urlscan.io logo urlscan.io
SecurityTrails logo

hw.xinyuanmall.com Open in urlscan Pro
35.221.250.240  Public Scan

Go To Rescan Add Verdict Report
URL: https://hw.xinyuanmall.com/
Submission: On July 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 35.221.250.240, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is hw.xinyuanmall.com.
TLS certificate: Issued by R11 on June 29th 2024. Valid for: 3 months.
This is the only time hw.xinyuanmall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 35.221.250.240 396982 (GOOGLE-CL...)
2 163.171.132.119 54994 (ML-1432-5...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:26e... 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
34 6
21    35.221.250.240 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.250.221.35.bc.googleusercontent.com
hw.xinyuanmall.com
2    163.171.132.119 (Frankfurt am Main, Germany)

ASN54994 (ML-1432-54994, CA)
img12.360buyimg.com
img14.360buyimg.com
4    2a02:26f0:3500:12::1730:17b2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img10.360buyimg.com
1    2600:9000:26e8:c000:1a:ad91:56c0:21 (United States)

ASN16509 (AMAZON-02, US)
dtutcab4viamz.cloudfront.net
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
21 xinyuanmall.com
hw.xinyuanmall.com
291 KB
6 360buyimg.com
img12.360buyimg.com — Cisco Umbrella Rank: 68253
img10.360buyimg.com — Cisco Umbrella Rank: 67457
img14.360buyimg.com — Cisco Umbrella Rank: 64089
60 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
1 cloudfront.net
dtutcab4viamz.cloudfront.net
70 KB
34 5
Domain Requested by
21 hw.xinyuanmall.com hw.xinyuanmall.com
4 www.facebook.com hw.xinyuanmall.com
4 img10.360buyimg.com hw.xinyuanmall.com
2 connect.facebook.net hw.xinyuanmall.com
connect.facebook.net
1 dtutcab4viamz.cloudfront.net hw.xinyuanmall.com
1 img14.360buyimg.com hw.xinyuanmall.com
1 img12.360buyimg.com hw.xinyuanmall.com
34 7

This site contains links to these domains. Also see Links.

Domain
page.line.me
Subject Issuer Validity Valid
ml.cidmall.com
R11		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.jd.com
GlobalSign RSA OV SSL CA 2018		 2023-11-08 -
2024-12-09		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-09 -
2024-07-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hw.xinyuanmall.com/
Frame ID: 2EE34CA7CA94AACFF773C3E1ED7D9B8F
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

免運 優惠 好物生活

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

498 kB
Transfer

906 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hw.xinyuanmall.com/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx / ThinkPHP
Resource Hash
627f82fb8a02bb2d4bb045e25945218f631f637854de174ca8c852fb2f6e364c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

author
www.alizi.net
cache-control
private
content-encoding
gzip
content-sn
Alizi296503789008298103
content-type
text/html; charset=utf-8
date
Mon, 01 Jul 2024 04:30:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
version
V4.2
x-powered-by
ThinkPHP
amazeui.fonts.css
hw.xinyuanmall.com/Public/Alizi/amazeui/css/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/amazeui/css/amazeui.fonts.css?v=V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dc6ce7c9f1c341572d4053e7a558b40463a32545f49563ac3b2299321764066d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 May 2020 09:48:18 GMT
server
nginx
etag
W/"5eb91f62-81ad"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
alizi-order.css
hw.xinyuanmall.com/Public/Alizi/ 		23 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/alizi-order.css?v=V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
62ff01349632700506f647a632148b5f2f8778cd515508f5e33ddf4653b04bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 06 May 2023 13:55:50 GMT
server
nginx
etag
W/"64565c66-5d9b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
sea.js
hw.xinyuanmall.com/Public/Alizi/seajs/seajs/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/seajs/seajs/sea.js?v=V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
97db5bb4aa73b191c7af9d662475ca9a269d686beb7261ae0c120759393979be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 05 Aug 2016 10:22:24 GMT
server
nginx
etag
W/"57a468e0-1abd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
alizi.css
hw.xinyuanmall.com/Public/Alizi/pc/ 		59 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fcdfeb014aad1ffdefde03c126823540b87dc22aefcb37aba0e1b5eba2b326e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 10 Aug 2020 03:13:36 GMT
server
nginx
etag
W/"5f30bb60-ea89"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
6571a7a116bd3.png
hw.xinyuanmall.com/Public/Uploads/202312/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Uploads/202312/6571a7a116bd3.png
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
server
nginx
content-length
548
content-type
text/html
62f26660c7103.jpg
hw.xinyuanmall.com/Public/Uploads/202208/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Uploads/202208/62f26660c7103.jpg
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
73848403eee4f8c9625ce9a8109d910a874c0d67ef490a459ffaa8e3084194c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 09 Aug 2022 13:51:28 GMT
server
nginx
etag
"62f26660-1abba"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
109498
expires
Wed, 31 Jul 2024 04:30:28 GMT
e2ea91c192019aaa.jpg
img12.360buyimg.com/n7/jfs/t1/179475/28/9135/406005/60cabce1Ef29e586d/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img12.360buyimg.com/n7/jfs/t1/179475/28/9135/406005/60cabce1Ef29e586d/e2ea91c192019aaa.jpg
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
e8d88669e35d008b6dbdb77929a7b519d7b8235e88af7f042fcac4fe012c0889

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
via
http/1.1 ORI-CLOUD-GD-MIX-191 (jcs [cMsSfW]), http/1.1 GDdongguan-CT-01-MIX-206 (jcs [cMsSfW])
last-modified
Thu, 17 Jun 2021 03:09:21 GMT
server
nginx
age
1
x-trace
200-1710210219578-0-0-1-26-26;200;200-1710210219555-0-0-0-70-70;200-1710210219546-0-0-0-76-76
x-ws-request-id
668230e5_PSdgflkfFRA2gb73_14629-51694
content-type
image/jpeg
access-control-allow-origin
*
x-via
1.1 PSxgHK4jd171:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:12 (Cdn Cache Server V2.0)
cache-control
max-age=15552000
timing-allow-origin
*
content-length
13624
expires
Wed, 11 Sep 2024 01:08:47 GMT
a9edb61f04498283.jpg
img10.360buyimg.com/n7/jfs/t1/35147/37/16024/186928/60f165f7E44010b79/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img10.360buyimg.com/n7/jfs/t1/35147/37/16024/186928/60f165f7E44010b79/a9edb61f04498283.jpg
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ac2cdd59128932afb6269aa4a9939d319d3d6da375aecb27b07d6f43d0ea4e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
last-modified
Fri, 16 Jul 2021 10:56:55 GMT
server
nginx
x-trace
200-1718937740842-0-0-1-85-85;200;200-1719048856932-0-0-1-2-2;200-1719425201496-0-0-0-2-2
x-cache
TCP_HIT from a23-48-22-178.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56950534) (-)
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
timing-allow-origin
*
content-length
16789
expires
Wed, 18 Dec 2024 02:42:20 GMT
b70825c05e89ed1c.jpg
img10.360buyimg.com/n7/jfs/t1/115582/12/26711/523479/62b17abcE256518c6/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img10.360buyimg.com/n7/jfs/t1/115582/12/26711/523479/62b17abcE256518c6/b70825c05e89ed1c.jpg
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e26454ed6e30bf7e5ecd708fb8eb4dc5828ef3965207e39f90ba1dfc1199f80

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
last-modified
Tue, 21 Jun 2022 08:01:00 GMT
server
nginx
x-trace
200-1718429305418-0-0-0-29-29;200;200-1718730077849-0-0-1-1-1;200-1718730077843-0-0-0-6-6
x-cache
TCP_HIT from a23-48-22-178.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56950534) (-)
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
timing-allow-origin
*
content-length
19255
expires
Thu, 12 Dec 2024 05:28:25 GMT
014dbe8344598901.jpg.avif
img14.360buyimg.com/n7/jfs/t1/185753/3/21513/130802/622dac7aE7c36737a/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img14.360buyimg.com/n7/jfs/t1/185753/3/21513/130802/622dac7aE7c36737a/014dbe8344598901.jpg.avif
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
f9868a4042f7aa995194ba70bdf123b4b8a130df9448b27c1d066fdf1411baf7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
via
http/1.1 ORI-CLOUD-HUZ-MIX-18 (jcs [cMsSfW]), http/1.1 AHwuhu-UNI-1-MIX-168 (jcs [cHs f ])
last-modified
Sun, 13 Mar 2022 08:34:02 GMT
server
nginx
age
1
x-trace
200-1706596651518-0-0-19-83-83;200;200-1706596651521-0-0-0-101-101;200-1708713498068-0-0-0-1-1
x-ws-request-id
668230e5_PSdgflkfFRA2gb73_13708-18163
content-type
image/avif
access-control-allow-origin
*
x-via
1.1 PSxgHK4ho170:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:13 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:5 (Cdn Cache Server V2.0)
cache-control
max-age=15552000
timing-allow-origin
*
content-length
10541
expires
Thu, 29 Aug 2024 07:27:18 GMT
1714969693107215.gif
hw.xinyuanmall.com/Public/Uploads/202405/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Uploads/202405/1714969693107215.gif
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
server
nginx
content-length
548
content-type
text/html
line-icon.png
dtutcab4viamz.cloudfront.net/japan/images/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtutcab4viamz.cloudfront.net/japan/images/line-icon.png
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c000:1a:ad91:56c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bca0cc34ae6deecbdfe319b1b6c9d7f5632ab715b9218a6a413ec480691f80a5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 03:48:47 GMT
via
1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 09:55:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
2502
etag
"4e5ee6eaad6c40678dc2bd2ec005d18d"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
70915
x-amz-cf-id
JYSdHoXSOcFu3kUIitrHdiYistKXoqevplr9Aocg7OCQyqki4GNBTg==
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Jul 2024 04:30:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
7nCXRDa5L4FMoHPQym8MH/ukOr4urw0MpBg+/DcH4SOkWNMXO7t0ACKvkrsiECgLQm0REdJXV+ogquH7SYVknA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
lazyload.js
hw.xinyuanmall.com/Public/Alizi/seajs/jquery/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/seajs/jquery/lazyload.js?V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/seajs/seajs/sea.js?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff6dd8e2077dfef644c3ff1ebeb7e405aeea052714011d80873fd69af1c392e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Apr 2016 07:09:54 GMT
server
nginx
etag
W/"570b4dc2-6ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
newflexslider.js
hw.xinyuanmall.com/Public/Alizi/seajs/jquery/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/seajs/jquery/newflexslider.js?V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/seajs/seajs/sea.js?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f02b183a59a99a8c8e149a7851fb5f65b768a39f187359caad0cb32da228fdb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 16 May 2017 10:04:56 GMT
server
nginx
etag
W/"591acec8-5462"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
b70825c05e89ed1c.jpg
img10.360buyimg.com/n7/jfs/t1/115582/12/26711/523479/62b17abcE256518c6/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img10.360buyimg.com/n7/jfs/t1/115582/12/26711/523479/62b17abcE256518c6/b70825c05e89ed1c.jpg
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e26454ed6e30bf7e5ecd708fb8eb4dc5828ef3965207e39f90ba1dfc1199f80

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
last-modified
Tue, 21 Jun 2022 08:01:00 GMT
server
nginx
x-trace
200-1718429305418-0-0-0-29-29;200;200-1718730077849-0-0-1-1-1;200-1718730077843-0-0-0-6-6
x-cache
TCP_HIT from a23-48-22-178.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56950534) (-)
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
timing-allow-origin
*
content-length
19255
expires
Thu, 12 Dec 2024 05:28:25 GMT
a9edb61f04498283.jpg
img10.360buyimg.com/n7/jfs/t1/35147/37/16024/186928/60f165f7E44010b79/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img10.360buyimg.com/n7/jfs/t1/35147/37/16024/186928/60f165f7E44010b79/a9edb61f04498283.jpg
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ac2cdd59128932afb6269aa4a9939d319d3d6da375aecb27b07d6f43d0ea4e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
last-modified
Fri, 16 Jul 2021 10:56:55 GMT
server
nginx
x-trace
200-1718937740842-0-0-1-85-85;200;200-1719048856932-0-0-1-2-2;200-1719425201496-0-0-0-2-2
x-cache
TCP_HIT from a23-48-22-178.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56950534) (-)
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
timing-allow-origin
*
content-length
16789
expires
Wed, 18 Dec 2024 02:42:20 GMT
query.js
hw.xinyuanmall.com/Public/Alizi/seajs/jquery/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/seajs/jquery/query.js?V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/seajs/seajs/sea.js?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
230ccd4a9bdf8671baac987d2a96e88048040a50d42f32f3c736c7c87d3f1f24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 20 Sep 2016 13:52:52 GMT
server
nginx
etag
W/"57e13f34-24d8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
cookie.js
hw.xinyuanmall.com/Public/Alizi/seajs/jquery/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/seajs/jquery/cookie.js?V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/seajs/seajs/sea.js?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
835d2103571bdca459811d8a254c6c8bda644d7860a9bdd9f0b90285b6bec56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 01 Sep 2016 13:24:54 GMT
server
nginx
etag
W/"57c82c26-c96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:28 GMT
bodybg.png
hw.xinyuanmall.com/Public/Alizi/pc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Alizi/pc/bodybg.png
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5bc4216b7c1744211f6f906ad8b7eba8163f787374f74f63aca6aa859de43f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 13 Feb 2016 09:29:18 GMT
server
nginx
etag
"56bef76e-6b8"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1720
expires
Wed, 31 Jul 2024 04:30:28 GMT
ico.png
hw.xinyuanmall.com/Public/Alizi/pc/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Alizi/pc/ico.png
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7947d3cbfade1127d335c55196b330469a179d74efb995550113dedd059455d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 15 Feb 2016 14:04:02 GMT
server
nginx
etag
"56c1dad2-4696"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18070
expires
Wed, 31 Jul 2024 04:30:28 GMT
loading.gif
hw.xinyuanmall.com/Public/Alizi/ 		723 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Alizi/loading.gif
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 29 Nov 2013 17:54:54 GMT
server
nginx
etag
"5298d4ee-2d3"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
723
expires
Wed, 31 Jul 2024 04:30:28 GMT
line_1.png
hw.xinyuanmall.com/Public/Alizi/pc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Alizi/pc/line_1.png
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0658bfa5c9e63588757bfc5d9d0df7f3674989e14d2285c75039a6cd6cdce818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 13 Feb 2016 09:25:56 GMT
server
nginx
etag
"56bef6a4-688"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1672
expires
Wed, 31 Jul 2024 04:30:28 GMT
sideico.png
hw.xinyuanmall.com/Public/Alizi/pc/ 		1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Alizi/pc/sideico.png
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
68d92f4b4e24486f86fc1ca85f471e9e7e262424903792ded939c746cc21696c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/Public/Alizi/pc/alizi.css?v=V4.2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 16 Feb 2016 02:25:04 GMT
server
nginx
etag
"56c28880-3f4"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1012
expires
Wed, 31 Jul 2024 04:30:28 GMT
fontawesome-webfont.woff2
hw.xinyuanmall.com/Public/Alizi/amazeui/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/amazeui/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/amazeui/css/amazeui.fonts.css?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/Public/Alizi/amazeui/css/amazeui.fonts.css?v=V4.2
Origin
https://hw.xinyuanmall.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Mar 2017 20:45:04 GMT
server
nginx
etag
"58b9d5d0-118d8"
content-type
font/woff2
accept-ranges
bytes
content-length
71896
443568125270047
connect.facebook.net/signals/config/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/443568125270047?v=2.9.159&r=stable&domain=hw.xinyuanmall.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8151aa7ca86b1fcba6c99d7bbbbabbed394daedf18339a3208b93ab5ba383e2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Jul 2024 04:30:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=63, mss=1368, tbw=63785, tp=-1, tpl=-1, uplat=76, ullat=0
pragma
public
x-fb-debug
dRABGquzRymKjEiU4fDBuMcQiuG0jxDlqNQvWBS6ynprCCvA4513hyaPxWwsSAXI3jbaTfiAnC84p5dEWbFFuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=443568125270047&ev=PageView&dl=https%3A%2F%2Fhw.xinyuanmall.com%2F&rl=&if=false&ts=1719808229007&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719808229000.522264571934850462&ler=empty&cdl=API_unavailable&it=1719808228876&coo=false&rqm=GET
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2854, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 Jul 2024 04:30:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=443568125270047&ev=PageView&dl=https%3A%2F%2Fhw.xinyuanmall.com%2F&rl=&if=false&ts=1719808229007&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719808229000.522264571934850462&ler=empty&cdl=API_unavailable&it=1719808228876&coo=false&rqm=FGET
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdf627a0ecd2418d7","source_keys":["1","2"]},{"key_piece":"0xabda956010305d07","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 01 Jul 2024 04:30:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386520100320186115", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=1, c=10, mss=1368, tbw=6982, tp=-1, tpl=-1, uplat=175, ullat=1
pragma
no-cache
x-fb-debug
/GRK8+2cFIKQhVWTBPlinjyPG+ELje8Bk4mLOgxd5EAJ/IygJc98dT6de3KNdJamvwPTg/SixqZ1rdbvBgGxOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386520100320186115"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=443568125270047&ev=ViewContent&dl=https%3A%2F%2Fhw.xinyuanmall.com%2F&rl=&if=false&ts=1719808229008&sw=1600&sh=1200&v=2.9.159&r=stable&ec=1&o=4126&fbp=fb.1.1719808229000.522264571934850462&ler=empty&cdl=API_unavailable&it=1719808228876&coo=false&rqm=GET
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2854, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 Jul 2024 04:30:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=443568125270047&ev=ViewContent&dl=https%3A%2F%2Fhw.xinyuanmall.com%2F&rl=&if=false&ts=1719808229008&sw=1600&sh=1200&v=2.9.159&r=stable&ec=1&o=4126&fbp=fb.1.1719808229000.522264571934850462&ler=empty&cdl=API_unavailable&it=1719808228876&coo=false&rqm=FGET
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8938bdc8ea246a5f","source_keys":["1","2"]},{"key_piece":"0x58ba014656f60fd4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 01 Jul 2024 04:30:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386520100364979783", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=1, c=10, mss=1368, tbw=3273, tp=-1, tpl=-1, uplat=172, ullat=0
pragma
no-cache
x-fb-debug
tprPkChqmK2kQlj4cucKdc9lIi/snpA+hSujBUWgvvDpYe6sYbCMKeFE70rOYwWr9P6C2eRwBH/bEIcaa43FqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386520100364979783"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery.js
hw.xinyuanmall.com/Public/Alizi/seajs/jquery/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Alizi/seajs/jquery/jquery.js?V4.2
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/Public/Alizi/seajs/seajs/sea.js?v=V4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
235cbfb34fdb90d61bb0b31cd4eb3e3d4f142615c31b419e59f829eb410e3c80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 23 Aug 2019 10:23:48 GMT
server
nginx
etag
W/"5d5fbeb4-16a30"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 01 Jul 2024 16:30:29 GMT
alizi.gif
hw.xinyuanmall.com/Public/Alizi/ 		827 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw.xinyuanmall.com/Public/Alizi/alizi.gif
Requested by
Host: hw.xinyuanmall.com
URL: https://hw.xinyuanmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e86952a674177018ef635a2cc200ef0fc29b238dd4536614978648a63f2d527a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 27 Sep 2020 14:58:24 GMT
server
nginx
etag
"5f70a890-33b"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
827
expires
Wed, 31 Jul 2024 04:30:29 GMT
6571a7a994f79.png
hw.xinyuanmall.com/Public/Uploads/202312/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hw.xinyuanmall.com/Public/Uploads/202312/6571a7a994f79.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.221.250.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.250.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hw.xinyuanmall.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:30:29 GMT
server
nginx
content-length
548
content-type
text/html

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| seajs function| define string| aliziHost string| aliziRoot string| aliziVersion string| lang function| traceExpress boolean| is_fbq function| fbq function| _fbq function| $ function| jQuery object| jQuery19100578023661754099

4 Cookies

Domain/Path Name / Value
hw.xinyuanmall.com/ Name: PHPSESSID
Value: pc4t9132pcho6e0vb7o0ooaba4
hw.xinyuanmall.com/ Name: alizi_screen
Value: pc
.xinyuanmall.com/ Name: _fbp
Value: fb.1.1719808229000.522264571934850462
hw.xinyuanmall.com/ Name: startTime
Value: 1719808229

3 Console Messages

Source Level URL
Text
network error URL: https://hw.xinyuanmall.com/Public/Uploads/202312/6571a7a116bd3.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hw.xinyuanmall.com/Public/Uploads/202405/1714969693107215.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hw.xinyuanmall.com/Public/Uploads/202312/6571a7a994f79.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dtutcab4viamz.cloudfront.net
hw.xinyuanmall.com
img10.360buyimg.com
img12.360buyimg.com
img14.360buyimg.com
www.facebook.com
163.171.132.119
2600:9000:26e8:c000:1a:ad91:56c0:21
2a02:26f0:3500:12::1730:17b2
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.221.250.240
0658bfa5c9e63588757bfc5d9d0df7f3674989e14d2285c75039a6cd6cdce818
230ccd4a9bdf8671baac987d2a96e88048040a50d42f32f3c736c7c87d3f1f24
235cbfb34fdb90d61bb0b31cd4eb3e3d4f142615c31b419e59f829eb410e3c80
5bc4216b7c1744211f6f906ad8b7eba8163f787374f74f63aca6aa859de43f0d
627f82fb8a02bb2d4bb045e25945218f631f637854de174ca8c852fb2f6e364c
62ff01349632700506f647a632148b5f2f8778cd515508f5e33ddf4653b04bf5
68d92f4b4e24486f86fc1ca85f471e9e7e262424903792ded939c746cc21696c
6e26454ed6e30bf7e5ecd708fb8eb4dc5828ef3965207e39f90ba1dfc1199f80
73848403eee4f8c9625ce9a8109d910a874c0d67ef490a459ffaa8e3084194c9
7947d3cbfade1127d335c55196b330469a179d74efb995550113dedd059455d6
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8151aa7ca86b1fcba6c99d7bbbbabbed394daedf18339a3208b93ab5ba383e2d
835d2103571bdca459811d8a254c6c8bda644d7860a9bdd9f0b90285b6bec56e
97db5bb4aa73b191c7af9d662475ca9a269d686beb7261ae0c120759393979be
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac2cdd59128932afb6269aa4a9939d319d3d6da375aecb27b07d6f43d0ea4e3d
bca0cc34ae6deecbdfe319b1b6c9d7f5632ab715b9218a6a413ec480691f80a5
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dc6ce7c9f1c341572d4053e7a558b40463a32545f49563ac3b2299321764066d
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86952a674177018ef635a2cc200ef0fc29b238dd4536614978648a63f2d527a
e8d88669e35d008b6dbdb77929a7b519d7b8235e88af7f042fcac4fe012c0889
f02b183a59a99a8c8e149a7851fb5f65b768a39f187359caad0cb32da228fdb8
f9868a4042f7aa995194ba70bdf123b4b8a130df9448b27c1d066fdf1411baf7
fcdfeb014aad1ffdefde03c126823540b87dc22aefcb37aba0e1b5eba2b326e7
ff6dd8e2077dfef644c3ff1ebeb7e405aeea052714011d80873fd69af1c392e3