delivery.hqcmwl.com Open in urlscan Pro
82.157.158.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://delivery.hqcmwl.com/
Submission: On August 08 via automatic, source certstream-suspicious (August 8th 2024, 10:21:07 am UTC) — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 82.157.158.168, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is delivery.hqcmwl.com.
TLS certificate: Issued by DNSPod RSA DV on August 8th 2024. Valid for: a year.

This is the only time delivery.hqcmwl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	82.157.158.168 82.157.158.168	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	43.152.182.19 43.152.182.19	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
4	60.13.97.138 60.13.97.138	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	101.42.131.249 101.42.131.249	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
8	4

1 82.157.158.168 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

delivery.hqcmwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.182.19 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

res.wx.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 60.13.97.138 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

images.jkqingman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.42.131.249 (Beijing, China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

gateway.jkqingman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	jkqingman.com images.jkqingman.com gateway.jkqingman.com	91 KB
1	qq.com res.wx.qq.com — Cisco Umbrella Rank: 9019	5 KB
1	hqcmwl.com delivery.hqcmwl.com	1 KB
8	3

	Domain	Requested by
4	images.jkqingman.com	delivery.hqcmwl.com
2	gateway.jkqingman.com	images.jkqingman.com
1	res.wx.qq.com	delivery.hqcmwl.com
1	delivery.hqcmwl.com
8	4

This site contains no links.

Subject Issuer	Validity	Valid
delivery.hqcmwl.com DNSPod RSA DV	`2024-08-08` - `2025-08-08`	a year	crt.sh
res.wx.qq.com DigiCert Secure Site CN CA G3	`2023-08-04` - `2024-09-03`	a year	crt.sh
*.jkqingman.com GeoTrust RSA CN CA G2	`2023-08-17` - `2024-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://delivery.hqcmwl.com/
Frame ID: 855B2FD98BF4CFA815E35CA4125A7E7E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

优选好课

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

97 kB
Transfer

265 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response delivery.hqcmwl.com/	1 KB 1 KB	2121ms 349ms	Document text/html	82.157.158.168 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://delivery.hqcmwl.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.157.158.168 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx/1.20.1 / Resource Hash `bce2773adf8aeca3502989dd94679e7f537dd3e5ab2dd1c35f577acc4d7e9fb4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 1398 content-type text/html date Thu, 08 Aug 2024 10:20:57 GMT etag "66aa41f7-576" last-modified Wed, 31 Jul 2024 13:53:59 GMT server nginx/1.20.1
GET H/1.1	200 OK	jweixin-1.6.0.js Show response res.wx.qq.com/open/js/	13 KB 5 KB	1633ms 60ms	Script application/x-javascript	43.152.182.19 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://res.wx.qq.com/open/js/jweixin-1.6.0.js Requested by Host: delivery.hqcmwl.com URL: https://delivery.hqcmwl.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.182.19 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_SSD_MID / Resource Hash `50288566c4635cbdeaced6d25e6a968a4a310bf655fdc49ec19f3910db6d8c9b` Request headers Referer https://delivery.hqcmwl.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Sun, 28 Jul 2024 13:01:22 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Connection keep-alive X-Verify-Code ea3d7204c8fd1e8c313dc08ef84bfac2 Content-Length 4293 Last-Modified Sun, 28 Jul 2024 13:00:00 GMT Server NWS_SSD_MID Vary Origin Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Daa-Tunnel hop_count=1 X-NWS-LOG-UUID 1887619086535211473 Accept-Ranges bytes Expires Mon, 28 Jul 2025 13:01:22 GMT
GET H2	200	chunk-vendors.1722434014141.js Show response images.jkqingman.com/course-h5-static/env-prod/static/js/	199 KB 69 KB	3130ms 343ms	Script application/javascript	60.13.97.138 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://images.jkqingman.com/course-h5-static/env-prod/static/js/chunk-vendors.1722434014141.js Requested by Host: delivery.hqcmwl.com URL: https://delivery.hqcmwl.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 60.13.97.138 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software tencent-cos / Resource Hash `7154478724fc0a6990db9448495e9bac5904a2273a5cc31a678911f5a11ada2f` Request headers Referer https://delivery.hqcmwl.com/ Origin https://delivery.hqcmwl.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 13:07:57 GMT content-encoding br x-cache-lookup Cache Hit, Hit From Inner Cluster, Cache Miss x-cos-request-id NjZiMjIwMmRfNjQ0ZTQ0MGJfZTE2OF8zNGYyMjE5 x-cos-hash-crc64ecma 18345891073841737160 last-modified Wed, 31 Jul 2024 14:01:39 GMT server tencent-cos etag "7dc0b04b2ce1cd0d496bb99ffa9485dc" access-control-max-age 60 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-expose-headers ETag,Content-Length,x-cos-request-id cache-control max-age=0 x-nws-log-uuid 7080000060855099150 accept-ranges bytes
GET H2	200	app.1722434014141.js Show response images.jkqingman.com/course-h5-static/env-prod/static/js/	28 KB 9 KB	3128ms 342ms	Script application/javascript	60.13.97.138 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://images.jkqingman.com/course-h5-static/env-prod/static/js/app.1722434014141.js Requested by Host: delivery.hqcmwl.com URL: https://delivery.hqcmwl.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 60.13.97.138 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software tencent-cos / Resource Hash `9c1210e614bb452c4642d94cb37946e6d8f9b59d689032dda2417ef456316b8b` Request headers Referer https://delivery.hqcmwl.com/ Origin https://delivery.hqcmwl.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 22:22:04 GMT content-encoding br x-cache-lookup Cache Hit, Hit From Inner Cluster, Cache Miss x-cos-request-id NjZiMmEyMGNfNjVjZjM4MGJfMTk3ZGRfNjMxNjE2Yw== x-cos-hash-crc64ecma 17288357565806529598 last-modified Wed, 31 Jul 2024 14:01:39 GMT server tencent-cos etag "e33e157adc3392f8331faa03b1e98177" access-control-max-age 60 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-expose-headers ETag,Content-Length,x-cos-request-id cache-control max-age=0 x-nws-log-uuid 10572362373769655807 accept-ranges bytes
GET H2	200	app.992a1da5.css images.jkqingman.com/course-h5-static/env-prod/static/css/	14 KB 3 KB	3118ms 305ms	Stylesheet text/css	60.13.97.138 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://images.jkqingman.com/course-h5-static/env-prod/static/css/app.992a1da5.css Requested by Host: delivery.hqcmwl.com URL: https://delivery.hqcmwl.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 60.13.97.138 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software tencent-cos / Resource Hash `32e3579b01f4a1decb5b964eb5a59b38f6c1f41c57ed9742d3854bb68282061c` Request headers Referer https://delivery.hqcmwl.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 18:00:36 GMT content-encoding br x-cache-lookup Cache Hit x-cos-request-id NjZhOTJhNDRfYmU0ZTQ0MGJfMmZlNDZfMjhhYzQzZQ== content-length 3107 x-cos-hash-crc64ecma 8014742210130175537 last-modified Fri, 03 Nov 2023 03:25:14 GMT server tencent-cos etag "41984eeb092c74d90d792fc083b094e6" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods POST, GET, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=0 x-nws-log-uuid 2136885656383379512 accept-ranges bytes
OPTIONS H2	200	data gateway.jkqingman.com/promotion/statistics/	0 0	1292ms 262ms	Preflight	101.42.131.249 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://gateway.jkqingman.com/promotion/statistics/data Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.42.131.249 Beijing, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept / Access-Control-Request-Headers access-control-allow-origin,content-type Access-Control-Request-Method POST Origin https://delivery.hqcmwl.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-headers access-control-allow-origin, content-type access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers * * content-length 0 date Thu, 08 Aug 2024 10:21:02 GMT server nginx/1.20.1 vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	200	data Show response gateway.jkqingman.com/promotion/statistics/	45 B 225 B	249ms 248ms	XHR application/json	101.42.131.249 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://gateway.jkqingman.com/promotion/statistics/data Requested by Host: images.jkqingman.com URL: https://images.jkqingman.com/course-h5-static/env-prod/static/js/chunk-vendors.1722434014141.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.42.131.249 Beijing, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software / Resource Hash `00fae87bf9aa70f4883c449d4d06e568b4b0be1ecb23493e496d57bba48905fc` Request headers Access-Control-Allow-Origin * Accept application/json, text/plain, / Referer https://delivery.hqcmwl.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 08 Aug 2024 10:21:02 GMT access-control-expose-headers * vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json
GET H2	200	favicon.ico images.jkqingman.com/course-h5-static/env-prod/	9 KB 10 KB	740ms 739ms	Other image/x-icon	60.13.97.138 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://images.jkqingman.com/course-h5-static/env-prod/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 60.13.97.138 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software tencent-cos / Resource Hash `09908a44d27e5268c23322fe9a4e95c87e10a81daa43d543c975725bc515a632` Request headers Referer https://delivery.hqcmwl.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 10:21:01 GMT x-cos-hash-crc64ecma 2110705484685919906 x-cache-lookup Cache Miss, Cache Miss server tencent-cos last-modified Fri, 03 Nov 2023 03:25:12 GMT etag "e25c83a472159bf297b34b40e9048609" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods POST, GET, OPTIONS content-type image/x-icon x-cos-request-id NjZiNDljMGRfODZiODI0MDlfZDdhZF8zNTcyNTA3 access-control-allow-origin * x-nws-log-uuid 13738637414610749888 accept-ranges bytes content-length 9662

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| jWeixin object| wx object| webpackChunkh5_course

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

delivery.hqcmwl.com
gateway.jkqingman.com
images.jkqingman.com
res.wx.qq.com
101.42.131.249
43.152.182.19
60.13.97.138
82.157.158.168
00fae87bf9aa70f4883c449d4d06e568b4b0be1ecb23493e496d57bba48905fc
09908a44d27e5268c23322fe9a4e95c87e10a81daa43d543c975725bc515a632
32e3579b01f4a1decb5b964eb5a59b38f6c1f41c57ed9742d3854bb68282061c
50288566c4635cbdeaced6d25e6a968a4a310bf655fdc49ec19f3910db6d8c9b
7154478724fc0a6990db9448495e9bac5904a2273a5cc31a678911f5a11ada2f
9c1210e614bb452c4642d94cb37946e6d8f9b59d689032dda2417ef456316b8b
bce2773adf8aeca3502989dd94679e7f537dd3e5ab2dd1c35f577acc4d7e9fb4

delivery.hqcmwl.com Open in urlscan Pro 82.157.158.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

97 kBTransfer

265 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

delivery.hqcmwl.com Open in urlscan Pro
82.157.158.168 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

97 kB
Transfer

265 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions