r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9901
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 09:37:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:31 GMT
Last-Modified: Mon, 28 Nov 2022 08:01:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8678
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 09:37:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X8iA8pJhLs79A3oTq6Zeotpos/1pZ9aK8xrYl3OSmUe9dH9xsavhNmwaByKyctG+o3H8ijdNq8U=
x-amz-request-id: 26BSD9C4Z80CXE0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 08:41:59 GMT
age: 3332
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 09:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1079
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:37:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 09:11:12 GMT
cache-control: public,max-age=3600
age: 1579
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2752
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:32 GMT
Last-Modified: Mon, 28 Nov 2022 08:51:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.hwcma.com/
116.255.143.80200 OK 9.0 kB IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 671752290bad1ecece866952b3f429bf
bfe48474d37cf6a0af8c362dfa42df1af5274437
4c9ba7cc4d08bb326e8254efccb6c9d6c92b337fb6e4d73ea36c1be96859157b
GET / HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8951
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; path=/; HttpOnly; SameSite=Lax
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
push.services.mozilla.com/
52.35.190.173101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.190.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pAiF38eaUMlAQny/MZLkTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Av4W1RSU611+85gl4FJsFOYHPDA=
www.hwcma.com/template/365ZWP21061941/pc/css/style.css
116.255.143.80200 OK 18 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/css/style.css
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 (with BOM) text
Hash e73389dbb946bf20f97a39854432f782
54aab996d4e759c1ddd1996a2ea32bb3c8426dd4
62f1590167ae5a29d19925fb4ebe624433502e5b4e60b54004e7226b30c7ac4d
GET /template/365ZWP21061941/pc/css/style.css HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: text/css
Content-Length: 18016
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 08:56:07 GMT
Accept-Ranges: bytes
ETag: "80ed2235589ad71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/template/365ZWP21061941/pc/css/font-awesome.min.css
116.255.143.80200 OK 8.3 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/css/font-awesome.min.css
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (30837)
Hash 122408ebb5ce04f025c6eb03746809e4
f1be50449509d130f816096fa89f4ae6acf5bf3a
71419fbd8caa026b000ad2efd64f2e2038263d93e8cf1f038ad5cfb1ee9400d3
GET /template/365ZWP21061941/pc/css/font-awesome.min.css HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: text/css
Content-Length: 8325
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 15:08:05 GMT
Accept-Ranges: bytes
ETag: "80b8e813e435d21:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/template/365ZWP21061941/pc/css/4101.css
116.255.143.80200 OK 21 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/css/4101.css
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 (with BOM) text, with very long lines (463)
Hash a3f9a1997cf36e4fb8b281e9e5edc66e
5960558b62840addb5e2c59d9f55225ae8ce6d33
9318fe48bbfe96192f7475fd7e1973cfabc9b78a8929c16930a33f4a7dfbb81b
GET /template/365ZWP21061941/pc/css/4101.css HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: text/css
Content-Length: 20894
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 08:56:45 GMT
Accept-Ranges: bytes
ETag: "8044c94b589ad71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/template/365ZWP21061941/pc/js/jquery-1.11.3.min.js
116.255.143.80200 OK 43 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/js/jquery-1.11.3.min.js
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 text, with very long lines (32038), with CRLF line terminators
Hash c2eca0d0555ae83f47ec164d7f0746f9
9bb1277cda9398ab01d730e971a555f0d96773b9
9cd2a53936a0cf4a9095809faee5eb1eb1f5f612420ecee8b0764fe22f3ec22a
GET /template/365ZWP21061941/pc/js/jquery-1.11.3.min.js HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: application/javascript
Content-Length: 43047
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 03:30:33 GMT
Accept-Ranges: bytes
ETag: "80d2f049a968d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
webapi.weidaoliu.com/msg/msgstat.ashx?shopid=10686
101.37.84.12200 OK 300 B URL HTTP/1.1 webapi.weidaoliu.com/msg/msgstat.ashx?shopid=10686
IP 101.37.84.12:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with no line terminators
Hash 06eba1ce8bc391005761f56900e0c6d1
fc1c65935ea7d518fa965353a1edfd3f03d80cfd
8ea38e6c9fecb8001aab40f3ab3df6b47c83974ca2b811e0fe9225ff28b7e2fd
GET /msg/msgstat.ashx?shopid=10686 HTTP/1.1
Host: webapi.weidaoliu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Length: 300
www.hwcma.com/template/365ZWP21061941/pc/js/form.min.js
116.255.143.80200 OK 32 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/js/form.min.js
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 text, with very long lines (31955), with CRLF line terminators
Hash f8ea9e73dc9dea0ca20d857c39b10932
ccc7b4edc292cc4c73c13947b7c143feda41e750
fe6d7c0e85f212f4c45db6309d1533e1133fcf71a19ed98cb3e0a926fc7490e7
GET /template/365ZWP21061941/pc/js/form.min.js HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: application/javascript
Content-Length: 32384
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 03:30:33 GMT
Accept-Ranges: bytes
ETag: "80d2f049a968d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
webapi.gcwl365.com/msg/message/messagesend.js?+Math.random()
39.100.38.78200 OK 9.4 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/messagesend.js?+Math.random()
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1420), with CRLF line terminators
Hash 8658bc98ff8f2a7c708896a7d051fc3d
f390bd229708dc93b2306a9a08c37523bc9f9fc3
c38ab63fd3ecfbf64b69ad17eddf2cfd38242cd168e65574b1bc13356c80eb92
Analyzer Verdict Alert fortinet Phishing
GET /msg/message/messagesend.js?+Math.random() HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 04:19:13 GMT
Accept-Ranges: bytes
ETag: "80b61d33e893d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Length: 9427
www.hwcma.com/template/365ZWP21061941/pc/js/org.min.js
116.255.143.80200 OK 146 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/js/org.min.js
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 text, with very long lines (28392), with CRLF line terminators
Size 146 kB (145950 bytes)
Hash d310d36d02ad35023bfa8d63ca9ca4ff
99b0e1ebe04f54197b0170ea50e2e70e60d1e302
ed7a9e9b803ba081370db829588344648732c040a5ed10061b058d281f2e7a0e
GET /template/365ZWP21061941/pc/js/org.min.js HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 03:30:23 GMT
Accept-Ranges: bytes
ETag: "80f1fa43a968d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=logo.png
116.255.143.80302 Found 143 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=logo.png
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6580c806bad682911632157c0b43092a
0f85135f7e52a7d080de1869f57a630ee26bebed
4c994d100d866e5e05096a6f9df3360d28e6dc4155f61324142544efe73160a4
GET /img.ashx?shopid=10686&file=logo.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/logo.png
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502749.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502749.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cc4d7fc25862dfc477da69ec6f58772d
421583c1ce219cc7abf23711e6fd9ad3589b357d
bf2109ab7626f4dbbbc98e3be2e092ce70e45862b1c4e53e4711545ac6f5a87b
GET /img.ashx?shopid=10686&no=true&file=2021082315502749.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315502749.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=2021031915284924.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=2021031915284924.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 423027dafb2229ebe3df3f2b4ad8daef
1f8d692324d6fa9c372407548a98269a23139892
43a074ac01fd75422b4a2a5d94bcd172a115e3dc685914d4271eeca96ffca116
GET /img.ashx?shopid=10686&file=2021031915284924.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915284924.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=2021031915313184.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=2021031915313184.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9fc8c8ae38d5c013c67cf64e7396aa91
149d568ec6b4bd317321be4ccbc6cda89107e8ba
539710e3d3e9033c5511dd294bb298ffde1d15bfc4d0e006985d69d17081ac7c
GET /img.ashx?shopid=10686&file=2021031915313184.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915313184.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=2021031915123919.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=2021031915123919.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70fbc9b05ee181245fea78566ecffdf6
5355a8a82ff9e37371123bc2d1c410ade46c5ffe
56c9e637d4555eb035855874e01f9e09fd5863cf3ba66777720599438995124f
GET /img.ashx?shopid=10686&file=2021031915123919.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915123919.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502877.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502877.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 533d922a945bc8c00d5e4474e4942b1b
2989c6f25d16ff9d4423097f7f22b7adbb2c0964
b5fe6ad80b156ad445c4fb81fa9ac9e2e8490973315103a8791e16b83c822be6
GET /img.ashx?shopid=10686&no=true&file=2021082315502877.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315502877.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 41777
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P0Nx-FcvcV-f5cRPwZr5sEMb8pH3AoYFr185q_D0X2bE7z40nDn91w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 42389
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 42038
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0diXekmaxz0zbwy1wShePUxsvtC59YoEPcLJmS_ql6uKG0MtqbxbeQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:03:04 GMT
age: 41669
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 41767
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KcI_BV4rZkM-2CmcFI5qkJLT-OOwYQnRNEPXrQJvlNA9A3Da0EzgEA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 42389
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
webapi.gcwl365.com/msg/message/font/iconfont.css?v=689
39.100.38.78200 OK 2.4 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/font/iconfont.css?v=689
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (2679)
Hash 9d6fe6a9b815f70a752d3effcdb0003b
0d11420d199d5d594e6c855c1f02ae96fb08afd2
105c81858c1251ea44425eac57bacdab314d01c75e0e1d28baff0d29bca773e8
Analyzer Verdict Alert fortinet Phishing
GET /msg/message/font/iconfont.css?v=689 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 26 Sep 2018 06:43:32 GMT
Accept-Ranges: bytes
ETag: "082a63d6455d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 2371
webapi.weidaoliu.com/msg/images/new_message.gif
101.37.84.12200 OK 1.4 kB URL HTTP/1.1 webapi.weidaoliu.com/msg/images/new_message.gif
IP 101.37.84.12:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 16 x 16\012- data
Hash b69aba4ab6c4a9c0b79738a3937fc631
9ffcf6e9186778bfda4bf32b78200b0d9ad22b96
6ffb5cfc3a7b143ed55c065c6177bc8ebf89d67457cb1a70a839ee225434cb98
GET /msg/images/new_message.gif HTTP/1.1
Host: webapi.weidaoliu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 14 May 2018 02:14:52 GMT
Accept-Ranges: bytes
ETag: "2579ee5729ebd31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 1360
webapi.gcwl365.com/msg/message/css/style.css?v=4.2
39.100.38.78200 OK 2.9 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/css/style.css?v=4.2
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text
Hash a6ccd008e069943e27d33844624f47c2
7c94e0899122b7fca210b6c5bc5d4b47c2012e6b
bd5910111608486aae79c772bef03beb77093575a8f66b4c4752d629a484bad4
GET /msg/message/css/style.css?v=4.2 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 10 Jun 2022 02:55:35 GMT
Accept-Ranges: bytes
ETag: "80ad6d8e757cd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 2900
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 28 Nov 2022 09:37:33 GMT
Etag: "4078521116"
Expires: Tue, 28 Nov 2023 09:37:33 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=78BE2F169CEF4F573B9CA877FFFCD48D:FG=1; max-age=31536000; expires=Tue, 28-Nov-23 09:37:33 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
webapi.gcwl365.com/msg/js/plugin/layer/layer.js
39.100.38.78200 OK 7.4 kB URL HTTP/1.1 webapi.gcwl365.com/msg/js/plugin/layer/layer.js
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21529)
Hash b8fba5f6cceaf52ef049b78beee0a1a3
d69d8550ff6554b3db3e61257cee227f7a6cbefe
3aa69c08f652e111eb29b3dc7b9f6ad0b4cb3a16ad97f486b7be0ed4eecd6e38
Analyzer Verdict Alert fortinet Phishing
GET /msg/js/plugin/layer/layer.js HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 17 May 2018 07:21:31 GMT
Accept-Ranges: bytes
ETag: "804f83adafedd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 7449
webapi.gcwl365.com/msg/message/css/wechat-wrap.css
39.100.38.78200 OK 5.7 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/css/wechat-wrap.css
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (1503), with CRLF line terminators
Hash 16fef24dd4823fad8aab70df69b066e3
f623f74570bd003c0336323aec9443f22c9c06ff
9371968c7c043ea70dcf652b461e33e8eecc01153c949b220c31c9861f00527a
GET /msg/message/css/wechat-wrap.css HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 09:02:41 GMT
Accept-Ranges: bytes
ETag: "804efe741e17d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 5740
webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js
39.100.38.78200 OK 5.2 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (675), with CRLF line terminators
Hash 11c436444b1d615797d09f636173db33
b576573fed16a84e7d56bfab58e003e73ca1d98a
399529ee56da36339798d81cbb0519112530adee27ccfbb321eb7cf02f03d2c0
Analyzer Verdict Alert fortinet Phishing
GET /msg/message/js/jquery.qrcode.min.js HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Aug 2018 05:10:03 GMT
Accept-Ranges: bytes
ETag: "8074be75529d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 5248
www.hwcma.com/template/365ZWP21061941/pc/fonts/fontawesome-webfont.woff2?v=4.7.0
116.255.143.80200 OK 77 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /template/365ZWP21061941/pc/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.hwcma.com/template/365ZWP21061941/pc/css/font-awesome.min.css
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2016 15:08:03 GMT
Accept-Ranges: bytes
ETag: "808bb712e435d21:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/2021031915123919.jpg
116.255.143.80200 OK 38 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021031915123919.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x522, components 3\012- data
Hash 0979a980e1ae0b6b0dc6956626d0a047
9904967bde9fd559c782714044cc7aecbf867d5a
9511fa99913d04db738f21e1671e4dba2cb2ccbb30394c11444859da49393cef
GET /siteimages/10686/2021031915123919.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 37694
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "e0f84af3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=2021031915393318.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=2021031915393318.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e0cf0b07dd1ba94db2bdaa52d2875a72
ef1cbb0745376d997b7dbc2f416f79821425412b
78d79691313f2eccabbf6d6926478cfeb640d6ec4cf9f0f895c579329cd7bdca
GET /img.ashx?shopid=10686&file=2021031915393318.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915393318.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=2021031915380062.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=2021031915380062.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7c24997a034fa8137447ff6e00af4957
79fac0ba264e8b9cf12da50e98f87ec4455ad6dc
8dae55720dcd75dd24170b282acda7705d2ff638cfdef505a4eab86b19f03138
GET /img.ashx?shopid=10686&file=2021031915380062.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915380062.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=2021031915332944.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=2021031915332944.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 516512f2fb0a3f1bbf5b94bbde1e67e8
b2101d3916e46bed6c597b363c4a2e9fbe14f433
10381235694a78c6ba7c36f72cc2f3f0693a7d2788f438952468eaf504e7d52b
GET /img.ashx?shopid=10686&file=2021031915332944.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915332944.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
webapi.gcwl365.com/msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303
39.100.38.78200 OK 2.9 kB URL HTTP/1.1 webapi.gcwl365.com/msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (14499), with no line terminators
Hash be60b3f7cd68739042226260a3d617ca
850d8b7957c386555101e6ef4033542f2603d3c4
58dd83fdc48ab4c4a0c5704559f293cef21dc725037a97a0e6b4f5e182b63d4c
Analyzer Verdict Alert fortinet Phishing
GET /msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 17 May 2018 07:21:31 GMT
Accept-Ranges: bytes
ETag: "804f83adafedd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 2872
www.hwcma.com/siteimages/10686/2021031915284924.jpg
116.255.143.80200 OK 22 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021031915284924.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Hash ca599c06707288189e0366640847e6bc
51969c9587caa3467f24b3447c1e842a23c36418
c4fdfbfb834d605d6d5c8a0bbec881565797657b5657d88eda6fea8b5fc2629f
GET /siteimages/10686/2021031915284924.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 22413
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "6cc245f3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
s.union.360.cn/459976.js
171.8.167.94200 OK 11 kB IP 171.8.167.94:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type Unicode text, UTF-8 text, with very long lines (25491)
Hash 6195f7ead1dd0268046612c0d5da4b5b
421ea8d0081f51ccb522bad5cd4a391c772fc531
52fdb19e2b5ffa05d84ab1bc353eed114074f873087a77bca589887489e2fa9c
GET /459976.js HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Set-Cookie: __huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO/H29AqYlNlKQs=; Expires=Thu, 25-Nov-32 09:37:34 GMT; Domain=.360.cn; Path=/
__guid=219755712.2246107121251300096.1669628254000.7490; Expires=Tue, 28-Nov-23 09:37:34 GMT; Domain=.360.cn; Path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Etag: W/"15c4e14eeebbd4f6423af0721eb8ae88"
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
www.hwcma.com/siteimages/10686/2021031915332944.jpg
116.255.143.80200 OK 71 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021031915332944.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2019:11:20 11:21:23], baseline, precision 8, 400x300, components 3\012- data
Hash 6940b1e49bc8bd2345fceb71159945eb
4f6faa94ba268adacfc91f59b70969eb2495089d
f23859a4df15d0789e6beec23ec2945bd26a79de311c8177f00e3eedd3de77ab
GET /siteimages/10686/2021031915332944.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 70693
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "6203df3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&file=202108231748072.jpg
116.255.143.80302 Found 154 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=202108231748072.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f13c8cff15bab26d46034a19772f9951
ed0c5a7c16747c005dd0180cc211e3275f330cb7
63aac852a9dde27a3d832a71598783fe274cb9a1c5be37cd31c7b18ba111796a
GET /img.ashx?shopid=10686&file=202108231748072.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 154
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/202108231748072.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/2021031915380062.jpg
116.255.143.80200 OK 16 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021031915380062.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 94x94, segment length 16, baseline, precision 8, 485x299, components 3\012- data
Hash 1cfe5f49d273a216767a5ca66ce2ce0f
164a53b2901408231014887259807a6135d4db5d
7debd38cdfe62a97bb97a8e85fdaadc82fdef8c3d6d956f1f3c269e3ee48897c
GET /siteimages/10686/2021031915380062.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 15463
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "812f23f3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/2021031915313184.jpg
116.255.143.80200 OK 16 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021031915313184.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 422x300, components 3\012- data
Hash cc3b9c442ce17d2f6c96e0b75d9202a8
9635db651670f4a5ef8b10f70b1a863df8d7504c
aa0f53cc912f70b15c5d6619f3cc20586518453f4d9192b5a2490d9243f0f8d8
GET /siteimages/10686/2021031915313184.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 15786
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "513e2bf3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/2021031915393318.jpg
116.255.143.80200 OK 13 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021031915393318.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 580x419, components 3\012- data
Hash 7e1add31141b583cbf7cd34ef92ad252
6a4d92336327ea2f4904ac62b81782022b66cfb4
86fe3ab797c60f2b59a4191366719bb02393f29c24c027626989e693d133433c
GET /siteimages/10686/2021031915393318.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 13379
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "812f23f3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
api.share.baidu.com/s.gif?l=http://www.hwcma.com/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.hwcma.com/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.hwcma.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Nov 2022 09:37:34 GMT
www.hwcma.com/siteimages/10686/2021082315502749.jpg
116.255.143.80200 OK 227 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021082315502749.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size 227 kB (227104 bytes)
Hash c846b32982e29b454d9d83fe38ae06fa
8105bfbc455ed3539b76a60c915e3b367a940f08
b68a10529595017ea64434195ab63aec2162a676cdf5f4c7562bafa22059f799
GET /siteimages/10686/2021082315502749.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 227104
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "5b1cbfc3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315503831.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315503831.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4d16ccdbe892854978a633948d08af58
6a956378d5431d62be5358e5bbed5a42c2bfabcc
73174a031258d2c91a4cedc95b679802ffd03ef7c2aef2ba8d3c606684df08c5
GET /img.ashx?shopid=10686&no=true&file=2021082315503831.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315503831.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502642.jpg
116.255.143.80302 Found 155 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502642.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c287c779deab90610000bff749c27646
1619d49e70b3c0be24fc56f0580b035bfd1e0c04
cd6b0abdb99574c96736632d7ce7772c36b9620d9e1e51846b0f2e5a66d6bf04
GET /img.ashx?shopid=10686&no=true&file=2021082315502642.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315502642.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/202108231748072.jpg
116.255.143.80200 OK 7.0 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/202108231748072.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 300x170, components 3\012- data
Hash 45d5ebb2e28b2fea951d821ce43f8d23
cbd1a85ed67fe2e529001e8917392b61de2614ae
38d2d1f8c7551b73ad27df8364e28ed09f1ffe4e6440fd18de9c955a8f626985
GET /siteimages/10686/202108231748072.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 7045
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 09:49:59 GMT
Accept-Ranges: bytes
ETag: "26f4d83c498d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
s.union.360.cn/s.gif?lts=1&et=100&si=459976&ldt=1&vis=visible&prv=0&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&t=1669628253887&v=3.2.0&_mtd=im
171.8.167.94200 OK 43 B URL HTTP/1.1 s.union.360.cn/s.gif?lts=1&et=100&si=459976&ldt=1&vis=visible&prv=0&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&t=1669628253887&v=3.2.0&_mtd=im
IP 171.8.167.94:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /s.gif?lts=1&et=100&si=459976&ldt=1&vis=visible&prv=0&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&t=1669628253887&v=3.2.0&_mtd=im HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
Expires: Fri, 01 Jan 1980 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
wx.weidaoliu.com/msg/message/js/clipboard.min.js
101.37.84.12200 OK 3.4 kB URL HTTP/1.1 wx.weidaoliu.com/msg/message/js/clipboard.min.js
IP 101.37.84.12:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (10360)
Hash 6a21970d8e1244d757a2b322597e23b9
aa05c68ec2b039dfd66e985a74ac33d29f1c1c7e
a0fe78dc7765c2ba8497287f40707c4c972e0bcef1e40bf7ade3edb2e29a65e3
GET /msg/message/js/clipboard.min.js HTTP/1.1
Host: wx.weidaoliu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hwcma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 03:10:57 GMT
Accept-Ranges: bytes
ETag: "80f6949ce62fd61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Length: 3358
www.hwcma.com/img.ashx?shopid=10686&file=
116.255.143.80302 Found 127 B URL HTTP/1.1 www.hwcma.com/img.ashx?shopid=10686&file=
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 360f661eef5247e29b339c69de74acd5
1acf2420e6fdcbe1a36c2c32130aad875ef0628e
e82aa6efa971062b43638400e5e6839f5abb7f8234301aa34844b94b23f15b8a
GET /img.ashx?shopid=10686&file= HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 127
Connection: keep-alive
Cache-Control: private
Location: /nopic.png
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/logo.png
116.255.143.80200 OK 9.9 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/logo.png
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash b73a0097c364a74635400ce5e81f97a7
bc7659b4f9c98f35da31243effd01e4a3d73b56d
ebfa29753c81e23c328e6372022b29651655ca038de499bc84bc866b6bbefe0c
GET /siteimages/10686/logo.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/png
Content-Length: 9855
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 02:51:41 GMT
Accept-Ranges: bytes
ETag: "49ccb2332fefd81:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
s.union.360.cn/proxy.html
171.8.167.94200 OK 434 B URL HTTP/1.1 s.union.360.cn/proxy.html
IP 171.8.167.94:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (707), with no line terminators
Hash d713c4be4307c2ba08c151d879b32522
ee36cc8098954691e78c377f29ec8b55b8f36570
881c2afefaf064920d4b302d86aa2a097042146a5e9d232a8265642a1f6e97b0
GET /proxy.html HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: text/html
Last-Modified: Thu, 03 Mar 2022 02:05:35 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"6220226f-2c3"
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
www.hwcma.com/nopic.png
116.255.143.80404 Not Found 86 B IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 text, with no line terminators
Hash 5b61351f9f1d59fde5aefa666ffb8af5
32ca13cfc618c39c9ecca158ac285431dd2a597e
ae713e455efd63006c177dc199e2029fb5811cb1cd6c9714246b7c91297a78fc
GET /nopic.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170
HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
Content-Encoding: gzip
www.hwcma.com/siteimages/10686/2021082315502642.jpg
116.255.143.80200 OK 153 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021082315502642.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size 153 kB (152649 bytes)
Hash 23552401bf2bc5d6123528521ba6fd8a
540bd63c195dbc097b542605dfef573901ebfcbb
46c6f190b71939a591e7dd67ff04fd32ce60974f30c7b7db1946f7687504724f
GET /siteimages/10686/2021082315502642.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 152649
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "346ab8c3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/siteimages/10686/2021082315502877.jpg
116.255.143.80200 OK 198 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021082315502877.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size 198 kB (198042 bytes)
Hash e1fede068613640ddb32a8ed7ec6ec2d
d5f3051b1f7861d03d112c084831f8858e39f1ff
3fa26cfa290702f5e4b989df87e421017378895f6cc42296f209e3378aadd30c
GET /siteimages/10686/2021082315502877.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 198042
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "694cc0c3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
360fenxi.mediav.com/mediav1130.html
180.163.251.76200 OK 988 B URL HTTP/1.1 360fenxi.mediav.com/mediav1130.html
IP 180.163.251.76:0
ASN #4812 China Telecom Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1579)
Hash 43d72715f35d2d71fe537bad71a28264
3f4d44e10339d042a48ca1687b00cd9ef3c64fdb
75ac43a7524fcf4b8766dd59e415ee3ba1a3e8438f1833bb62d6217a9c056ee8
GET /mediav1130.html HTTP/1.1
Host: 360fenxi.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: text/html
Last-Modified: Thu, 03 Mar 2022 02:05:24 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62202264-6d1"
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
s.union.360.cn/s.gif?lts=1&et=0&ck=0&adb=0&cl=24&ds=1280x1024&ln=en-US&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253<=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628254417&qhclickid=&_mtd=im
171.8.167.94200 OK 43 B URL HTTP/1.1 s.union.360.cn/s.gif?lts=1&et=0&ck=0&adb=0&cl=24&ds=1280x1024&ln=en-US&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253<=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628254417&qhclickid=&_mtd=im
IP 171.8.167.94:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /s.gif?lts=1&et=0&ck=0&adb=0&cl=24&ds=1280x1024&ln=en-US&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253<=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628254417&qhclickid=&_mtd=im HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
Expires: Fri, 01 Jan 1980 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getqyweixininfo&shopid=10686
39.100.38.78200 OK 0 B URL HTTP/1.1 webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getqyweixininfo&shopid=10686
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /msg/ashx/shopinfohandler.ashx?type=getqyweixininfo&shopid=10686 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.hwcma.com
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:34 GMT
webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getinteractioninfo&shopid=10686
39.100.38.78200 OK 2 B URL HTTP/1.1 webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getinteractioninfo&shopid=10686
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /msg/ashx/shopinfohandler.ashx?type=getinteractioninfo&shopid=10686 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.hwcma.com
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Length: 2
www.hwcma.com/template/365ZWP21061941/pc/images/about.png
116.255.143.80200 OK 377 kB URL HTTP/1.1 www.hwcma.com/template/365ZWP21061941/pc/images/about.png
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:08:26 16:57:38], baseline, precision 8, 1920x727, components 3\012- data
Size 377 kB (377257 bytes)
Hash ada3a3461eed0c15081b9b7c29ca1561
8184bee6877ff3a36aa4876e6840bd3d2794ed67
dadc994de7fb6be9c7642108e458607cde04438b294f116fae34d031343735a8
GET /template/365ZWP21061941/pc/images/about.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/png
Content-Length: 377257
Connection: keep-alive
Last-Modified: Thu, 26 Aug 2021 08:57:39 GMT
Accept-Ranges: bytes
ETag: "803f96b589ad71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
e.so.com/search/c.js?u=3337623864&_=1669628253894
180.163.247.186200 OK 0 B URL HTTP/1.1 e.so.com/search/c.js?u=3337623864&_=1669628253894
IP 180.163.247.186:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/c.js?u=3337623864&_=1669628253894 HTTP/1.1
Host: e.so.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: private
X-Trace: "rt":0
X-Cache: MISS
www.hwcma.com/siteimages/10686/2021082315503831.jpg
116.255.143.80200 OK 146 kB URL HTTP/1.1 www.hwcma.com/siteimages/10686/2021082315503831.jpg
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size 146 kB (145906 bytes)
Hash 90382e25fb78e92e25c2c4f52c1d50e0
a1c866e778aecd245909483e3c3a86b7e02368ef
1fbf49f6425d86f68250beb5cd8ece13a176642fb37014c0dc8fa09d0f2084f3
GET /siteimages/10686/2021082315503831.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 145906
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "f8cbdc3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
www.hwcma.com/favicon.ico
116.255.143.80404 Not Found 86 B URL HTTP/1.1 www.hwcma.com/favicon.ico
IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 text, with no line terminators
Hash 5b61351f9f1d59fde5aefa666ffb8af5
32ca13cfc618c39c9ecca158ac285431dd2a597e
ae713e455efd63006c177dc199e2029fb5811cb1cd6c9714246b7c91297a78fc
GET /favicon.ico HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170
HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
Content-Encoding: gzip
ckmap.mediav.com/b?type=10
180.163.247.134200 OK 348 B URL HTTP/1.1 ckmap.mediav.com/b?type=10
IP 180.163.247.134:0
ASN #4812 China Telecom Group
File type HTML document, ASCII text, with very long lines (588), with no line terminators
Hash 35e62d4716a1213619bbd421aab5b6d7
ef5da56df3dd7a41b9692df4eb14838b48aefb4f
5490caf026919d8e0304a4d078bfc521005e6eb2bf5affd325f1d44a90c77626
GET /b?type=10 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://360fenxi.mediav.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Expires: -1
Set-Cookie: ckmts=PUJrrjAB,P6JrrjAB,U6JrrjAB,JGJrrjAB,L6CrrjAB,J6JrrjAB; expires=Wednesday, 28-Dec-2022 17:37:36 GMT; path=/; domain=.mediav.com;
Content-Encoding: gzip
webapi.gcwl365.com/msg/message/images/new_mes1.png
39.100.38.78200 OK 1.2 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_mes1.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 23502c31840ccf1c7ce6940e39ad70cf
2cb51c52e98d97d3a142cb6d3728fb493bc58f6e
0108c96cc90f6b3ceb8bcb603db160e76644edc6c18af97e1f9c65e693594f96
GET /msg/message/images/new_mes1.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:51:40 GMT
Accept-Ranges: bytes
ETag: "e04972e062ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1164
webapi.gcwl365.com/msg/message/images/new_tel2.png?v=1.1
39.100.38.78200 OK 1.3 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_tel2.png?v=1.1
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash db09a01bd61864c53a069d8b1f5ee21a
5c83f2d6f7c38e0c4e0b7320df46f8d1fcc6356d
b60c03dcd86d674e3e04dbecd98db19136f4fe6acfa79dddcf6d3697130cf19c
GET /msg/message/images/new_tel2.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 17 May 2019 13:50:15 GMT
Accept-Ranges: bytes
ETag: "6134b774b7cd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1299
webapi.gcwl365.com/msg/message/images/new_tel1.png?v=1.1
39.100.38.78200 OK 1.2 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_tel1.png?v=1.1
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash efc3905df1f19ee3e85c6a79ebe32106
1b96ec80e7e7db36e34ff421295476b35078812e
8f1851d4a0c9560bb7c67e680290225f22c7f5332951c44ba931d435545c7b62
GET /msg/message/images/new_tel1.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 17 May 2019 13:50:10 GMT
Accept-Ranges: bytes
ETag: "ad881572b7cd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1163
webapi.gcwl365.com/msg/message/images/new_mes2.png
39.100.38.78200 OK 1.4 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_mes2.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 4aa10d4879e014685e64ec5af808f9fc
75b9c6a093ad1011edb78dafd4c1ece3b07c1082
a82abaf7a9e935df122c41fd71e31d0775095e89a29fa102f28a4b4e990dd049
GET /msg/message/images/new_mes2.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:51:52 GMT
Accept-Ranges: bytes
ETag: "da9d63e762ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1410
webapi.gcwl365.com/msg/message/images/new_qq1.png
39.100.38.78200 OK 1.8 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_qq1.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c4b1285472fabadf3f0b201991a028de
7d0f1e626caf8a0eae50a5ca2a5ffbb75057fb6b
560d0fe7197bba8a7db18b272bb7794f0dca6973d9a9fd0c46ce32e6f6d41d71
GET /msg/message/images/new_qq1.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:59:07 GMT
Accept-Ranges: bytes
ETag: "7f711deb63ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1763
webapi.gcwl365.com/msg/message/images/new_qq2.png
39.100.38.78200 OK 2.2 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_qq2.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 835802b6d18c5c9fe85add0744c83ab5
4fe7c4aa11388343fa5716cd11352a20e6dc539d
8796e4ca55940129507c99716d4215eee555bd390c8455a9b4b135ff0ba54a08
GET /msg/message/images/new_qq2.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:59:11 GMT
Accept-Ranges: bytes
ETag: "3d865ed63ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 2208
webapi.gcwl365.com/msg/message/images/new_ewm1.png
39.100.38.78200 OK 1.5 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_ewm1.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash cb7b77dd22ea01d6f5ed334e776129f9
1c6b72d1b85c13f4643dd3a5aba61bac97bbe7a9
2d4e80a0d184006fbb6669f05605dff8e1fa4d4f8644efecac753f22560a07b2
GET /msg/message/images/new_ewm1.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 04:01:43 GMT
Accept-Ranges: bytes
ETag: "6beebd4764ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1492
www.hwcma.com/undefined
116.255.143.80404 Not Found 918 B IP 116.255.143.80:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Hash a40b0fa43f923080fa06a4a643a7f309
ebef737752e7bdf854d83c0dc6b6ecb9f2331cda
6023eac1dac2d11ffffa8976dcc27f7439f5b7cf960aae4883df8e81af242ce6
GET /undefined HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170
HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
Content-Encoding: gzip
webapi.gcwl365.com/msg/message/images/ol_top1.png?v=1.1
39.100.38.78200 OK 907 B URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/ol_top1.png?v=1.1
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash e41d332b8c841ecb5fc9a25edfff2736
7de6cc9a741eafdc75dd83a90ed54ee17d55b34e
9e5b4d5516db9d17f5e3151162efab934d12cf348321137f8c30fad9a9db34e9
Analyzer Verdict Alert fortinet Phishing
GET /msg/message/images/ol_top1.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 07 Nov 2019 02:09:21 GMT
Accept-Ranges: bytes
ETag: "f2e5565e1095d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 907
webapi.gcwl365.com/msg/message/images/ol_top2.png?v=1.1
39.100.38.78200 OK 1.1 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/ol_top2.png?v=1.1
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ad49699c46d0afadd76d1e1c8022236
857262895f481182b5fab2bc2508061dc1a406eb
3d4556cb6f1690957c6c9df341a407de52b3ef77b289281710ea3d3dc6381f36
Analyzer Verdict Alert fortinet Phishing
GET /msg/message/images/ol_top2.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 07 Nov 2019 02:09:54 GMT
Accept-Ranges: bytes
ETag: "936626721095d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1079
webapi.gcwl365.com/msg/message/images/oll_mes_tel.png
39.100.38.78200 OK 3.0 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/oll_mes_tel.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d59d53dd0c40c9c315b3eaf9211608c
63cc9daba8d651b6ca6f1274bc19371077193d6d
fcef379f4acbf0e903d5ed0d417bbd5550a5f423ffb624c124636deecf659410
GET /msg/message/images/oll_mes_tel.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "1229aefbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 3023
webapi.gcwl365.com/msg/message/images/oll_mes_firm.png
39.100.38.78200 OK 3.0 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/oll_mes_firm.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 16 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b0db206b641c034de5dba4b3060b734
5fd9e2c5aa0db2bbbd4a9b16c0067b9238ddbb7b
71508ff56e286a417213dbdfee2a6615ba0f25c40e167f4ee86f542823090d98
GET /msg/message/images/oll_mes_firm.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "92f08efbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 3033
webapi.gcwl365.com/msg/message/images/new_ewm2.png
39.100.38.78200 OK 1.9 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/new_ewm2.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash fb5c8eb03f0e431bbff5bd3157945a29
eacf2af3775e6ba05a0a485a95e298d08d63d7ab
c2a5f2118755419094fce609f291d8996a8a53ca86d49e8ebfec188d0df3e95e
GET /msg/message/images/new_ewm2.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 04:01:45 GMT
Accept-Ranges: bytes
ETag: "231084964ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1872
webapi.gcwl365.com/msg/message/images/oll_mes_name.png
39.100.38.78200 OK 3.0 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/oll_mes_name.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ed42e775019a5a399ad915b7d6fdabf
0c94a62d8a92328d5523b2f6c9697c7ba930c083
3642b7190148895ef34060d0f8bffce4fa37c2df883f25e373f664c27f1d99d6
GET /msg/message/images/oll_mes_name.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "d28c9efbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 2988
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606
142.250.74.98302 Found 338 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d280fad95d123f9e4ea7db22383a7e69
8ada87e0ab0a2556397a06833004792b901024bc
6db75a1896bb60205543384b42428dbb3b23308a454e9e62c44cccc43c0ea1a9
GET /pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=
date: Mon, 28 Nov 2022 09:37:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 338
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 09:52:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=
142.250.74.98302 Found 262 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4573855ebe66784b49f30dcbbb2fbac7
dac1a2236befa5c4e382cf481278e7556df66ba5
f3b8acb0021530d438bea209bb784bdfb6ab1c0c4fc9ad0bc618bdc5f969d39a
GET /pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://ckmap.mediav.com/m?tid=3&from_mv=1&google_error=3
date: Mon, 28 Nov 2022 09:37:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webapi.gcwl365.com/msg/message/images/close.png
39.100.38.78200 OK 3.3 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/close.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 47eb606af83b6312d24583ac7046622b
144a710db9f69be7bc033a711ebe80fa7c6259b8
3c20cddb4ef9cf73135cb1c6769a2fbc77fe560ec17a27891a6b82714fe9adf0
GET /msg/message/images/close.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "322bedeebeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 3310
webapi.gcwl365.com/msg/message/images/oll_mes_email.png
39.100.38.78200 OK 3.0 kB URL HTTP/1.1 webapi.gcwl365.com/msg/message/images/oll_mes_email.png
IP 39.100.38.78:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 16 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cfb6bd7ceb12923cbc912b7d8661228
d59dbc5ea9fcd47605ed644d8844ba711ef062bf
60ebaa19220184856f3a97b0c30430df9290ae63b62c31de11b3edbe31497ae5
GET /msg/message/images/oll_mes_email.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "52548efbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:37 GMT
Content-Length: 3000
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 11b5e818cd7c8208cf0bd9b6d1a68fac
ac8eec89cc96a15299827d0e812d65d265c68c27
c9069a78c98c4c79dbd5018b2242e61ca8cc195da6e77fc78d89e88064f56759
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 05:58:30 GMT
ETag: "ac8eec89cc96a15299827d0e812d65d265c68c27"
Last-Modified: Mon, 28 Nov 2022 05:58:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3360
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771220437add1c16-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4e1da2dd4fbf4fe13150df8a479e96e4
153f29a00e890de7d96af41b6cc554b23ae09277
d0067732ae097018b3bc257b5dfe5425ae39b3831fca40150bd1ae0f39a97006
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:22:39 GMT
ETag: "153f29a00e890de7d96af41b6cc554b23ae09277"
Last-Modified: Mon, 28 Nov 2022 06:22:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3377
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77122043bb111c16-OSL
cm.pos.baidu.com/pixel?dspid=6455766&ext_data=1
110.242.68.135302 Found 0 B URL HTTP/1.1 cm.pos.baidu.com/pixel?dspid=6455766&ext_data=1
IP 110.242.68.135:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?dspid=6455766&ext_data=1 HTTP/1.1
Host: cm.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 28 Nov 2022 09:37:38 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: https://ckmap.mediav.com/m?tid=5PURL&baidu_error=1×tamp=1669628258
Server: nginx
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 2cf39d4664c18ff0370367626233232d
f04e6646eb17c483aa06533c75668be00bdd38d1
92289f7cfcf54ba228e48d4ff680212696c965ec08b4360e6e0016fb5959f3fb
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:40:43 GMT
ETag: "f04e6646eb17c483aa06533c75668be00bdd38d1"
Last-Modified: Mon, 28 Nov 2022 06:40:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2304
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771220466d4a1c16-OSL
cms.tanx.com/t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1
59.82.31.200302 Found 49 B URL HTTP/2 cms.tanx.com/t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1
IP 59.82.31.200:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1 HTTP/1.1
Host: cms.tanx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 49
location: https://ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
server: Tengine
p3p: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
eagleeye-traceid: 21367c4916696282581787373e2b9f
strict-transport-security: max-age=0
timing-allow-origin: *
X-Firefox-Spdy: h2
max.dmp.360.cn/?pid=dmp_1000
101.199.255.123302 Moved Temporarily 167 B URL HTTP/1.1 max.dmp.360.cn/?pid=dmp_1000
IP 101.199.255.123:0
ASN #4808 China Unicom Beijing Province Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83
GET /?pid=dmp_1000 HTTP/1.1
Host: max.dmp.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Mon, 28 Nov 2022 09:37:38 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Set-Cookie: __huid=10VgM%2BZGGWuXgxZjnIqIzmm2t7uG9TemHhGaYDA1gi3lc%3D; Expires=Thu, 25-Nov-32 09:37:38 GMT; Domain=.360.cn; Path=/
Location: https://ckmap.mediav.com/m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2
ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
180.163.247.134200 OK 43 B URL HTTP/2 ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
IP 180.163.247.134:0
ASN #4812 China Telecom Group
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-lvwH:Uoc39fbtt>`%+c; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2
ckmap.mediav.com/m?tid=3&from_mv=1&google_error=3
180.163.247.134200 OK 43 B URL HTTP/2 ckmap.mediav.com/m?tid=3&from_mv=1&google_error=3
IP 180.163.247.134:0
ASN #4812 China Telecom Group
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?tid=3&from_mv=1&google_error=3 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-oQ+e9!%O99fbtt?s^z^; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2
ckmap.mediav.com/m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2
180.163.247.134200 OK 43 B URL HTTP/2 ckmap.mediav.com/m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2
IP 180.163.247.134:0
ASN #4812 China Telecom Group
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-kZVOZF03x9fbttb</B2; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
huid=493d82ab39c73e944cba5572d77b45c2; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2
ckmap.mediav.com/m?tid=5PURL&baidu_error=1×tamp=1669628258
180.163.247.134200 OK 43 B URL HTTP/2 ckmap.mediav.com/m?tid=5PURL&baidu_error=1×tamp=1669628258
IP 180.163.247.134:0
ASN #4812 China Telecom Group
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?tid=5PURL&baidu_error=1×tamp=1669628258 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:39 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-trCs>(Yg]9fbttkQe0[; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2
ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84
180.163.247.134200 OK 43 B URL HTTP/2 ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84
IP 180.163.247.134:0
ASN #4812 China Telecom Group
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3m.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:39 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
X-Firefox-Spdy: h2
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash bce650095487e63c63e3360309fce371
f2a972a11a44be3069c371ba4acf3ca9dad4438e
8b3972ffdbd3aad881053734c4f9a467795a6eeebb6a77edf908d86b278df184
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:37:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 21:41:41 GMT
Expires: Thu, 01 Dec 2022 21:41:40 GMT
ETag: "F2A972A11A44BE3069C371BA4ACF3CA9DAD4438E"
cache-control: max-age=172800,public,no-transform,must-revalidate
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash 2858432fb74731409ef990e095fd62ef
b4b924c4a957df2e6222c459a40375562a29ef0f
7c639bc667e3f659129d87134404c1e3cec1764654a9160925169081e06550c8
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:37:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Sat, 26 Nov 2022 09:56:23 GMT
Expires: Sat, 03 Dec 2022 09:56:22 GMT
ETag: "B4B924C4A957DF2E6222C459A40375562A29EF0F"
cache-control: max-age=172800,public,no-transform,must-revalidate
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash bce650095487e63c63e3360309fce371
f2a972a11a44be3069c371ba4acf3ca9dad4438e
8b3972ffdbd3aad881053734c4f9a467795a6eeebb6a77edf908d86b278df184
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:37:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 21:41:41 GMT
Expires: Thu, 01 Dec 2022 21:41:40 GMT
ETag: "F2A972A11A44BE3069C371BA4ACF3CA9DAD4438E"
cache-control: max-age=172800,public,no-transform,must-revalidate
ocsp.crlocsp.cn/
101.198.193.5500 Internal Server Error 193 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f9be47ea0f6c98d7bf6ee56b6c50bf24
fc3070a829d2f86d23c8d0c46425ad1c8caafc62
d0dff0c586111358921398620bc5b44875fd44ac02d461898406f48442301708
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 500 Internal Server Error
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:36:28 GMT
Content-Type: text/html
Content-Length: 193
Connection: close
s.union.360.cn/s.gif?lts=1&et=20&mvosr=&eid=1141040&ep=&vid=&ctn=&vvid=&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253<=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628259128&_mtd=im
171.8.167.94200 OK 43 B URL HTTP/1.1 s.union.360.cn/s.gif?lts=1&et=20&mvosr=&eid=1141040&ep=&vid=&ctn=&vvid=&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253<=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628259128&_mtd=im
IP 171.8.167.94:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /s.gif?lts=1&et=20&mvosr=&eid=1141040&ep=&vid=&ctn=&vvid=&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253<=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628259128&_mtd=im HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:39 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
Expires: Fri, 01 Jan 1980 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
cm.miaozhen.atm.youku.com/cm.gif?dspid=11115
47.246.99.254200 OK 0 B URL HTTP/2 cm.miaozhen.atm.youku.com/cm.gif?dspid=11115
IP 47.246.99.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /cm.gif?dspid=11115 HTTP/1.1
Host: cm.miaozhen.atm.youku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
expires: Mon, 28 Nov 2022 09:37:37 GMT
cache-control: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=0
timing-allow-origin: *
s-rt: 97
eagleeye-traceid: 2100dd0716696282588646699e82d0, 2100dd0716696282588646699e82d0
X-Firefox-Spdy: h2
3m.mediav.com/ckmap.htm
101.198.192.7200 OK 0 B IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
GET /ckmap.htm HTTP/1.1
Host: 3m.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:39 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 19 Jul 2012 03:19:29 GMT
vary: Accept-Encoding
expires: Tue, 13 Dec 2022 09:37:39 GMT
cache-control: max-age=1296000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
kcs-via: HIT from w-fc01.hkht;HIT from w-sc01.hkht
X-Firefox-Spdy: h2