Report - www.hwcma.com/

Report Overview

Submitted URL
www.hwcma.com/
IP
116.255.143.80
ASN
#4837 CHINA UNICOM China169 Backbone
Submitted
2022-11-28 09:37:44
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
s.union.360.cn	153874	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	13 kB	171.8.167.94
cm.pos.baidu.com	224703	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	263 B	110.242.68.135
webapi.gcwl365.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.9 kB	75 kB	39.100.38.78
max.dmp.360.cn	492617	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	544 B	101.199.255.123
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
ocsp.crlocsp.cn	175388	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.0 kB	101.198.193.5
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	322 B	114 B	182.61.240.101
wx.weidaoliu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	3.8 kB	101.37.84.12
e.so.com	101388	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	300 B	217 B	180.163.247.186
ckmap.mediav.com	336843	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	3.2 kB	180.163.247.134
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.3
cm.miaozhen.atm.youku.com	529977	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	341 B	47.246.99.254
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.35.190.173
www.hwcma.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	1.7 MB	116.255.143.80
webapi.weidaoliu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	621 B	2.5 kB	101.37.84.12
360fenxi.mediav.com	267328	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	1.3 kB	180.163.251.76
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.9 kB	104.18.21.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	283 B	750 B	182.61.201.94
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
cm.g.doubleclick.net	202	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	931 B	2.1 kB	142.250.74.98
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	734 B	3.9 kB	104.18.21.226
cms.tanx.com	185436	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	547 B	59.82.31.200
3m.mediav.com	488086	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	471 B	405 B	101.198.192.7
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	webapi.gcwl365.com/msg/message/messagesend.js?+Math.random()	Phishing
2022-11-28	medium	webapi.gcwl365.com/msg/message/font/iconfont.css?v=689	Phishing
2022-11-28	medium	webapi.gcwl365.com/msg/js/plugin/layer/layer.js	Phishing
2022-11-28	medium	webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js	Phishing
2022-11-28	medium	webapi.gcwl365.com/msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303	Phishing
2022-11-28	medium	webapi.gcwl365.com/msg/message/images/ol_top1.png?v=1.1	Phishing
2022-11-28	medium	webapi.gcwl365.com/msg/message/images/ol_top2.png?v=1.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	webapi.weidaoliu.com/msg/msgstat.ashx?shopid=10686	184 B	2023-03-11	2023-03-11
Pretty URL webapi.weidaoliu.com/msg/msgstat.ashx?shopid=10686 IP 101.37.84.12 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash 9791992de765e728a8b1876aa7f2ef5f 2304c756b5355fbe41132b7382068bec1d02c651 e9e20c86d77e030df3ccdcbf0b9c630d85c5359df3e4769aa85eb862dc8ec7c2 Loading...

	webapi.gcwl365.com/msg/js/plugin/layer/layer.js	22 kB	2023-03-07	2023-11-27
Pretty URL webapi.gcwl365.com/msg/js/plugin/layer/layer.js IP 39.100.38.78 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:02:13 Last Seen2023-11-27 12:22:07 Times Seen11 Hash a72f23715dd7b3a3a650b8e499d3e04a 385c17ddff78be64497d56f3589103523fb67fdb 661f380b3cedd25209ae8dacce24bb16c3cd43bb6a2a3c1a830b2af0112837ee Loading...

	s.union.360.cn/459976.js	26 kB	2023-03-11	2023-03-11
Pretty URL s.union.360.cn/459976.js IP 171.8.167.94 ASN #137687 Luoyang, Henan Province, P.R.China. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash 6b1f6a3a80bfd1f835fd68e8f3204de4 139ae0bcc76ed11120637be7a3c161898122fa81 e9e5257616b689274a94eac4eda828de418d26059e1d683fd871f8271a14f205 Loading...

	e.so.com/search/c.js?u=3337623864&_=1669628253894	0 B	2023-03-07	2024-04-26
Pretty URL e.so.com/search/c.js?u=3337623864&_=1669628253894 IP 180.163.247.186 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:15:18 Times Seen37088228 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.hwcma.com/template/365ZWP21061941/pc/js/form.min.js	84 kB	2023-03-11	2023-03-11
Pretty URL www.hwcma.com/template/365ZWP21061941/pc/js/form.min.js IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash 493d20768d54c00f6e7bb1478ba62877 80df6508da9e635a9a5172e4b8902f04bf3eec93 340d68a059ff267c427ac8758e43c50ca0b6ddc2347f464042ba4831236ffbe0 Loading...

	www.hwcma.com/	228 B	2023-03-11	2023-03-26
Pretty URL www.hwcma.com/ IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-26 04:48:51 Times Seen2 Hash 2e0e1003ee7dbd17fe9f1cd5797dfad3 489b31838b81083ae6e5abf6918c19f5783be0e4 17ba68a74570b9ec8a339fd82b59d6ad169ba59a2d0292b8edc86ba5e3509680 Loading...

	360fenxi.mediav.com/mediav1130.html	1.5 kB	2023-03-07	2023-04-05
Pretty URL 360fenxi.mediav.com/mediav1130.html IP 180.163.251.76 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:21 Last Seen2023-04-05 01:56:39 Times Seen26 Hash 8b2a0f98ad150eb07ade4521e4f45d8f 80482ff1ec88cd1a00430b6f22fd819d34bec075 5f51a8922ad788b2695fd22f3616d6a2a632c1bfd8913ea0dc1590530237df4a Loading...

	wx.weidaoliu.com/msg/message/js/clipboard.min.js	10 kB	2023-03-07	2024-04-22
Pretty URL wx.weidaoliu.com/msg/message/js/clipboard.min.js IP 101.37.84.12 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2024-04-22 00:06:44 Times Seen576 Hash af8ab36589315582ccdd82f22e84bffb 6371ec0a8e242395c7d4d008d2b98e472c9dcc52 8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2 Loading...

	s.union.360.cn/proxy.html	597 B	2023-03-07	2023-04-05
Pretty URL s.union.360.cn/proxy.html IP 171.8.167.94 ASN #137687 Luoyang, Henan Province, P.R.China. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:21 Last Seen2023-04-05 01:56:39 Times Seen27 Hash 3231d02f3717305105fd8513b7903044 93af79651a095d83659fc21a3dac7abd07c2724b b361a9b27e128328f61a0b3d414f63fea75a9c65211755db86726eecdd9539a9 Loading...

	www.hwcma.com/template/365ZWP21061941/pc/js/jquery-1.11.3.min.js	96 kB	2023-03-11	2023-03-11
Pretty URL www.hwcma.com/template/365ZWP21061941/pc/js/jquery-1.11.3.min.js IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash 725e3e1d60ddb48d38123c70b998cdc4 0b4f13d7e257e68f8c0ea19f5d25974bf18fb464 55d0c12079be8d194500a141d81e86c6d225e9d866b1e20d140f355bf0e64ad9 Loading...

	www.hwcma.com/	140 B	2023-03-11	2023-03-11
Pretty URL www.hwcma.com/ IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash ebfdea17d3586e9ad71dbdc125e80d87 516dec4f7151f07a7fa78e05c11c39674e0f71d6 5049ad068f3f8a9c5ed74262b576accf033b6ffe18da61f9e296694c58b7b503 Loading...

	www.hwcma.com/	116 B	2023-03-11	2023-03-11
Pretty URL www.hwcma.com/ IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash d5004d8e77e12484e0a6aa712673c9a3 689c0a0ff163559372acf6b72234f1d20cbd699a 18e2f12cdd34d0d77643fb588a62b0c0b14ae1a402ee7b570d58a26903f20e02 Loading...

	www.hwcma.com/	404 B	2023-03-07	2024-04-26
Pretty URL www.hwcma.com/ IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 05:42:02 Times Seen2979 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.hwcma.com/	289 B	2023-03-11	2023-03-11
Pretty URL www.hwcma.com/ IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash debd1a4588f0b6777242b0917d98e3ac e922c06887f6a14f6f619f8d9cdc797632028726 9c2c8199ddf2aea548646b2292f943a6f4654263bab7e3c487a333b11fec5fac Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.94 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 07:17:56 Times Seen19010 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	webapi.gcwl365.com/msg/message/messagesend.js?+Math.random()	46 kB	2023-03-10	2023-03-14
Pretty URL webapi.gcwl365.com/msg/message/messagesend.js?+Math.random() IP 39.100.38.78 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:23:05 Last Seen2023-03-14 03:59:36 Times Seen1 Hash a4a8569db8d1fb5b1ce6dd70cfcac1aa 2e7620895ccff28683db5c76c1505cbaba58f314 6d20f3e2242cc8353b9f80dd50a3a917488b92b7f7d7b06caf0a50d7275ecb56 Loading...

	www.hwcma.com/template/365ZWP21061941/pc/js/org.min.js	400 kB	2023-03-11	2023-03-11
Pretty URL www.hwcma.com/template/365ZWP21061941/pc/js/org.min.js IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash 68de2018f0d55d17afd6862b5eb53efd fd0fa13fc1c89835376f7b92521ec8fe225f5596 8854c78ddd9fd527468b8bb12705398ad7165a0fae9436960b1455649c6f2390 Loading...

	www.hwcma.com/	276 B	2023-03-10	2023-03-11
Pretty URL www.hwcma.com/ IP 116.255.143.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:23:06 Last Seen2023-03-11 21:51:12 Times Seen1 Hash c04faef12817e9808f6d149eda3f526d 5e784b700eacb4a9bb1f979a4cece3a7ac1d47bd 5a61c0b72ac971ddcef100e876fe40838f385d63b3b94b1d2f1d81d1a8e70ec0 Loading...

	webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js	18 kB	2023-03-08	2024-01-11
Pretty URL webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js IP 39.100.38.78 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:10:31 Last Seen2024-01-11 09:14:34 Times Seen14 Hash 8c0a2a2192c84954a20272587124fcb1 0bdbc13eef6212efa4305b249c470e26febf85d4 c186d8067302a1ed7bcba85cf58d2601baedbd1aab4ae2d50814f4c008ab3221 Loading...

	3m.mediav.com/ckmap.htm#prefix=https://ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84	177 B	2023-03-07	2023-04-05
Pretty URL 3m.mediav.com/ckmap.htm#prefix=https://ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:21 Last Seen2023-04-05 01:41:31 Times Seen3 Hash 639da7d90556d80a84af96a6deefb583 b56f10f162d6c8fe8244f3edd29b9181c6fd5cb7 266cefeef40436d45ccc0bc22d3673c99127c54d7d392d041a48fb513911785c Loading...

		Size	First Seen	Last Seen
	#1 Write - 4f3a75f75dad4b1081c9afce87d443a4	157 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:51:12 Last Seen2023-03-11 21:51:12 Times Seen1 Hash 4f3a75f75dad4b1081c9afce87d443a4 c9c3a2bdc9631fe1aed87747d09ae9f1acf1a25c d3c287848440fefb49fe23eedb5a8712d1078a5975dab0a6fc04accfc505d625 Loading...

	#2 Write - da09f1773c3d8cbdc56ef873ac20b993	586 B	2023-03-10	2023-12-30
Pretty Observations First Seen2023-03-10 22:23:06 Last Seen2023-12-30 10:57:13 Times Seen4 Hash da09f1773c3d8cbdc56ef873ac20b993 996594a4364a3027a2ecfd7cf5cde9868fc3a640 c9b8fbc7df47c71b0af8c754ae184be8d6072287387a9b9103108bb72e6306d6 Loading...

HTTP Transactions (114)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9901
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 09:37:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:31 GMT
Last-Modified: Mon, 28 Nov 2022 08:01:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8678
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 09:37:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: X8iA8pJhLs79A3oTq6Zeotpos/1pZ9aK8xrYl3OSmUe9dH9xsavhNmwaByKyctG+o3H8ijdNq8U=
x-amz-request-id: 26BSD9C4Z80CXE0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 08:41:59 GMT
age: 3332
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 09:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1079
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:37:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 09:11:12 GMT
cache-control: public,max-age=3600
age: 1579
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2752
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:32 GMT
Last-Modified: Mon, 28 Nov 2022 08:51:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

www.hwcma.com/

116.255.143.80

200 OK

9.0 kB

URL HTTP/1.1
www.hwcma.com/
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
9.0 kB (8951 bytes)
Hash
671752290bad1ecece866952b3f429bf
bfe48474d37cf6a0af8c362dfa42df1af5274437
4c9ba7cc4d08bb326e8254efccb6c9d6c92b337fb6e4d73ea36c1be96859157b

HTTP Headers

GET / HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8951
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; path=/; HttpOnly; SameSite=Lax
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

push.services.mozilla.com/

52.35.190.173

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.190.173:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pAiF38eaUMlAQny/MZLkTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Av4W1RSU611+85gl4FJsFOYHPDA=

www.hwcma.com/template/365ZWP21061941/pc/css/style.css

116.255.143.80

200 OK

18 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/css/style.css
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 (with BOM) text
Size
18 kB (18016 bytes)
Hash
e73389dbb946bf20f97a39854432f782
54aab996d4e759c1ddd1996a2ea32bb3c8426dd4
62f1590167ae5a29d19925fb4ebe624433502e5b4e60b54004e7226b30c7ac4d

HTTP Headers

GET /template/365ZWP21061941/pc/css/style.css HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: text/css
Content-Length: 18016
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 08:56:07 GMT
Accept-Ranges: bytes
ETag: "80ed2235589ad71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/template/365ZWP21061941/pc/css/font-awesome.min.css

116.255.143.80

200 OK

8.3 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/css/font-awesome.min.css
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
ASCII text, with very long lines (30837)
Size
8.3 kB (8325 bytes)
Hash
122408ebb5ce04f025c6eb03746809e4
f1be50449509d130f816096fa89f4ae6acf5bf3a
71419fbd8caa026b000ad2efd64f2e2038263d93e8cf1f038ad5cfb1ee9400d3

HTTP Headers

GET /template/365ZWP21061941/pc/css/font-awesome.min.css HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: text/css
Content-Length: 8325
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 15:08:05 GMT
Accept-Ranges: bytes
ETag: "80b8e813e435d21:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/template/365ZWP21061941/pc/css/4101.css

116.255.143.80

200 OK

21 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/css/4101.css
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (463)
Size
21 kB (20894 bytes)
Hash
a3f9a1997cf36e4fb8b281e9e5edc66e
5960558b62840addb5e2c59d9f55225ae8ce6d33
9318fe48bbfe96192f7475fd7e1973cfabc9b78a8929c16930a33f4a7dfbb81b

HTTP Headers

GET /template/365ZWP21061941/pc/css/4101.css HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: text/css
Content-Length: 20894
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 08:56:45 GMT
Accept-Ranges: bytes
ETag: "8044c94b589ad71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/template/365ZWP21061941/pc/js/jquery-1.11.3.min.js

116.255.143.80

200 OK

43 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/js/jquery-1.11.3.min.js
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 text, with very long lines (32038), with CRLF line terminators
Size
43 kB (43047 bytes)
Hash
c2eca0d0555ae83f47ec164d7f0746f9
9bb1277cda9398ab01d730e971a555f0d96773b9
9cd2a53936a0cf4a9095809faee5eb1eb1f5f612420ecee8b0764fe22f3ec22a

HTTP Headers

GET /template/365ZWP21061941/pc/js/jquery-1.11.3.min.js HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: application/javascript
Content-Length: 43047
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 03:30:33 GMT
Accept-Ranges: bytes
ETag: "80d2f049a968d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

webapi.weidaoliu.com/msg/msgstat.ashx?shopid=10686

101.37.84.12

200 OK

300 B

URL HTTP/1.1
webapi.weidaoliu.com/msg/msgstat.ashx?shopid=10686
IP
101.37.84.12:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with no line terminators
Size
300 B (300 bytes)
Hash
06eba1ce8bc391005761f56900e0c6d1
fc1c65935ea7d518fa965353a1edfd3f03d80cfd
8ea38e6c9fecb8001aab40f3ab3df6b47c83974ca2b811e0fe9225ff28b7e2fd

HTTP Headers

GET /msg/msgstat.ashx?shopid=10686 HTTP/1.1
Host: webapi.weidaoliu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Length: 300

www.hwcma.com/template/365ZWP21061941/pc/js/form.min.js

116.255.143.80

200 OK

32 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/js/form.min.js
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 text, with very long lines (31955), with CRLF line terminators
Size
32 kB (32384 bytes)
Hash
f8ea9e73dc9dea0ca20d857c39b10932
ccc7b4edc292cc4c73c13947b7c143feda41e750
fe6d7c0e85f212f4c45db6309d1533e1133fcf71a19ed98cb3e0a926fc7490e7

HTTP Headers

GET /template/365ZWP21061941/pc/js/form.min.js HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: application/javascript
Content-Length: 32384
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 03:30:33 GMT
Accept-Ranges: bytes
ETag: "80d2f049a968d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

webapi.gcwl365.com/msg/message/messagesend.js?+Math.random()

39.100.38.78

200 OK

9.4 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/messagesend.js?+Math.random()
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1420), with CRLF line terminators
Size
9.4 kB (9427 bytes)
Hash
8658bc98ff8f2a7c708896a7d051fc3d
f390bd229708dc93b2306a9a08c37523bc9f9fc3
c38ab63fd3ecfbf64b69ad17eddf2cfd38242cd168e65574b1bc13356c80eb92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/message/messagesend.js?+Math.random() HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 04:19:13 GMT
Accept-Ranges: bytes
ETag: "80b61d33e893d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Length: 9427

www.hwcma.com/template/365ZWP21061941/pc/js/org.min.js

116.255.143.80

200 OK

146 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/js/org.min.js
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 text, with very long lines (28392), with CRLF line terminators
Size
146 kB (145950 bytes)
Hash
d310d36d02ad35023bfa8d63ca9ca4ff
99b0e1ebe04f54197b0170ea50e2e70e60d1e302
ed7a9e9b803ba081370db829588344648732c040a5ed10061b058d281f2e7a0e

HTTP Headers

GET /template/365ZWP21061941/pc/js/org.min.js HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 03:30:23 GMT
Accept-Ranges: bytes
ETag: "80f1fa43a968d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=logo.png

116.255.143.80

302 Found

143 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=logo.png
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
6580c806bad682911632157c0b43092a
0f85135f7e52a7d080de1869f57a630ee26bebed
4c994d100d866e5e05096a6f9df3360d28e6dc4155f61324142544efe73160a4

HTTP Headers

GET /img.ashx?shopid=10686&file=logo.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/logo.png
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502749.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502749.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
cc4d7fc25862dfc477da69ec6f58772d
421583c1ce219cc7abf23711e6fd9ad3589b357d
bf2109ab7626f4dbbbc98e3be2e092ce70e45862b1c4e53e4711545ac6f5a87b

HTTP Headers

GET /img.ashx?shopid=10686&no=true&file=2021082315502749.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315502749.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=2021031915284924.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=2021031915284924.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
423027dafb2229ebe3df3f2b4ad8daef
1f8d692324d6fa9c372407548a98269a23139892
43a074ac01fd75422b4a2a5d94bcd172a115e3dc685914d4271eeca96ffca116

HTTP Headers

GET /img.ashx?shopid=10686&file=2021031915284924.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915284924.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=2021031915313184.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=2021031915313184.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
9fc8c8ae38d5c013c67cf64e7396aa91
149d568ec6b4bd317321be4ccbc6cda89107e8ba
539710e3d3e9033c5511dd294bb298ffde1d15bfc4d0e006985d69d17081ac7c

HTTP Headers

GET /img.ashx?shopid=10686&file=2021031915313184.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915313184.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=2021031915123919.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=2021031915123919.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
70fbc9b05ee181245fea78566ecffdf6
5355a8a82ff9e37371123bc2d1c410ade46c5ffe
56c9e637d4555eb035855874e01f9e09fd5863cf3ba66777720599438995124f

HTTP Headers

GET /img.ashx?shopid=10686&file=2021031915123919.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915123919.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502877.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502877.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
533d922a945bc8c00d5e4474e4942b1b
2989c6f25d16ff9d4423097f7f22b7adbb2c0964
b5fe6ad80b156ad445c4fb81fa9ac9e2e8490973315103a8791e16b83c822be6

HTTP Headers

GET /img.ashx?shopid=10686&no=true&file=2021082315502877.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315502877.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6421
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 41777
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5989 bytes)
Hash
fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P0Nx-FcvcV-f5cRPwZr5sEMb8pH3AoYFr185q_D0X2bE7z40nDn91w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 42389
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15639 bytes)
Hash
0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 42038
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11255 bytes)
Hash
6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0diXekmaxz0zbwy1wShePUxsvtC59YoEPcLJmS_ql6uKG0MtqbxbeQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:03:04 GMT
age: 41669
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6376 bytes)
Hash
78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 41767
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12555 bytes)
Hash
f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KcI_BV4rZkM-2CmcFI5qkJLT-OOwYQnRNEPXrQJvlNA9A3Da0EzgEA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 42389
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

webapi.gcwl365.com/msg/message/font/iconfont.css?v=689

39.100.38.78

200 OK

2.4 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/font/iconfont.css?v=689
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (2679)
Size
2.4 kB (2371 bytes)
Hash
9d6fe6a9b815f70a752d3effcdb0003b
0d11420d199d5d594e6c855c1f02ae96fb08afd2
105c81858c1251ea44425eac57bacdab314d01c75e0e1d28baff0d29bca773e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/message/font/iconfont.css?v=689 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 26 Sep 2018 06:43:32 GMT
Accept-Ranges: bytes
ETag: "082a63d6455d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 2371

webapi.weidaoliu.com/msg/images/new_message.gif

101.37.84.12

200 OK

1.4 kB

URL HTTP/1.1
webapi.weidaoliu.com/msg/images/new_message.gif
IP
101.37.84.12:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
1.4 kB (1360 bytes)
Hash
b69aba4ab6c4a9c0b79738a3937fc631
9ffcf6e9186778bfda4bf32b78200b0d9ad22b96
6ffb5cfc3a7b143ed55c065c6177bc8ebf89d67457cb1a70a839ee225434cb98

HTTP Headers

GET /msg/images/new_message.gif HTTP/1.1
Host: webapi.weidaoliu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 14 May 2018 02:14:52 GMT
Accept-Ranges: bytes
ETag: "2579ee5729ebd31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 1360

webapi.gcwl365.com/msg/message/css/style.css?v=4.2

39.100.38.78

200 OK

2.9 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/css/style.css?v=4.2
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text
Size
2.9 kB (2900 bytes)
Hash
a6ccd008e069943e27d33844624f47c2
7c94e0899122b7fca210b6c5bc5d4b47c2012e6b
bd5910111608486aae79c772bef03beb77093575a8f66b4c4752d629a484bad4

HTTP Headers

GET /msg/message/css/style.css?v=4.2 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 10 Jun 2022 02:55:35 GMT
Accept-Ranges: bytes
ETag: "80ad6d8e757cd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 2900

push.zhanzhang.baidu.com/push.js

182.61.201.94

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 28 Nov 2022 09:37:33 GMT
Etag: "4078521116"
Expires: Tue, 28 Nov 2023 09:37:33 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=78BE2F169CEF4F573B9CA877FFFCD48D:FG=1; max-age=31536000; expires=Tue, 28-Nov-23 09:37:33 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

webapi.gcwl365.com/msg/js/plugin/layer/layer.js

39.100.38.78

200 OK

7.4 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/js/plugin/layer/layer.js
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (21529)
Size
7.4 kB (7449 bytes)
Hash
b8fba5f6cceaf52ef049b78beee0a1a3
d69d8550ff6554b3db3e61257cee227f7a6cbefe
3aa69c08f652e111eb29b3dc7b9f6ad0b4cb3a16ad97f486b7be0ed4eecd6e38

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/js/plugin/layer/layer.js HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 17 May 2018 07:21:31 GMT
Accept-Ranges: bytes
ETag: "804f83adafedd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 7449

webapi.gcwl365.com/msg/message/css/wechat-wrap.css

39.100.38.78

200 OK

5.7 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/css/wechat-wrap.css
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (1503), with CRLF line terminators
Size
5.7 kB (5740 bytes)
Hash
16fef24dd4823fad8aab70df69b066e3
f623f74570bd003c0336323aec9443f22c9c06ff
9371968c7c043ea70dcf652b461e33e8eecc01153c949b220c31c9861f00527a

HTTP Headers

GET /msg/message/css/wechat-wrap.css HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 09:02:41 GMT
Accept-Ranges: bytes
ETag: "804efe741e17d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 5740

webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js

39.100.38.78

200 OK

5.2 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/js/jquery.qrcode.min.js
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (675), with CRLF line terminators
Size
5.2 kB (5248 bytes)
Hash
11c436444b1d615797d09f636173db33
b576573fed16a84e7d56bfab58e003e73ca1d98a
399529ee56da36339798d81cbb0519112530adee27ccfbb321eb7cf02f03d2c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/message/js/jquery.qrcode.min.js HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Aug 2018 05:10:03 GMT
Accept-Ranges: bytes
ETag: "8074be75529d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 5248

www.hwcma.com/template/365ZWP21061941/pc/fonts/fontawesome-webfont.woff2?v=4.7.0

116.255.143.80

200 OK

77 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /template/365ZWP21061941/pc/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.hwcma.com/template/365ZWP21061941/pc/css/font-awesome.min.css
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2016 15:08:03 GMT
Accept-Ranges: bytes
ETag: "808bb712e435d21:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/2021031915123919.jpg

116.255.143.80

200 OK

38 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021031915123919.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x522, components 3\012- data
Size
38 kB (37694 bytes)
Hash
0979a980e1ae0b6b0dc6956626d0a047
9904967bde9fd559c782714044cc7aecbf867d5a
9511fa99913d04db738f21e1671e4dba2cb2ccbb30394c11444859da49393cef

HTTP Headers

GET /siteimages/10686/2021031915123919.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 37694
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "e0f84af3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=2021031915393318.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=2021031915393318.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
e0cf0b07dd1ba94db2bdaa52d2875a72
ef1cbb0745376d997b7dbc2f416f79821425412b
78d79691313f2eccabbf6d6926478cfeb640d6ec4cf9f0f895c579329cd7bdca

HTTP Headers

GET /img.ashx?shopid=10686&file=2021031915393318.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915393318.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=2021031915380062.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=2021031915380062.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
7c24997a034fa8137447ff6e00af4957
79fac0ba264e8b9cf12da50e98f87ec4455ad6dc
8dae55720dcd75dd24170b282acda7705d2ff638cfdef505a4eab86b19f03138

HTTP Headers

GET /img.ashx?shopid=10686&file=2021031915380062.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915380062.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=2021031915332944.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=2021031915332944.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
516512f2fb0a3f1bbf5b94bbde1e67e8
b2101d3916e46bed6c597b363c4a2e9fbe14f433
10381235694a78c6ba7c36f72cc2f3f0693a7d2788f438952468eaf504e7d52b

HTTP Headers

GET /img.ashx?shopid=10686&file=2021031915332944.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021031915332944.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

webapi.gcwl365.com/msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303

39.100.38.78

200 OK

2.9 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (14499), with no line terminators
Size
2.9 kB (2872 bytes)
Hash
be60b3f7cd68739042226260a3d617ca
850d8b7957c386555101e6ef4033542f2603d3c4
58dd83fdc48ab4c4a0c5704559f293cef21dc725037a97a0e6b4f5e182b63d4c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/js/plugin/layer/skin/default/layer.css?v=3.0.3303 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 17 May 2018 07:21:31 GMT
Accept-Ranges: bytes
ETag: "804f83adafedd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:33 GMT
Content-Length: 2872

www.hwcma.com/siteimages/10686/2021031915284924.jpg

116.255.143.80

200 OK

22 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021031915284924.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Size
22 kB (22413 bytes)
Hash
ca599c06707288189e0366640847e6bc
51969c9587caa3467f24b3447c1e842a23c36418
c4fdfbfb834d605d6d5c8a0bbec881565797657b5657d88eda6fea8b5fc2629f

HTTP Headers

GET /siteimages/10686/2021031915284924.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 22413
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "6cc245f3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

s.union.360.cn/459976.js

171.8.167.94

200 OK

11 kB

URL HTTP/1.1
s.union.360.cn/459976.js
IP
171.8.167.94:0
ASN
#137687 Luoyang, Henan Province, P.R.China.

File type
Unicode text, UTF-8 text, with very long lines (25491)
Size
11 kB (10632 bytes)
Hash
6195f7ead1dd0268046612c0d5da4b5b
421ea8d0081f51ccb522bad5cd4a391c772fc531
52fdb19e2b5ffa05d84ab1bc353eed114074f873087a77bca589887489e2fa9c

HTTP Headers

GET /459976.js HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Set-Cookie: __huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO/H29AqYlNlKQs=; Expires=Thu, 25-Nov-32 09:37:34 GMT; Domain=.360.cn; Path=/
__guid=219755712.2246107121251300096.1669628254000.7490; Expires=Tue, 28-Nov-23 09:37:34 GMT; Domain=.360.cn; Path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Etag: W/"15c4e14eeebbd4f6423af0721eb8ae88"
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip

www.hwcma.com/siteimages/10686/2021031915332944.jpg

116.255.143.80

200 OK

71 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021031915332944.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2019:11:20 11:21:23], baseline, precision 8, 400x300, components 3\012- data
Size
71 kB (70693 bytes)
Hash
6940b1e49bc8bd2345fceb71159945eb
4f6faa94ba268adacfc91f59b70969eb2495089d
f23859a4df15d0789e6beec23ec2945bd26a79de311c8177f00e3eedd3de77ab

HTTP Headers

GET /siteimages/10686/2021031915332944.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 70693
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "6203df3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&file=202108231748072.jpg

116.255.143.80

302 Found

154 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=202108231748072.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
f13c8cff15bab26d46034a19772f9951
ed0c5a7c16747c005dd0180cc211e3275f330cb7
63aac852a9dde27a3d832a71598783fe274cb9a1c5be37cd31c7b18ba111796a

HTTP Headers

GET /img.ashx?shopid=10686&file=202108231748072.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 154
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/202108231748072.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/2021031915380062.jpg

116.255.143.80

200 OK

16 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021031915380062.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 94x94, segment length 16, baseline, precision 8, 485x299, components 3\012- data
Size
16 kB (15463 bytes)
Hash
1cfe5f49d273a216767a5ca66ce2ce0f
164a53b2901408231014887259807a6135d4db5d
7debd38cdfe62a97bb97a8e85fdaadc82fdef8c3d6d956f1f3c269e3ee48897c

HTTP Headers

GET /siteimages/10686/2021031915380062.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 15463
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "812f23f3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/2021031915313184.jpg

116.255.143.80

200 OK

16 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021031915313184.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 422x300, components 3\012- data
Size
16 kB (15786 bytes)
Hash
cc3b9c442ce17d2f6c96e0b75d9202a8
9635db651670f4a5ef8b10f70b1a863df8d7504c
aa0f53cc912f70b15c5d6619f3cc20586518453f4d9192b5a2490d9243f0f8d8

HTTP Headers

GET /siteimages/10686/2021031915313184.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 15786
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "513e2bf3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/2021031915393318.jpg

116.255.143.80

200 OK

13 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021031915393318.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 580x419, components 3\012- data
Size
13 kB (13379 bytes)
Hash
7e1add31141b583cbf7cd34ef92ad252
6a4d92336327ea2f4904ac62b81782022b66cfb4
86fe3ab797c60f2b59a4191366719bb02393f29c24c027626989e693d133433c

HTTP Headers

GET /siteimages/10686/2021031915393318.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 13379
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 08:00:38 GMT
Accept-Ranges: bytes
ETag: "812f23f3951cd71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

api.share.baidu.com/s.gif?l=http://www.hwcma.com/

182.61.240.101

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.hwcma.com/
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.hwcma.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Nov 2022 09:37:34 GMT

www.hwcma.com/siteimages/10686/2021082315502749.jpg

116.255.143.80

200 OK

227 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021082315502749.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size
227 kB (227104 bytes)
Hash
c846b32982e29b454d9d83fe38ae06fa
8105bfbc455ed3539b76a60c915e3b367a940f08
b68a10529595017ea64434195ab63aec2162a676cdf5f4c7562bafa22059f799

HTTP Headers

GET /siteimages/10686/2021082315502749.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 227104
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "5b1cbfc3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315503831.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315503831.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
4d16ccdbe892854978a633948d08af58
6a956378d5431d62be5358e5bbed5a42c2bfabcc
73174a031258d2c91a4cedc95b679802ffd03ef7c2aef2ba8d3c606684df08c5

HTTP Headers

GET /img.ashx?shopid=10686&no=true&file=2021082315503831.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315503831.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502642.jpg

116.255.143.80

302 Found

155 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&no=true&file=2021082315502642.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
c287c779deab90610000bff749c27646
1619d49e70b3c0be24fc56f0580b035bfd1e0c04
cd6b0abdb99574c96736632d7ce7772c36b9620d9e1e51846b0f2e5a66d6bf04

HTTP Headers

GET /img.ashx?shopid=10686&no=true&file=2021082315502642.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 155
Connection: keep-alive
Cache-Control: private
Location: /siteimages/10686/2021082315502642.jpg
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/202108231748072.jpg

116.255.143.80

200 OK

7.0 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/202108231748072.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 300x170, components 3\012- data
Size
7.0 kB (7045 bytes)
Hash
45d5ebb2e28b2fea951d821ce43f8d23
cbd1a85ed67fe2e529001e8917392b61de2614ae
38d2d1f8c7551b73ad27df8364e28ed09f1ffe4e6440fd18de9c955a8f626985

HTTP Headers

GET /siteimages/10686/202108231748072.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 7045
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 09:49:59 GMT
Accept-Ranges: bytes
ETag: "26f4d83c498d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

s.union.360.cn/s.gif?lts=1&et=100&si=459976&ldt=1&vis=visible&prv=0&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&t=1669628253887&v=3.2.0&_mtd=im

171.8.167.94

200 OK

43 B

URL HTTP/1.1
s.union.360.cn/s.gif?lts=1&et=100&si=459976&ldt=1&vis=visible&prv=0&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&t=1669628253887&v=3.2.0&_mtd=im
IP
171.8.167.94:0
ASN
#137687 Luoyang, Henan Province, P.R.China.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /s.gif?lts=1&et=100&si=459976&ldt=1&vis=visible&prv=0&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&t=1669628253887&v=3.2.0&_mtd=im HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
Expires: Fri, 01 Jan 1980 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache

wx.weidaoliu.com/msg/message/js/clipboard.min.js

101.37.84.12

200 OK

3.4 kB

URL HTTP/1.1
wx.weidaoliu.com/msg/message/js/clipboard.min.js
IP
101.37.84.12:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with very long lines (10360)
Size
3.4 kB (3358 bytes)
Hash
6a21970d8e1244d757a2b322597e23b9
aa05c68ec2b039dfd66e985a74ac33d29f1c1c7e
a0fe78dc7765c2ba8497287f40707c4c972e0bcef1e40bf7ade3edb2e29a65e3

HTTP Headers

GET /msg/message/js/clipboard.min.js HTTP/1.1
Host: wx.weidaoliu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hwcma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 03:10:57 GMT
Accept-Ranges: bytes
ETag: "80f6949ce62fd61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Length: 3358

www.hwcma.com/img.ashx?shopid=10686&file=

116.255.143.80

302 Found

127 B

URL HTTP/1.1
www.hwcma.com/img.ashx?shopid=10686&file=
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
127 B (127 bytes)
Hash
360f661eef5247e29b339c69de74acd5
1acf2420e6fdcbe1a36c2c32130aad875ef0628e
e82aa6efa971062b43638400e5e6839f5abb7f8234301aa34844b94b23f15b8a

HTTP Headers

GET /img.ashx?shopid=10686&file= HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg; charset=utf-8
Content-Length: 127
Connection: keep-alive
Cache-Control: private
Location: /nopic.png
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/logo.png

116.255.143.80

200 OK

9.9 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/logo.png
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9855 bytes)
Hash
b73a0097c364a74635400ce5e81f97a7
bc7659b4f9c98f35da31243effd01e4a3d73b56d
ebfa29753c81e23c328e6372022b29651655ca038de499bc84bc866b6bbefe0c

HTTP Headers

GET /siteimages/10686/logo.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/png
Content-Length: 9855
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 02:51:41 GMT
Accept-Ranges: bytes
ETag: "49ccb2332fefd81:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

s.union.360.cn/proxy.html

171.8.167.94

200 OK

434 B

URL HTTP/1.1
s.union.360.cn/proxy.html
IP
171.8.167.94:0
ASN
#137687 Luoyang, Henan Province, P.R.China.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (707), with no line terminators
Size
434 B (434 bytes)
Hash
d713c4be4307c2ba08c151d879b32522
ee36cc8098954691e78c377f29ec8b55b8f36570
881c2afefaf064920d4b302d86aa2a097042146a5e9d232a8265642a1f6e97b0

HTTP Headers

GET /proxy.html HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: text/html
Last-Modified: Thu, 03 Mar 2022 02:05:35 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"6220226f-2c3"
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

www.hwcma.com/nopic.png

116.255.143.80

404 Not Found

86 B

URL HTTP/1.1
www.hwcma.com/nopic.png
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 text, with no line terminators
Size
86 B (86 bytes)
Hash
5b61351f9f1d59fde5aefa666ffb8af5
32ca13cfc618c39c9ecca158ac285431dd2a597e
ae713e455efd63006c177dc199e2029fb5811cb1cd6c9714246b7c91297a78fc

HTTP Headers

GET /nopic.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170

HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
Content-Encoding: gzip

www.hwcma.com/siteimages/10686/2021082315502642.jpg

116.255.143.80

200 OK

153 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021082315502642.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size
153 kB (152649 bytes)
Hash
23552401bf2bc5d6123528521ba6fd8a
540bd63c195dbc097b542605dfef573901ebfcbb
46c6f190b71939a591e7dd67ff04fd32ce60974f30c7b7db1946f7687504724f

HTTP Headers

GET /siteimages/10686/2021082315502642.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 152649
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "346ab8c3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/siteimages/10686/2021082315502877.jpg

116.255.143.80

200 OK

198 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021082315502877.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size
198 kB (198042 bytes)
Hash
e1fede068613640ddb32a8ed7ec6ec2d
d5f3051b1f7861d03d112c084831f8858e39f1ff
3fa26cfa290702f5e4b989df87e421017378895f6cc42296f209e3378aadd30c

HTTP Headers

GET /siteimages/10686/2021082315502877.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 198042
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "694cc0c3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

360fenxi.mediav.com/mediav1130.html

180.163.251.76

200 OK

988 B

URL HTTP/1.1
360fenxi.mediav.com/mediav1130.html
IP
180.163.251.76:0
ASN
#4812 China Telecom Group

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1579)
Size
988 B (988 bytes)
Hash
43d72715f35d2d71fe537bad71a28264
3f4d44e10339d042a48ca1687b00cd9ef3c64fdb
75ac43a7524fcf4b8766dd59e415ee3ba1a3e8438f1833bb62d6217a9c056ee8

HTTP Headers

GET /mediav1130.html HTTP/1.1
Host: 360fenxi.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: text/html
Last-Modified: Thu, 03 Mar 2022 02:05:24 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62202264-6d1"
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

s.union.360.cn/s.gif?lts=1&et=0&ck=0&adb=0&cl=24&ds=1280x1024&ln=en-US&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253&lt=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628254417&qhclickid=&_mtd=im

171.8.167.94

200 OK

43 B

URL HTTP/1.1
s.union.360.cn/s.gif?lts=1&et=0&ck=0&adb=0&cl=24&ds=1280x1024&ln=en-US&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253&lt=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628254417&qhclickid=&_mtd=im
IP
171.8.167.94:0
ASN
#137687 Luoyang, Henan Province, P.R.China.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /s.gif?lts=1&et=0&ck=0&adb=0&cl=24&ds=1280x1024&ln=en-US&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253&lt=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628254417&qhclickid=&_mtd=im HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
Expires: Fri, 01 Jan 1980 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache

webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getqyweixininfo&shopid=10686

39.100.38.78

200 OK

0 B

URL HTTP/1.1
webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getqyweixininfo&shopid=10686
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /msg/ashx/shopinfohandler.ashx?type=getqyweixininfo&shopid=10686 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.hwcma.com
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:34 GMT

webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getinteractioninfo&shopid=10686

39.100.38.78

200 OK

2 B

URL HTTP/1.1
webapi.gcwl365.com/msg/ashx/shopinfohandler.ashx?type=getinteractioninfo&shopid=10686
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /msg/ashx/shopinfohandler.ashx?type=getinteractioninfo&shopid=10686 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.hwcma.com
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Length: 2

www.hwcma.com/template/365ZWP21061941/pc/images/about.png

116.255.143.80

200 OK

377 kB

URL HTTP/1.1
www.hwcma.com/template/365ZWP21061941/pc/images/about.png
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:08:26 16:57:38], baseline, precision 8, 1920x727, components 3\012- data
Size
377 kB (377257 bytes)
Hash
ada3a3461eed0c15081b9b7c29ca1561
8184bee6877ff3a36aa4876e6840bd3d2794ed67
dadc994de7fb6be9c7642108e458607cde04438b294f116fae34d031343735a8

HTTP Headers

GET /template/365ZWP21061941/pc/images/about.png HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/png
Content-Length: 377257
Connection: keep-alive
Last-Modified: Thu, 26 Aug 2021 08:57:39 GMT
Accept-Ranges: bytes
ETag: "803f96b589ad71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

e.so.com/search/c.js?u=3337623864&_=1669628253894

180.163.247.186

200 OK

0 B

URL HTTP/1.1
e.so.com/search/c.js?u=3337623864&_=1669628253894
IP
180.163.247.186:0
ASN
#4812 China Telecom Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/c.js?u=3337623864&_=1669628253894 HTTP/1.1
Host: e.so.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: private
X-Trace: "rt":0
X-Cache: MISS

www.hwcma.com/siteimages/10686/2021082315503831.jpg

116.255.143.80

200 OK

146 kB

URL HTTP/1.1
www.hwcma.com/siteimages/10686/2021082315503831.jpg
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 106x106, segment length 16, baseline, precision 8, 1920x600, components 3\012- data
Size
146 kB (145906 bytes)
Hash
90382e25fb78e92e25c2c4f52c1d50e0
a1c866e778aecd245909483e3c3a86b7e02368ef
1fbf49f6425d86f68250beb5cd8ece13a176642fb37014c0dc8fa09d0f2084f3

HTTP Headers

GET /siteimages/10686/2021082315503831.jpg HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hwcma.com/
Connection: keep-alive
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:34 GMT
Content-Type: image/jpeg
Content-Length: 145906
Connection: keep-alive
Last-Modified: Mon, 23 Aug 2021 08:42:11 GMT
Accept-Ranges: bytes
ETag: "f8cbdc3fa97d71:0"
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6

www.hwcma.com/favicon.ico

116.255.143.80

404 Not Found

86 B

URL HTTP/1.1
www.hwcma.com/favicon.ico
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Unicode text, UTF-8 text, with no line terminators
Size
86 B (86 bytes)
Hash
5b61351f9f1d59fde5aefa666ffb8af5
32ca13cfc618c39c9ecca158ac285431dd2a597e
ae713e455efd63006c177dc199e2029fb5811cb1cd6c9714246b7c91297a78fc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170

HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 09:37:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
Content-Encoding: gzip

ckmap.mediav.com/b?type=10

180.163.247.134

200 OK

348 B

URL HTTP/1.1
ckmap.mediav.com/b?type=10
IP
180.163.247.134:0
ASN
#4812 China Telecom Group

File type
HTML document, ASCII text, with very long lines (588), with no line terminators
Size
348 B (348 bytes)
Hash
35e62d4716a1213619bbd421aab5b6d7
ef5da56df3dd7a41b9692df4eb14838b48aefb4f
5490caf026919d8e0304a4d078bfc521005e6eb2bf5affd325f1d44a90c77626

HTTP Headers

GET /b?type=10 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://360fenxi.mediav.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Expires: -1
Set-Cookie: ckmts=PUJrrjAB,P6JrrjAB,U6JrrjAB,JGJrrjAB,L6CrrjAB,J6JrrjAB; expires=Wednesday, 28-Dec-2022 17:37:36 GMT; path=/; domain=.mediav.com;
Content-Encoding: gzip

webapi.gcwl365.com/msg/message/images/new_mes1.png

39.100.38.78

200 OK

1.2 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_mes1.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1164 bytes)
Hash
23502c31840ccf1c7ce6940e39ad70cf
2cb51c52e98d97d3a142cb6d3728fb493bc58f6e
0108c96cc90f6b3ceb8bcb603db160e76644edc6c18af97e1f9c65e693594f96

HTTP Headers

GET /msg/message/images/new_mes1.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:51:40 GMT
Accept-Ranges: bytes
ETag: "e04972e062ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1164

webapi.gcwl365.com/msg/message/images/new_tel2.png?v=1.1

39.100.38.78

200 OK

1.3 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_tel2.png?v=1.1
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1299 bytes)
Hash
db09a01bd61864c53a069d8b1f5ee21a
5c83f2d6f7c38e0c4e0b7320df46f8d1fcc6356d
b60c03dcd86d674e3e04dbecd98db19136f4fe6acfa79dddcf6d3697130cf19c

HTTP Headers

GET /msg/message/images/new_tel2.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 17 May 2019 13:50:15 GMT
Accept-Ranges: bytes
ETag: "6134b774b7cd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1299

webapi.gcwl365.com/msg/message/images/new_tel1.png?v=1.1

39.100.38.78

200 OK

1.2 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_tel1.png?v=1.1
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1163 bytes)
Hash
efc3905df1f19ee3e85c6a79ebe32106
1b96ec80e7e7db36e34ff421295476b35078812e
8f1851d4a0c9560bb7c67e680290225f22c7f5332951c44ba931d435545c7b62

HTTP Headers

GET /msg/message/images/new_tel1.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 17 May 2019 13:50:10 GMT
Accept-Ranges: bytes
ETag: "ad881572b7cd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1163

webapi.gcwl365.com/msg/message/images/new_mes2.png

39.100.38.78

200 OK

1.4 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_mes2.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1410 bytes)
Hash
4aa10d4879e014685e64ec5af808f9fc
75b9c6a093ad1011edb78dafd4c1ece3b07c1082
a82abaf7a9e935df122c41fd71e31d0775095e89a29fa102f28a4b4e990dd049

HTTP Headers

GET /msg/message/images/new_mes2.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:51:52 GMT
Accept-Ranges: bytes
ETag: "da9d63e762ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1410

webapi.gcwl365.com/msg/message/images/new_qq1.png

39.100.38.78

200 OK

1.8 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_qq1.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1763 bytes)
Hash
c4b1285472fabadf3f0b201991a028de
7d0f1e626caf8a0eae50a5ca2a5ffbb75057fb6b
560d0fe7197bba8a7db18b272bb7794f0dca6973d9a9fd0c46ce32e6f6d41d71

HTTP Headers

GET /msg/message/images/new_qq1.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:59:07 GMT
Accept-Ranges: bytes
ETag: "7f711deb63ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1763

webapi.gcwl365.com/msg/message/images/new_qq2.png

39.100.38.78

200 OK

2.2 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_qq2.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2208 bytes)
Hash
835802b6d18c5c9fe85add0744c83ab5
4fe7c4aa11388343fa5716cd11352a20e6dc539d
8796e4ca55940129507c99716d4215eee555bd390c8455a9b4b135ff0ba54a08

HTTP Headers

GET /msg/message/images/new_qq2.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 03:59:11 GMT
Accept-Ranges: bytes
ETag: "3d865ed63ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 2208

webapi.gcwl365.com/msg/message/images/new_ewm1.png

39.100.38.78

200 OK

1.5 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_ewm1.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1492 bytes)
Hash
cb7b77dd22ea01d6f5ed334e776129f9
1c6b72d1b85c13f4643dd3a5aba61bac97bbe7a9
2d4e80a0d184006fbb6669f05605dff8e1fa4d4f8644efecac753f22560a07b2

HTTP Headers

GET /msg/message/images/new_ewm1.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 04:01:43 GMT
Accept-Ranges: bytes
ETag: "6beebd4764ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1492

www.hwcma.com/undefined

116.255.143.80

404 Not Found

918 B

URL HTTP/1.1
www.hwcma.com/undefined
IP
116.255.143.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Size
918 B (918 bytes)
Hash
a40b0fa43f923080fa06a4a643a7f309
ebef737752e7bdf854d83c0dc6b6ecb9f2331cda
6023eac1dac2d11ffffa8976dcc27f7439f5b7cf960aae4883df8e81af242ce6

HTTP Headers

GET /undefined HTTP/1.1
Host: www.hwcma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/
Cookie: ASP.NET_SessionId=3pjjqtwpek2hep2gzzmhmiqh; Qs_lvt_459976=1669628253; Qs_pv_459976=137576482555721170

HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Server: wts/1.6
Content-Encoding: gzip

webapi.gcwl365.com/msg/message/images/ol_top1.png?v=1.1

39.100.38.78

200 OK

907 B

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/ol_top1.png?v=1.1
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
907 B (907 bytes)
Hash
e41d332b8c841ecb5fc9a25edfff2736
7de6cc9a741eafdc75dd83a90ed54ee17d55b34e
9e5b4d5516db9d17f5e3151162efab934d12cf348321137f8c30fad9a9db34e9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/message/images/ol_top1.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 07 Nov 2019 02:09:21 GMT
Accept-Ranges: bytes
ETag: "f2e5565e1095d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 907

webapi.gcwl365.com/msg/message/images/ol_top2.png?v=1.1

39.100.38.78

200 OK

1.1 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/ol_top2.png?v=1.1
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1079 bytes)
Hash
5ad49699c46d0afadd76d1e1c8022236
857262895f481182b5fab2bc2508061dc1a406eb
3d4556cb6f1690957c6c9df341a407de52b3ef77b289281710ea3d3dc6381f36

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /msg/message/images/ol_top2.png?v=1.1 HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 07 Nov 2019 02:09:54 GMT
Accept-Ranges: bytes
ETag: "936626721095d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1079

webapi.gcwl365.com/msg/message/images/oll_mes_tel.png

39.100.38.78

200 OK

3.0 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/oll_mes_tel.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3023 bytes)
Hash
8d59d53dd0c40c9c315b3eaf9211608c
63cc9daba8d651b6ca6f1274bc19371077193d6d
fcef379f4acbf0e903d5ed0d417bbd5550a5f423ffb624c124636deecf659410

HTTP Headers

GET /msg/message/images/oll_mes_tel.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "1229aefbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 3023

webapi.gcwl365.com/msg/message/images/oll_mes_firm.png

39.100.38.78

200 OK

3.0 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/oll_mes_firm.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 16 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3033 bytes)
Hash
9b0db206b641c034de5dba4b3060b734
5fd9e2c5aa0db2bbbd4a9b16c0067b9238ddbb7b
71508ff56e286a417213dbdfee2a6615ba0f25c40e167f4ee86f542823090d98

HTTP Headers

GET /msg/message/images/oll_mes_firm.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "92f08efbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 3033

webapi.gcwl365.com/msg/message/images/new_ewm2.png

39.100.38.78

200 OK

1.9 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/new_ewm2.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1872 bytes)
Hash
fb5c8eb03f0e431bbff5bd3157945a29
eacf2af3775e6ba05a0a485a95e298d08d63d7ab
c2a5f2118755419094fce609f291d8996a8a53ca86d49e8ebfec188d0df3e95e

HTTP Headers

GET /msg/message/images/new_ewm2.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 05 Apr 2019 04:01:45 GMT
Accept-Ranges: bytes
ETag: "231084964ebd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 1872

webapi.gcwl365.com/msg/message/images/oll_mes_name.png

39.100.38.78

200 OK

3.0 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/oll_mes_name.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 18 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (2988 bytes)
Hash
6ed42e775019a5a399ad915b7d6fdabf
0c94a62d8a92328d5523b2f6c9697c7ba930c083
3642b7190148895ef34060d0f8bffce4fa37c2df883f25e373f664c27f1d99d6

HTTP Headers

GET /msg/message/images/oll_mes_name.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "d28c9efbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 2988

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606

142.250.74.98

302 Found

338 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
338 B (338 bytes)
Hash
d280fad95d123f9e4ea7db22383a7e69
8ada87e0ab0a2556397a06833004792b901024bc
6db75a1896bb60205543384b42428dbb3b23308a454e9e62c44cccc43c0ea1a9

HTTP Headers

GET /pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=
date: Mon, 28 Nov 2022 09:37:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 338
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 09:52:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=

142.250.74.98

302 Found

262 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
262 B (262 bytes)
Hash
4573855ebe66784b49f30dcbbb2fbac7
dac1a2236befa5c4e382cf481278e7556df66ba5
f3b8acb0021530d438bea209bb784bdfb6ab1c0c4fc9ad0bc618bdc5f969d39a

HTTP Headers

GET /pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://ckmap.mediav.com/m?tid=3&from_mv=1&google_error=3
date: Mon, 28 Nov 2022 09:37:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

webapi.gcwl365.com/msg/message/images/close.png

39.100.38.78

200 OK

3.3 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/close.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3310 bytes)
Hash
47eb606af83b6312d24583ac7046622b
144a710db9f69be7bc033a711ebe80fa7c6259b8
3c20cddb4ef9cf73135cb1c6769a2fbc77fe560ec17a27891a6b82714fe9adf0

HTTP Headers

GET /msg/message/images/close.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "322bedeebeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:36 GMT
Content-Length: 3310

webapi.gcwl365.com/msg/message/images/oll_mes_email.png

39.100.38.78

200 OK

3.0 kB

URL HTTP/1.1
webapi.gcwl365.com/msg/message/images/oll_mes_email.png
IP
39.100.38.78:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 16 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3000 bytes)
Hash
4cfb6bd7ceb12923cbc912b7d8661228
d59dbc5ea9fcd47605ed644d8844ba711ef062bf
60ebaa19220184856f3a97b0c30430df9290ae63b62c31de11b3edbe31497ae5

HTTP Headers

GET /msg/message/images/oll_mes_email.png HTTP/1.1
Host: webapi.gcwl365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 17 May 2018 09:10:43 GMT
Accept-Ranges: bytes
ETag: "52548efbeedd31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: OPTIONS,POST,GET
Access-Control-Allow-Headers: x-requested-with,content-type
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:37:37 GMT
Content-Length: 3000

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
11b5e818cd7c8208cf0bd9b6d1a68fac
ac8eec89cc96a15299827d0e812d65d265c68c27
c9069a78c98c4c79dbd5018b2242e61ca8cc195da6e77fc78d89e88064f56759

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 05:58:30 GMT
ETag: "ac8eec89cc96a15299827d0e812d65d265c68c27"
Last-Modified: Mon, 28 Nov 2022 05:58:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3360
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771220437add1c16-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
4e1da2dd4fbf4fe13150df8a479e96e4
153f29a00e890de7d96af41b6cc554b23ae09277
d0067732ae097018b3bc257b5dfe5425ae39b3831fca40150bd1ae0f39a97006

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:22:39 GMT
ETag: "153f29a00e890de7d96af41b6cc554b23ae09277"
Last-Modified: Mon, 28 Nov 2022 06:22:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3377
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77122043bb111c16-OSL

cm.pos.baidu.com/pixel?dspid=6455766&ext_data=1

110.242.68.135

302 Found

0 B

URL HTTP/1.1
cm.pos.baidu.com/pixel?dspid=6455766&ext_data=1
IP
110.242.68.135:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?dspid=6455766&ext_data=1 HTTP/1.1
Host: cm.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 28 Nov 2022 09:37:38 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: https://ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1669628258
Server: nginx

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
2cf39d4664c18ff0370367626233232d
f04e6646eb17c483aa06533c75668be00bdd38d1
92289f7cfcf54ba228e48d4ff680212696c965ec08b4360e6e0016fb5959f3fb

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:40:43 GMT
ETag: "f04e6646eb17c483aa06533c75668be00bdd38d1"
Last-Modified: Mon, 28 Nov 2022 06:40:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2304
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771220466d4a1c16-OSL

cms.tanx.com/t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1

59.82.31.200

302 Found

49 B

URL HTTP/2
cms.tanx.com/t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1
IP
59.82.31.200:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

HTTP Headers

GET /t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1 HTTP/1.1
Host: cms.tanx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 49
location: https://ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
server: Tengine
p3p: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
eagleeye-traceid: 21367c4916696282581787373e2b9f
strict-transport-security: max-age=0
timing-allow-origin: *
X-Firefox-Spdy: h2

max.dmp.360.cn/?pid=dmp_1000

101.199.255.123

302 Moved Temporarily

167 B

URL HTTP/1.1
max.dmp.360.cn/?pid=dmp_1000
IP
101.199.255.123:0
ASN
#4808 China Unicom Beijing Province Network

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

HTTP Headers

GET /?pid=dmp_1000 HTTP/1.1
Host: max.dmp.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Mon, 28 Nov 2022 09:37:38 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Set-Cookie: __huid=10VgM%2BZGGWuXgxZjnIqIzmm2t7uG9TemHhGaYDA1gi3lc%3D; Expires=Thu, 25-Nov-32 09:37:38 GMT; Domain=.360.cn; Path=/
Location: https://ckmap.mediav.com/m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2

ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1

180.163.247.134

200 OK

43 B

URL HTTP/2
ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
IP
180.163.247.134:0
ASN
#4812 China Telecom Group

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-lvwH:Uoc39fbtt>`%+c; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2

ckmap.mediav.com/m?tid=3&from_mv=1&google_error=3

180.163.247.134

200 OK

43 B

URL HTTP/2
ckmap.mediav.com/m?tid=3&from_mv=1&google_error=3
IP
180.163.247.134:0
ASN
#4812 China Telecom Group

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /m?tid=3&from_mv=1&google_error=3 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-oQ+e9!%O99fbtt?s^z^; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2

ckmap.mediav.com/m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2

180.163.247.134

200 OK

43 B

URL HTTP/2
ckmap.mediav.com/m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2
IP
180.163.247.134:0
ASN
#4812 China Telecom Group

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /m?tid=627&tck=493d82ab39c73e944cba5572d77b45c2 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-kZVOZF03x9fbttb</B2; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
huid=493d82ab39c73e944cba5572d77b45c2; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2

ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1669628258

180.163.247.134

200 OK

43 B

URL HTTP/2
ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1669628258
IP
180.163.247.134:0
ASN
#4812 China Telecom Group

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /m?tid=5PURL&baidu_error=1&timestamp=1669628258 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ckmap.mediav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:39 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
set-cookie: v=-trCs>(Yg]9fbttkQe0[; expires=Monday, 02-Nov-2099 00:00:00 GMT; path=/; domain=.mediav.com
X-Firefox-Spdy: h2

ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84

180.163.247.134

200 OK

43 B

URL HTTP/2
ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84
IP
180.163.247.134:0
ASN
#4812 China Telecom Group

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /m?thirdparty_id=1&thirdparty_cookie_id=o52g5eqqm40gabqgk301oi2j84 HTTP/1.1
Host: ckmap.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3m.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: openresty/1.15.8.2
date: Mon, 28 Nov 2022 09:37:39 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: -1
X-Firefox-Spdy: h2

ocsp.crlocsp.cn/

101.198.193.5

200 OK

472 B

URL HTTP/1.1
ocsp.crlocsp.cn/
IP
101.198.193.5:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
data
Size
472 B (472 bytes)
Hash
bce650095487e63c63e3360309fce371
f2a972a11a44be3069c371ba4acf3ca9dad4438e
8b3972ffdbd3aad881053734c4f9a467795a6eeebb6a77edf908d86b278df184

HTTP Headers

POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:37:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 21:41:41 GMT
Expires: Thu, 01 Dec 2022 21:41:40 GMT
ETag: "F2A972A11A44BE3069C371BA4ACF3CA9DAD4438E"
cache-control: max-age=172800,public,no-transform,must-revalidate

ocsp.crlocsp.cn/

101.198.193.5

200 OK

472 B

URL HTTP/1.1
ocsp.crlocsp.cn/
IP
101.198.193.5:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
data
Size
472 B (472 bytes)
Hash
2858432fb74731409ef990e095fd62ef
b4b924c4a957df2e6222c459a40375562a29ef0f
7c639bc667e3f659129d87134404c1e3cec1764654a9160925169081e06550c8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:37:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Sat, 26 Nov 2022 09:56:23 GMT
Expires: Sat, 03 Dec 2022 09:56:22 GMT
ETag: "B4B924C4A957DF2E6222C459A40375562A29EF0F"
cache-control: max-age=172800,public,no-transform,must-revalidate

ocsp.crlocsp.cn/

101.198.193.5

200 OK

472 B

URL HTTP/1.1
ocsp.crlocsp.cn/
IP
101.198.193.5:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
data
Size
472 B (472 bytes)
Hash
bce650095487e63c63e3360309fce371
f2a972a11a44be3069c371ba4acf3ca9dad4438e
8b3972ffdbd3aad881053734c4f9a467795a6eeebb6a77edf908d86b278df184

HTTP Headers

POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:37:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 21:41:41 GMT
Expires: Thu, 01 Dec 2022 21:41:40 GMT
ETag: "F2A972A11A44BE3069C371BA4ACF3CA9DAD4438E"
cache-control: max-age=172800,public,no-transform,must-revalidate

ocsp.crlocsp.cn/

101.198.193.5

500 Internal Server Error

193 B

URL HTTP/1.1
ocsp.crlocsp.cn/
IP
101.198.193.5:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
193 B (193 bytes)
Hash
f9be47ea0f6c98d7bf6ee56b6c50bf24
fc3070a829d2f86d23c8d0c46425ad1c8caafc62
d0dff0c586111358921398620bc5b44875fd44ac02d461898406f48442301708

HTTP Headers

POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Internal Server Error
Server: nginx/1.9.14
Date: Mon, 28 Nov 2022 09:36:28 GMT
Content-Type: text/html
Content-Length: 193
Connection: close

s.union.360.cn/s.gif?lts=1&et=20&mvosr=&eid=1141040&ep=&vid=&ctn=&vvid=&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253&lt=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628259128&_mtd=im

171.8.167.94

200 OK

43 B

URL HTTP/1.1
s.union.360.cn/s.gif?lts=1&et=20&mvosr=&eid=1141040&ep=&vid=&ctn=&vvid=&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253&lt=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628259128&_mtd=im
IP
171.8.167.94:0
ASN
#137687 Luoyang, Henan Province, P.R.China.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /s.gif?lts=1&et=20&mvosr=&eid=1141040&ep=&vid=&ctn=&vvid=&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=http%3A%2F%2Fwww.hwcma.com%2F&si=459976&su=&flt=1669628253&lt=1669628253&pt=137576482555721170&guid=219755712.2246107121251300096.1669628254000.7490&huid=11KnZdOWn6RYYtkoSo76NnOn6qFiwQmO%252FH29AqYlNlKQs%253D&v=3.2.0&t=1669628259128&_mtd=im HTTP/1.1
Host: s.union.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hwcma.com/

HTTP/1.1 200 OK
Server: openresty/1.9.15.1
Date: Mon, 28 Nov 2022 09:37:39 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
Expires: Fri, 01 Jan 1980 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache

cm.miaozhen.atm.youku.com/cm.gif?dspid=11115

47.246.99.254

200 OK

0 B

URL HTTP/2
cm.miaozhen.atm.youku.com/cm.gif?dspid=11115
IP
47.246.99.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cm.gif?dspid=11115 HTTP/1.1
Host: cm.miaozhen.atm.youku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:38 GMT
content-type: image/gif
expires: Mon, 28 Nov 2022 09:37:37 GMT
cache-control: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=0
timing-allow-origin: *
s-rt: 97
eagleeye-traceid: 2100dd0716696282588646699e82d0, 2100dd0716696282588646699e82d0
X-Firefox-Spdy: h2

3m.mediav.com/ckmap.htm

101.198.192.7

200 OK

0 B

URL HTTP/2
3m.mediav.com/ckmap.htm
IP
101.198.192.7:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ckmap.htm HTTP/1.1
Host: 3m.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ckmap.mediav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:39 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 19 Jul 2012 03:19:29 GMT
vary: Accept-Encoding
expires: Tue, 13 Dec 2022 09:37:39 GMT
cache-control: max-age=1296000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
kcs-via: HIT from w-fc01.hkht;HIT from w-sc01.hkht
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations