907767a85c83dd1a28df1ec6bc7e3ca35ba

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/modules/common/badjs6d68bf.js HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:12:43 GMT
Expires: Sat, 19 Apr 2025 08:12:43 GMT
Content-Type: application/x-javascript
X-Verify-Code: 2a8272d11577c79468e95c0aba17e94d
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 2343
Accept-Ranges: bytes
X-NWS-LOG-UUID: 16595724630244971145
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.38e563a1.js

43.152.140.102

200 OK

387 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.38e563a1.js
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
387 kB (386849 bytes)
Hash
38e563a1a1edeb995c1b9a1d75cf27ad
0e40ea81e1c3431cd7fa1a337bc34f7f269e7c74
b66fff0ba725aa8dfdea7b9c899a306abe3dc46513769ef9ac97320d87ec2bf1

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/vendors~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~vendors.38e563a1.js HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Mon, 25 Mar 2024 06:50:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Mon, 25 Mar 2024 06:56:47 GMT
Expires: Tue, 25 Mar 2025 06:56:47 GMT
Content-Type: application/x-javascript
X-Verify-Code: e7dc52ef16246f846e8cf5e19099568a
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 386849
Accept-Ranges: bytes
X-NWS-LOG-UUID: 18404580442878779059
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/base/jserr6d68bf.js

43.152.140.102

200 OK

3.1 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/modules/base/jserr6d68bf.js
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7832)
Size
3.1 kB (3120 bytes)
Hash
04f27dac52f2f7511630849d610a3612
6c5cc26206f76ee5c867bf58ae1465d39a755ed6
9bd37a50210fe5298263f9b45f5a68455c9a2a3c3961d6a806d2abcb446dc2fc

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/modules/base/jserr6d68bf.js HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:12:43 GMT
Expires: Sat, 19 Apr 2025 08:12:43 GMT
Content-Type: application/x-javascript
X-Verify-Code: 3db4090efe9b20ee78f1c6c7643107a8
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 3120
Accept-Ranges: bytes
X-NWS-LOG-UUID: 9103349724563484593
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.f05733b8.js

43.152.140.102

200 OK

17 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.f05733b8.js
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (29126)
Size
17 kB (16801 bytes)
Hash
f05733b8be2c5f9f97f0a1de7cd47aa7
1cdf8a6a9a68a0bd91627ad6abaeea17955b5a7e
abfbbc80e926c8d1e513bc5feb8e5e43e95470c0ecdd8ac725e8e6861619f6e8

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.f05733b8.js HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Mon, 25 Mar 2024 11:50:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Mon, 25 Mar 2024 11:57:13 GMT
Expires: Tue, 25 Mar 2025 11:57:13 GMT
Content-Type: application/x-javascript
X-Verify-Code: 948c6149096f6c33149dba09d0e8f910
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 16801
Accept-Ranges: bytes
X-NWS-LOG-UUID: 6985908672376661003
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/threerd~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~threerd.c2973e91.js

43.152.140.102

200 OK

94 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/threerd~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~threerd.c2973e91.js
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (63940)
Size
94 kB (93513 bytes)
Hash
c2973e9123d7badf5c550a20b50961ae
68a70737ede159b0b3520a2db306522249f6e35c
cf70407d2d45fef23da9c9d599a83a7646dc094db22b21af85676195ec48ab21

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/threerd~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~threerd.c2973e91.js HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Sat, 18 Nov 2023 11:40:00 GMT
Server: nginx/1.8.1
Date: Sat, 18 Nov 2023 11:45:22 GMT
Expires: Sun, 17 Nov 2024 11:45:22 GMT
Content-Type: application/x-javascript
X-Verify-Code: 5fc1d7a7d93bf522819d18827a02fc8a
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 93513
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12923807233074339315
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.1713513501034.css

43.152.140.102

200 OK

3.6 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.1713513501034.css
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20842)
Size
3.6 kB (3577 bytes)
Hash
ea6ff6d3e98e925c2b166ccaa050c9dc
a2030124388fa3111092feca750cafdd8f4d29b5
74b972e49e38614a90997db2f864e17691b29d4928b40cbc8e510bfb9522b2be

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/pages/modules~advanced/menusetting/menusetting~advanced/menusetting4Web1~album/edit/edit~album/list/list~b~modules.1713513501034.css HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Content-Encoding: gzip
Server: nginx/1.8.1
Date: Fri, 19 Apr 2024 08:11:46 GMT
Expires: Sat, 19 Apr 2025 08:11:46 GMT
Content-Type: text/css
X-Verify-Code: da17a4f490d5ce87aebd149ca01f0d9a
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 3577
Accept-Ranges: bytes
X-NWS-LOG-UUID: 3121212973580130591
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.1713513501034.css

43.152.140.102

200 OK

60 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.1713513501034.css
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
60 kB (59673 bytes)
Hash
becf9026c8149ac0f06f411eb763e6f8
02248f1c6c12809a2e9b05bb37dd5629fa28912d
305e17cce8e4d76869829eec4c665dfa7a22f8b68dcecc3db9ccd8bf88873df4

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.1713513501034.css HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Content-Encoding: gzip
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:12:59 GMT
Expires: Sat, 19 Apr 2025 08:12:59 GMT
Content-Type: text/css
X-Verify-Code: 2f8ef9093d4751e441fcba8e8bfcf061
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 59673
Accept-Ranges: bytes
X-NWS-LOG-UUID: 16327890791593365890
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/htmledition/images/mp_qrcode6d68bf.gif

43.152.140.102

200 OK

2.1 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/htmledition/images/mp_qrcode6d68bf.gif
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
GIF image data, version 89a, 102 x 102
Size
2.1 kB (2113 bytes)
Hash
84b88903d8cb1dc6b4a05883731de2df
ea07bd9c1199daa9230f8766216da3a8c49cb5dc
9b03921726f9bd46726daab78c1e1c0da57ec9ca29d42b6e66bd8a4fa6b811ef

HTTP Headers

GET /mpres/htmledition/images/mp_qrcode6d68bf.gif HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:13:06 GMT
Expires: Sat, 19 Apr 2025 08:13:06 GMT
Content-Type: image/gif
X-Verify-Code: da4817ef2c405f2b3807c7bfd11a7f0f
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 2113
Accept-Ranges: bytes
X-NWS-LOG-UUID: 2787676974079335003
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/en_US/htmledition/comm_htmledition/images/icon/form/icon_checkbox6d68c0.png

43.152.140.102

200 OK

1.0 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/en_US/htmledition/comm_htmledition/images/icon/form/icon_checkbox6d68c0.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
Size
1.0 kB (1021 bytes)
Hash
1f7a30662756eafa54df4561c055523d
f9d84b02facd5785e7e5f2e300a53bebe79065e1
6bbf8147327b1adf9de2216ce0489cdf8d8c3670c24e66d08647f7547e524281

HTTP Headers

GET /mpres/en_US/htmledition/comm_htmledition/images/icon/form/icon_checkbox6d68c0.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:18:13 GMT
Expires: Sat, 19 Apr 2025 08:18:13 GMT
Content-Type: image/png
X-Verify-Code: c7bfab4b167d9c9d2e471474702378b8
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 1021
Accept-Ranges: bytes
X-NWS-LOG-UUID: 208396385373521595
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/images/new_bg_logo6d68bf.svg

43.152.140.102

200 OK

9.4 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/images/new_bg_logo6d68bf.svg
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
9.4 kB (9381 bytes)
Hash
d7f85e6f3179aa708362b6ff1f5f7f1d
a47e4ae7b06b9f7c43317de12359824ddb9d4255
0883687c1b46a474cbe7dd168649c2ea8910563727df4ff202f1a7608788e9c6

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/login/loginpage/images/new_bg_logo6d68bf.svg HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.1713513501034.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: nginx/1.8.1
Date: Fri, 19 Apr 2024 08:18:13 GMT
Expires: Sat, 19 Apr 2025 08:18:13 GMT
Content-Type: image/svg+xml
X-Verify-Code: 0d8dd4686fcfac65970d6e84f7dde233
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 9381
Accept-Ranges: bytes
X-NWS-LOG-UUID: 7544394703741344636
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/common/icon_new6d68bf.png

43.152.140.102

200 OK

1.0 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/common/icon_new6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 17 x 9, 8-bit/color RGB, non-interlaced
Size
1.0 kB (1040 bytes)
Hash
29f3d1505515489980cb29e8db62f4af
21513c027547a19a718918cd5e5798031665e45a
c5e221d38d8cbe9be5920b6d34051f8163ec8562612a2a84eea8d1f2259eb69a

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/common/icon_new6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:18:14 GMT
Expires: Sat, 19 Apr 2025 08:18:14 GMT
Content-Type: image/png
X-Verify-Code: 3af0a3e6e1a58fe271c9e112aac977ef
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 1040
Accept-Ranges: bytes
X-NWS-LOG-UUID: 14246358272924700424
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/info6d68bf.png

43.152.140.102

200 OK

1.3 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/info6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1263 bytes)
Hash
d20298418cb657b3c4463a98969fcebf
2d52290c7aff712f836f977e33b930801fbb01ba
725c3a786e4384fec0198265399cffcd08301bdaa71407db7e6953b061e71e94

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/info6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: nginx/1.8.1
Date: Fri, 19 Apr 2024 08:18:13 GMT
Expires: Sat, 19 Apr 2025 08:18:13 GMT
Content-Type: image/png
X-Verify-Code: 448a69e79b2ea536d032aff47ebf4fac
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 1263
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5934117747492751109
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_service_new6d68bf.png

43.152.140.102

200 OK

2.9 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_service_new6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2864 bytes)
Hash
fe5fd388095ef7c9d9302798ed51219e
801a054743ac3bda4736d771e848e9bad99a9a71
989372d30359b0939c278150a168395bd1ea4caaabcd53a9d79c656ae4748b15

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_service_new6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:18:14 GMT
Expires: Sat, 19 Apr 2025 08:18:14 GMT
Content-Type: image/png
X-Verify-Code: 9c2ad489537898a28c25aaca03f0190d
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 2864
Accept-Ranges: bytes
X-NWS-LOG-UUID: 10266339089078941214
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/arrow6d68bf.png

43.152.140.102

200 OK

1.2 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/arrow6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1178 bytes)
Hash
b5f2ff4f6f6881bc7823662d3c599f0d
036ed972d0a04f803d75023e634ae0a6550c5800
48433bc10d85f09205fca6df3636ca8f59f874f43dc7da7606fbef2cec95b965

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/arrow6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: nginx/1.8.1
Date: Fri, 19 Apr 2024 08:18:14 GMT
Expires: Sat, 19 Apr 2025 08:18:14 GMT
Content-Type: image/png
X-Verify-Code: 0049122aed174edd535b49d169bcc12f
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 1178
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12612309996387308797
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_app6d68bf.png

43.152.140.102

200 OK

3.1 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_app6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3141 bytes)
Hash
023709002f244253fdb39556b3f02853
817eef9127568dd91cf9b088be43d58a99c2d915
a5bd1d4ac40d2bc33ad4c1901d6847c822d39b314ba8afd140b6c41c20855ada

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_app6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:14:45 GMT
Expires: Sat, 19 Apr 2025 08:14:45 GMT
Content-Type: image/png
X-Verify-Code: 5af5b67bdc2044573876ef71441a21d5
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 3141
Accept-Ranges: bytes
X-NWS-LOG-UUID: 1053858510920594482
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_subscribe_new6d68bf.png

43.152.140.102

200 OK

2.0 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_subscribe_new6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (1963 bytes)
Hash
7ed714c8655d5bbb4dc84c8defc5727d
7b2e9df99e050374fbf1bd02105128e1810778c5
08e12b0f559121662345225aebf2f001fa662ba64bb7d75795699c0d8c6cbc8e

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_subscribe_new6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:18:14 GMT
Expires: Sat, 19 Apr 2025 08:18:14 GMT
Content-Type: image/png
X-Verify-Code: b2e8b577299fa7ca74ea22d3631eb038
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 1963
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12491894394392479897
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/images/bg_banner.5951b6d68bf.png

43.152.140.102

200 OK

222 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/images/bg_banner.5951b6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 1440 x 460, 8-bit colormap, non-interlaced
Size
222 kB (221897 bytes)
Hash
e5ae51ee84bc5f8e8c6a86d8f20abe71
6b6a3db48cb2c508514e920ecc1a2167a4b86e60
60e587c57b3fc4443c04cb19c876592d9dd94d897e0836d85cfb2b64f1cd78d3

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/login/loginpage/images/bg_banner.5951b6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/loginpage.1713513501034.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: nginx/1.8.1
Date: Fri, 19 Apr 2024 08:18:14 GMT
Expires: Sat, 19 Apr 2025 08:18:14 GMT
Content-Type: image/png
X-Verify-Code: fccd9ae625a47dea1c515014c275c09d
X-Daa-Tunnel: hop_count=1
Cache-Control: must-revalidate, max-age=31536000
Content-Length: 221897
Accept-Ranges: bytes
X-NWS-LOG-UUID: 17376210846201794112
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_enterprise_small6d68bf.png

43.152.140.143

200 OK

2.4 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_enterprise_small6d68bf.png
IP
43.152.140.143:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2403 bytes)
Hash
75c8d114bf76e432de8fc21619af5a7b
c86b3316aec8b6545eb69740c703816dab2da18d
32b03af402a2fecf753061295eb9af102f30ee0257075869e3a0be6df1481f73

HTTP Headers

GET /mpres/zh_CN/htmledition/comm_htmledition/images/icon/login/mp_enterprise_small6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://res.wx.qq.com/mpres/zh_CN/htmledition/js/homepage/page_login_forcss6d68bf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:14:45 GMT
Expires: Sat, 19 Apr 2025 08:14:45 GMT
Content-Type: image/png
X-Verify-Code: 0eb068233649a2f60eba1a64553e061d
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 2403
Accept-Ranges: bytes
X-NWS-LOG-UUID: 10272378144259901356
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

wx.gdcn.workers.dev/

104.21.17.200

200 OK

16 kB

URL User Request GET HTTP/2
wx.gdcn.workers.dev/
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (25279)
Size
16 kB (16400 bytes)
Hash
8aebf70ffb382d22fcb5b039abbb5489
cdb825961b863331bb94767a9984db23519028bc
14a57df601abbacbe502cc5ae83b0b357c2ed3d45e13050be3a2a1c9b4e6aab7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

GET / HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 17:03:39 GMT
content-type: text/html; charset=UTF-8
cf-ray: 876e7811bfa4b503-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=15552000
access-control-allow-credentials: true
logicret: 0
reporting-endpoints: default="https://mp.weixin.qq.com/cgi-bin/mp_logreport"
retkey: 14
set-cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=; Path=/; Expires=Tue, 19-Jan-2038 03:14:07 GMT; Secure; HttpOnly
ticket_uin=EXPIRED; Path=/; Expires=Thu, 18-Apr-2024 17:03:39 GMT; Secure; HttpOnly
ticket_certificate=EXPIRED; Path=/; Expires=Thu, 18-Apr-2024 17:03:39 GMT; Secure; HttpOnly
login_certificate=EXPIRED; Path=/; Expires=Thu, 18-Apr-2024 17:03:39 GMT; Secure; HttpOnly
fake_id=EXPIRED; Path=/; Expires=Thu, 18-Apr-2024 17:03:39 GMT; Secure; HttpOnly
login_sid_ticket=EXPIRED; Path=/; Expires=Thu, 18-Apr-2024 17:03:39 GMT; Secure; HttpOnly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QL%2F%2F1iCo5KUsSph%2FTOfesxWnJClmmewaZiJjjU7m%2Fb8ZMjDyRX6PG2xzek5G1um1tDhAR%2BdDx%2BGxsp6vafThnT3p8l1vGp2WQYl55JYr78mZJk5yk7MRb06zQfzyybzsn0D%2BrTi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

badjs.weixinbridge.com/report

223.167.82.188

200 OK

31 B

URL POST HTTP/1.1
badjs.weixinbridge.com/report
IP
223.167.82.188:443
ASN
#140979 China Unicom Shanghai FuTe IDC network

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectmp.weixinbridge.com
FingerprintDE:24:88:F0:3E:DE:19:BD:2D:E0:73:16:F7:5F:6B:24:35:4C:DF:60
ValidityTue, 09 Jan 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT

File type
data
Size
31 B (31 bytes)
Hash
82d9ab1f01c17f91579698545b08f3e1
c58b47b8b6efead40c8eae0f8bf396e2d63da53c
8b23aba37c97ed528aea3df5dd7bc2b7a2cc559aec606cfe411251db4ddce59b

HTTP Headers

POST /report HTTP/1.1
Host: badjs.weixinbridge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 218
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 17:03:42 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 31
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: deflate

wx.gdcn.workers.dev/misc/jslog?1=1

104.21.17.200

200 OK

3.3 kB

URL POST HTTP/3
wx.gdcn.workers.dev/misc/jslog?1=1
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type
JSON text data
Size
3.3 kB (3304 bytes)
Hash
14bd770a18295667f92b443d898891b6
0400fff733f73333d2945d066e717f7b504f1298
2b4733b7a5417306833e9847a4868939d8b92457cd6140b51b4b396245bd4d97

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

POST /misc/jslog?1=1 HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 393
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:03:42 GMT
content-type: application/json; charset=UTF-8
cf-ray: 876e7833d9ba56a2-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=15552000
access-control-allow-credentials: true
logicret: 200004
retkey: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cQFS0kqwi1OL5bbJwDi4QvviXYO%2FNI91AuPtPxlByv43UdgE8aGfR01W8RNytAX0Rt6FY74wr0RgkiHgdnIcP6YVcRw%2FC%2BrD8vIcGkwTD8dFvcwmyX6ihUWzJ%2BQXSHcnLBi1pnO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

wx.gdcn.workers.dev/cgi-bin/bizlogin?action=startlogin

104.21.17.200

404 Not Found

827 B

URL POST HTTP/3
wx.gdcn.workers.dev/cgi-bin/bizlogin?action=startlogin
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
827 B (827 bytes)
Hash
5281e972ec463897022f56464011b5ed
2a719c124449e0c31a0166cea7867bb1a44780bd
a62d7d84bd02b1718106d294d1f2c8387f9967239696c1e8b446201b63f34dc7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

POST /cgi-bin/bizlogin?action=startlogin HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 17:03:42 GMT
cf-ray: 876e782dcb2756a2-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQue8plGB3g8tqXjT6neBkz4UGxPgR31kV6UAwpahMFB5Fjl7gdvjEjFbHJIx8L6jdD6cHv1GxRjOD8w0cZhnmhPOHSfWZksdhCqtkm%2FXZxic2VsCXrNuhzf6y93FdnNDAbFzC%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

badjs.weixinbridge.com/frontend/reportspeed?pid=30&uin=0&rid=0&speeds=1_0;2_8;3_10;4_2116;5_1;6_2305;7_2959;8_1;9_4554;10_0;11_1;12_99

223.167.82.188

200 OK

0 B

URL GET HTTP/1.1
badjs.weixinbridge.com/frontend/reportspeed?pid=30&uin=0&rid=0&speeds=1_0;2_8;3_10;4_2116;5_1;6_2305;7_2959;8_1;9_4554;10_0;11_1;12_99
IP
223.167.82.188:443
ASN
#140979 China Unicom Shanghai FuTe IDC network

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectmp.weixinbridge.com
FingerprintDE:24:88:F0:3E:DE:19:BD:2D:E0:73:16:F7:5F:6B:24:35:4C:DF:60
ValidityTue, 09 Jan 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /frontend/reportspeed?pid=30&uin=0&rid=0&speeds=1_0;2_8;3_10;4_2116;5_1;6_2305;7_2959;8_1;9_4554;10_0;11_1;12_99 HTTP/1.1
Host: badjs.weixinbridge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 17:03:43 GMT
Content-Length: 0
Connection: keep-alive

wx.gdcn.workers.dev/misc/getico?location=-1&rand=0.26003756869558026&token=&lang=zh_CN

104.21.17.200

200 OK

12 kB

URL GET HTTP/3
wx.gdcn.workers.dev/misc/getico?location=-1&rand=0.26003756869558026&token=&lang=zh_CN
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
12 kB (12314 bytes)
Hash
5281e972ec463897022f56464011b5ed
2a719c124449e0c31a0166cea7867bb1a44780bd
a62d7d84bd02b1718106d294d1f2c8387f9967239696c1e8b446201b63f34dc7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

GET /misc/getico?location=-1&rand=0.26003756869558026&token=&lang=zh_CN HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:03:42 GMT
content-type: image/x-icon
cf-ray: 876e782c592b56a2-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
content-disposition: attachment;filename=wx.ico
strict-transport-security: max-age=15552000
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuuYXCUXmyNVrMlZT%2BBu0281EmaqB41KsMwdMC%2BcN7t5LDp0msMV2Cf4se8jazUwdwQ%2B%2F7hGKYVJXwqBux03wSrKUIGH6mbKEW%2BFlUxbvUC1kHcm1Awtsczas21INwLd52KLs%2B4S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

res.wx.qq.com/a/wx_fed/assets/res/OTE0YTAw.png

43.152.140.102

200 OK

3.2 kB

URL GET HTTP/1.1
res.wx.qq.com/a/wx_fed/assets/res/OTE0YTAw.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
3.2 kB (3247 bytes)
Hash
914a006720e70224e3ba8ccfa2d198ae
5ba5bd81363dc789ebd4a5e5514f8add642401b3
058bf1b3661dac713bb1807fbadbe1e6c2b1f5513d93ecae61c986ebb76b1edf

HTTP Headers

GET /a/wx_fed/assets/res/OTE0YTAw.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Tue, 28 Aug 2018 07:48:15 GMT
Server: NWS_SSD_MID
Date: Sat, 23 Mar 2024 20:55:14 GMT
Expires: Sun, 23 Mar 2025 20:55:14 GMT
Content-Type: image/png
X-Verify-Code: 5aac8710ea91d6774de04dbe0195bf46
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 3247
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12775834496096415331
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

wx.gdcn.workers.dev/webpoc/cgi/chat/checkChatPermission?type=15&grayType=random&token=&lang=zh_CN&f=json&ajax=1

104.21.17.200

404 Not Found

0 B

URL GET HTTP/3
wx.gdcn.workers.dev/webpoc/cgi/chat/checkChatPermission?type=15&grayType=random&token=&lang=zh_CN&f=json&ajax=1
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

GET /webpoc/cgi/chat/checkChatPermission?type=15&grayType=random&token=&lang=zh_CN&f=json&ajax=1 HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 17:03:42 GMT
cf-ray: 876e782dcb2056a2-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iFrZkJkBJooyBB8VhBinBZDsb5py0OXo7qGex8RNMNNNcV8nsgYTYPlrzSGDbUDgn%2BfXHUHSeC46jOwG3RJv9yvGt4h7wi6keAdUbkViBx%2BVWTOe01b%2B0FU9ELOhHl8VkzCk88ln"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

mp.weixin.qq.com/mp/jsmonitor?idkey=125091_0_3&t=0.010927942540964852

203.205.239.154

200 OK

0 B

URL GET HTTP/2
mp.weixin.qq.com/mp/jsmonitor?idkey=125091_0_3&t=0.010927942540964852
IP
203.205.239.154:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectmp.weixin.qq.com
FingerprintA4:50:A9:51:9D:AC:AC:FA:95:88:04:65:32:5C:9F:0A:4D:E3:6A:E7
ValidityTue, 19 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mp/jsmonitor?idkey=125091_0_3&t=0.010927942540964852 HTTP/1.1
Host: mp.weixin.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate
retkey: 14
logicret: 0
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

res.wx.qq.com/a/wx_fed/assets/res/NTI4MWU5.ico

43.152.140.102

200 OK

827 B

URL GET HTTP/1.1
res.wx.qq.com/a/wx_fed/assets/res/NTI4MWU5.ico
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
827 B (827 bytes)
Hash
5281e972ec463897022f56464011b5ed
2a719c124449e0c31a0166cea7867bb1a44780bd
a62d7d84bd02b1718106d294d1f2c8387f9967239696c1e8b446201b63f34dc7

HTTP Headers

GET /a/wx_fed/assets/res/NTI4MWU5.ico HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Tue, 28 Aug 2018 07:48:15 GMT
Server: NWS_SSD_MID
Date: Mon, 26 Jun 2023 10:53:49 GMT
Expires: Tue, 25 Jun 2024 10:53:49 GMT
Content-Type: image/x-icon
X-Verify-Code: 32ee83c5c2bbd1878f8315263fd98741
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 827
Accept-Ranges: bytes
X-NWS-LOG-UUID: 13515959805737705521
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

wx.gdcn.workers.dev/webpoc/cgi/chat/checkChatPermission?type=15&grayType=random&token=&lang=zh_CN&f=json&ajax=1

104.21.17.200

404 Not Found

0 B

URL GET HTTP/3
wx.gdcn.workers.dev/webpoc/cgi/chat/checkChatPermission?type=15&grayType=random&token=&lang=zh_CN&f=json&ajax=1
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

GET /webpoc/cgi/chat/checkChatPermission?type=15&grayType=random&token=&lang=zh_CN&f=json&ajax=1 HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 17:03:41 GMT
cf-ray: 876e782d4a4356a2-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTc5IkYV2TwHyRXCnumDzAN%2FdzqcDW5DCmem3sZgzVc%2FaYDCtvISmfR7Xzia9LEONZzV14kxptW3%2FlawXqJMDWiq5w4mmBG7BN3xeADxD6JV2HF5tbvXijGXzVe4JRT3BiNMFkk5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

wx.gdcn.workers.dev/cgi-bin/bizlogin

104.21.17.200

404 Not Found

0 B

URL POST HTTP/3
wx.gdcn.workers.dev/cgi-bin/bizlogin
IP
104.21.17.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgdcn.workers.dev
Fingerprint70:2B:EE:82:1A:4A:31:07:77:56:A7:67:93:8E:B8:A8:D3:D5:41:9C
ValidityWed, 28 Feb 2024 11:44:58 GMT - Tue, 28 May 2024 11:44:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeChat

HTTP Headers

POST /cgi-bin/bizlogin HTTP/1.1
Host: wx.gdcn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://wx.gdcn.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Cookie: ua_id=14oCsXeFyFMYXqZoAAAAAIs-6XkHgqtl-HG9Wvfa0G4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 17:03:42 GMT
cf-ray: 876e782dcb2456a2-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUchJeCFOIpiCYULiXtJhOgYC0OG5Lglpolr2K1XnLjxtrTMG%2BqDPsyPKmd9uLtITjuK4HwleLIGLGk22GJ8rPh8xmn3OOh6hwD7QE7lZu1ZMk4u5cI67RTLShojUKW9dvloonYk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/images/default_qrcode_2x6d68bf.png

43.152.140.102

200 OK

2.3 kB

URL GET HTTP/1.1
res.wx.qq.com/mpres/zh_CN/htmledition/pages/login/loginpage/images/default_qrcode_2x6d68bf.png
IP
43.152.140.102:443
ASN
#139341 ACE

Requested by
https://wx.gdcn.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectres.wx.qq.com
Fingerprint34:31:D7:1D:60:C9:7C:34:D1:06:77:EF:9F:38:D5:DD:E4:D3:99:6B
ValidityFri, 04 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced
Size
2.3 kB (2285 bytes)
Hash
aa69aec88903c3f292493040a6a9e912
e3e20d0bf689b62448cfb0f599ece046e311138c
068ea71114395c9d54de832c2892654460ce21fa44c80be597644a0b93493243

HTTP Headers

GET /mpres/zh_CN/htmledition/pages/login/loginpage/images/default_qrcode_2x6d68bf.png HTTP/1.1
Host: res.wx.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wx.gdcn.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 19 Apr 2024 08:10:00 GMT
Server: NWS_SSD_MID
Date: Fri, 19 Apr 2024 08:13:06 GMT
Expires: Sat, 19 Apr 2025 08:13:06 GMT
Content-Type: image/png
X-Verify-Code: d9dbcdae55680efb5a13d71a5faf9d2b
X-Daa-Tunnel: hop_count=1
Cache-Control: max-age=31536000
Content-Length: 2285
Accept-Ranges: bytes
X-NWS-LOG-UUID: 17960526318314353617
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
Vary: Origin

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations