Report - kaod42.com/user/login/

Report Overview

Submitted URL
kaod42.com/user/login/
IP
194.53.53.245
ASN
#209242 Cloudflare London, LLC
Submitted
2024-04-26 18:27:06
Access
public
Website Title
91TV
Final URL
hfcd66.com/user/login/?oofelo=mvn0q
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
indexs.zjqfart.cn	unknown	2021-12-01	2022-03-11	2024-02-16	7.7 kB	1.2 MB	123.234.2.80
hfcd66.com	unknown	unknown	No data	No data	2.5 kB	21 kB	194.53.53.246
baidutongji.baidutongj.com	unknown	2022-11-26	2022-11-26	2023-06-14	407 B	242 B	8.219.174.235
www.hgty3379.com	unknown	2023-09-01	2023-11-16	2023-11-16	460 B	86 kB	202.79.161.87
hgty3379.com	unknown	unknown	No data	No data	458 B	86 kB	52.231.111.19
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	867 B	163 kB	142.250.74.168
kaod42.com	unknown	unknown	No data	No data	1.5 kB	19 kB	194.53.53.11
hm.baidu.com	8254	1999-10-11	2012-05-26	2024-04-25	1.1 kB	12 kB	111.45.11.83
enctvmage.bhstz.com	unknown	2016-12-05	2023-07-02	2024-01-21	1.3 kB	198 kB	54.230.111.73
image.yahoo10007.icu	unknown	2023-10-29	2023-11-15	2024-02-15	407 B	40 kB	104.208.71.232

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	indexs.zjqfart.cn/json/umi.35e5d040.js	Detects hex encoded code that has been base64 encoded

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	indexs.zjqfart.cn/json/js/fullscreen.min.js	3.1 kB	2023-03-14	2024-05-01
Pretty URL indexs.zjqfart.cn/json/js/fullscreen.min.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 15:19:25 Last Seen2024-05-01 16:20:46 Times Seen22 Hash aa5a0204671b4bb4503672e22a88b0aa b3aa2afa0829afbb9ec73fad16f3a7503440af7a 0a4a57a2a1e2adba25cfc5e12cde7a8e759aeb9c8b56082aff943e457c28d31e Loading...

	hfcd66.com/user/login/?oofelo=mvn0q	0 B	2023-03-07	2024-05-07
Pretty URL hfcd66.com/user/login/?oofelo=mvn0q IP 194.53.53.246 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 13:46:42 Times Seen37409255 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.6be24bd0.async.js	6.8 kB	2024-04-21	2024-05-01
Pretty URL indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.6be24bd0.async.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 20:20:50 Last Seen2024-05-01 16:20:47 Times Seen12 Hash 09b6472a62cb710c1f15e6c9c89d910d 5c5fad8dcdb5426261f4e258d9a18dd2516f7d59 34f594daaa9a4d8e9abb56e02b43c711a09892d8d8af7379d65cb7038ba779cc Loading...

	unknown	37 B	2023-04-11	2024-05-07
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49:14 Last Seen2024-05-07 13:40:12 Times Seen22311 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~9e82a60c.488ee397.async.js	23 kB	2023-03-14	2024-05-01
Pretty URL indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~9e82a60c.488ee397.async.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 15:19:25 Last Seen2024-05-01 16:20:47 Times Seen23 Hash 220664469d005e85a5cfeaceff12852b f7dda5efdf1b99fef9da3ea2d96c25a766b16758 991fe1e8e4f3600575283f80a94084c481d196805a8fefee3647e223750c426b Loading...

	hm.baidu.com/hm.js?d72936b577d7f5edb33ab6b7fdea8051	30 kB	2024-04-26	2024-04-26
Pretty URL hm.baidu.com/hm.js?d72936b577d7f5edb33ab6b7fdea8051 IP 111.45.11.83 ASN #56040 China Mobile communications corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:27:14 Last Seen2024-04-26 20:27:15 Times Seen2 Hash 45fd65d1406d0498406f3280f8582ca9 f9ccd4bcff30054cd9338a9576a159cdbcccbcd9 e908fd31725d420ce6f047ad79c9a4ae2a2c6c175567589823adf1e6a3575dfb Loading...

	indexs.zjqfart.cn/json/js/DPlayer.min.js	218 kB	2023-03-14	2024-05-01
Pretty URL indexs.zjqfart.cn/json/js/DPlayer.min.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 15:19:25 Last Seen2024-05-01 16:20:46 Times Seen16 Hash 1364f1d45add93bbc7ab09831751cf05 cc132a863b2c5d427df289c32eadd181f34af9c8 199d8d25d8114dcbd9df360e1303a1f9ecbfd66b71424bb4f9f2bf630da5087b Loading...

	unknown	1.6 kB	2024-04-24	2024-05-01
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-24 16:11:11 Last Seen2024-05-01 16:20:46 Times Seen5 Hash 92194be2916fe7f2b1da4046b623fbf3 98d69551bebd8d91c765d397ac8407e034815a1f c725702d1811b65b85ec09c57b7047b64f310f0ebf67a44c85a51aecba6f75cd Loading...

	indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.b1d3b007.async.js	20 kB	2024-04-21	2024-05-01
Pretty URL indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.b1d3b007.async.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 20:20:49 Last Seen2024-05-01 16:20:47 Times Seen12 Hash aa146bb0088faa4c508079a94777dbfe 30879406c97d87412db2aa046c1d452c1894c11e f6322b42193112414b354524dd5c050a2cceff67b16b987fc938c7897c279c2a Loading...

	www.googletagmanager.com/gtag/js?id=G-S50MDY57KE&l=dataLayer&cx=c	251 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-S50MDY57KE&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:27:14 Last Seen2024-04-26 20:27:15 Times Seen2 Hash f51c97c531d421c140b7ea9cc9464820 350c8c792b62dc5b6d430b607171730d975874a0 2b451b91b28dc13f6eca3436f31be79bd45fb6aaeade651c11f0fceb5bc8baf4 Loading...

	indexs.zjqfart.cn/json/layouts__UserLayout.7a697a25.async.js	550 kB	2024-04-26	2024-04-26
Pretty URL indexs.zjqfart.cn/json/layouts__UserLayout.7a697a25.async.js IP 123.6.40.224 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:27:14 Last Seen2024-04-26 20:27:15 Times Seen2 Hash 066c6cb1e577f8011a65940bbea94413 04644b3bc1d4857100f975734946cb6f7e5e665c 32a2c55748bb2e12f8623bf2e0afe31cbbfa00d09f5e4627adcd91e9319f6d07 Loading...

	unknown	309 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 20:27:15 Last Seen2024-04-26 20:27:15 Times Seen1 Hash 6e7357325a6bafe958995c2aec1a9660 3051b5ff5e48414542b9d2f961987b6036ae7307 83f9b4ebe7e4a88061740d9d9a5b2dc01354a92958bf7f573dc106fdf46c82da Loading...

	baidutongji.baidutongj.com/bootstrap	89 B	2023-06-14	2024-05-01
Pretty URL baidutongji.baidutongj.com/bootstrap IP 8.219.174.235 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 11:54:52 Last Seen2024-05-01 16:20:46 Times Seen12 Hash 0d922787acbc5af0227731175ada54ea 2de490425b76266e1860299c0ab904bb87a0c04a 2597988e23067c758514ffadc0fcf071c4864a8d4c1d09aa0bab2057bb15d0eb Loading...

	hfcd66.com/user/login/?oofelo=mvn0q	0 B	2023-03-07	2024-05-07
Pretty URL hfcd66.com/user/login/?oofelo=mvn0q IP 194.53.53.246 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 13:46:42 Times Seen37409255 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	hfcd66.com/user/login/?oofelo=mvn0q	0 B	2023-03-07	2024-05-07
Pretty URL hfcd66.com/user/login/?oofelo=mvn0q IP 194.53.53.246 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 13:46:42 Times Seen37409255 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	hfcd66.com/user/login/?oofelo=mvn0q	0 B	2023-03-07	2024-05-07
Pretty URL hfcd66.com/user/login/?oofelo=mvn0q IP 194.53.53.246 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 13:46:42 Times Seen37409255 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-07
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-07 13:45:05 Times Seen345058 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	indexs.zjqfart.cn/json/umi.35e5d040.js	1.3 MB	2024-04-21	2024-05-01
Pretty URL indexs.zjqfart.cn/json/umi.35e5d040.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 20:20:50 Last Seen2024-05-01 16:20:47 Times Seen12 Hash 07e88c0787f4c89ab7406a8a27edec33 b927251377942b83ede8cfa7376b40a2a0081f41 6e5062971c1c8a242c75c6c1d567867301c7cb4e65a2adbc67f3fedf6b5a1b8d Loading...

	indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~7dd54bcf.137aec48.async.js	1.1 MB	2024-04-21	2024-05-01
Pretty URL indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~7dd54bcf.137aec48.async.js IP 123.6.40.224 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 20:20:49 Last Seen2024-05-01 16:20:47 Times Seen12 Hash 2a78bf399de73f12e433ef5d0f229101 750e1f8b6720476129a99783f14f6e9bcbce50e5 84e228c452561f2dc07ac93f601fef77e37be87723cc808cc90ae176fef6ad60 Loading...

	indexs.zjqfart.cn/json/js/hls.min.js	238 kB	2023-03-14	2024-05-01
Pretty URL indexs.zjqfart.cn/json/js/hls.min.js IP 123.234.2.80 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 15:19:25 Last Seen2024-05-01 16:20:46 Times Seen21 Hash 539732563219e1f0ce48aacdb77d62d4 a72c05fff1bcdd12c8865e59c1077ae4e3789fba 3a9297cfa8fada7008059f4e5bc2bf9a69c684dbdbe72231245c800505864274 Loading...

	hfcd66.com/user/login/sandbox%20eval%20code	147 B	2023-04-11	2024-05-07
Pretty URL hfcd66.com/user/login/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-07 13:45:05 Times Seen345567 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	hfcd66.com/user/login/?oofelo=mvn0q	0 B	2023-03-07	2024-05-07
Pretty URL hfcd66.com/user/login/?oofelo=mvn0q IP 194.53.53.246 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 13:46:42 Times Seen37409255 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-165362072-4	202 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-165362072-4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:27:15 Last Seen2024-04-26 20:27:15 Times Seen2 Hash 9b28e73e48ed6d643aee9ea321c77086 550cfeb428d53f85a7e1a33d8df84ea1717ab45e 588e14b5a987615419fc1cfa09455bb235d23086b6330bc71bd7522915856091 Loading...

	indexs.zjqfart.cn/json/p__Login.3a272e5d.async.js	79 kB	2024-04-26	2024-04-26
Pretty URL indexs.zjqfart.cn/json/p__Login.3a272e5d.async.js IP 123.6.40.224 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:27:15 Last Seen2024-04-26 20:27:15 Times Seen2 Hash b3691645c91f67ce8e72511a19b5f1be 22aa4727a27952a82194d938cc574ce8224d8b4b 050cb8a4788bc69da5f5c0fc1bfb86a44d9333270a50d4646e497cd0f0250244 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7f75aa3049c4d3f4191bcbe429494541	115 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 20:27:15 Last Seen2024-04-26 20:27:15 Times Seen1 Hash 7f75aa3049c4d3f4191bcbe429494541 94e9cc66ce2b1da75b9db0dc5f2e9f14603c1c0d 07db7026f5223dd4ef9deba3b475cd161e5bcfde6d679d45ba369f8e4341735b Loading...

	#2 Eval - 51d83e422ac335045146e63e79242d9f	87 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 20:27:15 Last Seen2024-04-26 20:27:15 Times Seen1 Hash 51d83e422ac335045146e63e79242d9f b22db180ea34211213e94771e542fc33ddfa9771 60521f9c68ebb0bd2d62f020bef0877230139869c8d50958abde840d8899bba6 Loading...

	#3 Eval - c108089ae234929968d55aad1bed57c9	49 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 20:27:15 Last Seen2024-04-26 20:27:15 Times Seen1 Hash c108089ae234929968d55aad1bed57c9 f8f08ea9eb591fd40a32d8d1bffea563d81b8108 a789e07809ebfaa4ed2c44041fcff89e45a885e8a03c36d41ee52f35c6024d4e Loading...

HTTP Transactions (35)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=UA-165362072-4

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-165362072-4
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73184 bytes)
Hash
9b28e73e48ed6d643aee9ea321c77086
550cfeb428d53f85a7e1a33d8df84ea1717ab45e
588e14b5a987615419fc1cfa09455bb235d23086b6330bc71bd7522915856091

HTTP Headers

GET /gtag/js?id=UA-165362072-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 18:26:40 GMT
expires: Fri, 26 Apr 2024 18:26:40 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

indexs.zjqfart.cn/json/umi.2b583632.css

123.234.2.80

200 OK

16 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/umi.2b583632.css
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (16492 bytes)
Hash
7cb95b6ec47bc915d9d156b0120b6603
96ad98dff5b22630ca84328f316b39316d5c26d2
084f0b067a0e1535035005db856918cb8808830604c6e722242439f253ddaac7

HTTP Headers

GET /json/umi.2b583632.css HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-20ec3"
Server: nginx
Date: Tue, 26 Mar 2024 12:33:05 GMT
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 16492
Accept-Ranges: bytes
X-NWS-LOG-UUID: 4476155194641979228
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/js/DPlayer.min.js

123.234.2.80

200 OK

45 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/js/DPlayer.min.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
45 kB (44942 bytes)
Hash
1364f1d45add93bbc7ab09831751cf05
cc132a863b2c5d427df289c32eadd181f34af9c8
199d8d25d8114dcbd9df360e1303a1f9ecbfd66b71424bb4f9f2bf630da5087b

HTTP Headers

GET /json/js/DPlayer.min.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-3531d"
Server: nginx
Date: Mon, 01 Apr 2024 06:29:26 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 44942
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5943147228099387428
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/js/fullscreen.min.js

123.234.2.80

200 OK

884 B

URL GET HTTP/1.1
indexs.zjqfart.cn/json/js/fullscreen.min.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (786)
Size
884 B (884 bytes)
Hash
aa5a0204671b4bb4503672e22a88b0aa
b3aa2afa0829afbb9ec73fad16f3a7503440af7a
0a4a57a2a1e2adba25cfc5e12cde7a8e759aeb9c8b56082aff943e457c28d31e

HTTP Headers

GET /json/js/fullscreen.min.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-c19"
Server: nginx
Date: Tue, 26 Mar 2024 21:53:11 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 884
Accept-Ranges: bytes
X-NWS-LOG-UUID: 6257641336418278037
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/js/hls.min.js

123.234.2.80

200 OK

71 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/js/hls.min.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
71 kB (71391 bytes)
Hash
539732563219e1f0ce48aacdb77d62d4
a72c05fff1bcdd12c8865e59c1077ae4e3789fba
3a9297cfa8fada7008059f4e5bc2bf9a69c684dbdbe72231245c800505864274

HTTP Headers

GET /json/js/hls.min.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-3a334"
Server: nginx
Date: Tue, 26 Mar 2024 19:05:46 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 71391
Accept-Ranges: bytes
X-NWS-LOG-UUID: 3669863467046514781
Connection: keep-alive
X-Cache-Lookup: Cache Hit

kaod42.com/user/login/

194.53.53.11

637 B

URL
kaod42.com/user/login/
IP
194.53.53.11:0
ASN
#209242 Cloudflare London, LLC

File type
HTML document, ASCII text, with very long lines (938), with no line terminators
Size
637 B (637 bytes)
Hash
6759ea381d2c8d10e97c0d41257c665e
606d50e565b84275b72d85b849e63709c9a0b536
c5f95891b6a79d36e0afb69b388397920a16f26d5c6f45c9ad8f8c01934d8f03

HTTP Headers

GET /user/login/ HTTP/1.1
Host: kaod42.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:26:38 GMT
content-type: text/html
pragma: no-cache
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jgjvO8EMlPrTRViZJcgisB50E0%2Bl3QLVSg5fcJ4aiNg1uAkF1MxEX6%2FVfdGJuhZ9QCHlspBvPaQLic9r6ohO8OK1UaXCwzFRlXzyX9WTbxm6jnOuPysMl6YsLHj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f4dad725693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-S50MDY57KE&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-S50MDY57KE&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
89 kB (88809 bytes)
Hash
f51c97c531d421c140b7ea9cc9464820
350c8c792b62dc5b6d430b607171730d975874a0
2b451b91b28dc13f6eca3436f31be79bd45fb6aaeade651c11f0fceb5bc8baf4

HTTP Headers

GET /gtag/js?id=G-S50MDY57KE&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 18:26:41 GMT
expires: Fri, 26 Apr 2024 18:26:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

indexs.zjqfart.cn/json/umi.35e5d040.js

123.234.2.80

200 OK

404 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/umi.35e5d040.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
404 kB (403974 bytes)
Hash
07e88c0787f4c89ab7406a8a27edec33
b927251377942b83ede8cfa7376b40a2a0081f41
6e5062971c1c8a242c75c6c1d567867301c7cb4e65a2adbc67f3fedf6b5a1b8d

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects hex encoded code that has been base64 encoded

HTTP Headers

GET /json/umi.35e5d040.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 08 Mar 2024 21:41:37 GMT
Content-Encoding: gzip
Etag: W/"65eb8611-132b39"
Server: nginx
Date: Sat, 09 Mar 2024 14:23:52 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 403974
Accept-Ranges: bytes
X-NWS-LOG-UUID: 7221147262373688201
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.b1d3b007.async.js

123.234.2.80

200 OK

7.2 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.b1d3b007.async.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20172), with no line terminators
Size
7.2 kB (7244 bytes)
Hash
aa146bb0088faa4c508079a94777dbfe
30879406c97d87412db2aa046c1d452c1894c11e
f6322b42193112414b354524dd5c050a2cceff67b16b987fc938c7897c279c2a

HTTP Headers

GET /json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.b1d3b007.async.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-4ecc"
Server: nginx
Date: Sat, 16 Mar 2024 18:32:52 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 7244
Accept-Ranges: bytes
X-NWS-LOG-UUID: 6769736127600847608
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.be1494e0.chunk.css

123.234.2.80

200 OK

8.1 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.be1494e0.chunk.css
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.1 kB (8074 bytes)
Hash
2049c2d18f2978d81f86cb4ec94e9d93
247f6abe98a433a228da5439db9f30e718b5b713
8b9f12cfc6642e82f72137b28b4b5caf79a6960ca5b2385cf0e8b2964d544a05

HTTP Headers

GET /json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.be1494e0.chunk.css HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-11c19"
Server: nginx
Date: Thu, 11 Apr 2024 16:46:04 GMT
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 8074
Accept-Ranges: bytes
X-NWS-LOG-UUID: 7849565679410677794
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/layouts__UserLayout.52bb5f28.chunk.css

123.6.40.224

200 OK

26 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/layouts__UserLayout.52bb5f28.chunk.css
IP
123.6.40.224:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26185 bytes)
Hash
9d9375b86b657c4c469420fd7bf1ec8f
ed5262a3f604beb87b2ef352113e77610ff9df71
8fce1b67fc4f72ed277f28411636d235426a8418939736527dfa7125d7557f07

HTTP Headers

GET /json/layouts__UserLayout.52bb5f28.chunk.css HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-2a311"
Server: nginx
Date: Thu, 28 Mar 2024 23:26:12 GMT
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 26185
Accept-Ranges: bytes
X-NWS-LOG-UUID: 8944830927238814517
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.6be24bd0.async.js

123.234.2.80

200 OK

2.5 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.6be24bd0.async.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6788), with no line terminators
Size
2.5 kB (2527 bytes)
Hash
09b6472a62cb710c1f15e6c9c89d910d
5c5fad8dcdb5426261f4e258d9a18dd2516f7d59
34f594daaa9a4d8e9abb56e02b43c711a09892d8d8af7379d65cb7038ba779cc

HTTP Headers

GET /json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~14ee3192.6be24bd0.async.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-1a84"
Server: nginx
Date: Sat, 30 Mar 2024 14:21:10 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 2527
Accept-Ranges: bytes
X-NWS-LOG-UUID: 519303592915515454
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.26d8372d.chunk.css

123.234.2.80

200 OK

2.0 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.26d8372d.chunk.css
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10364), with no line terminators
Size
2.0 kB (1968 bytes)
Hash
5c0e97e53bab4418774467eb0f971183
fbcd1cc473b3cc24fcdb4addfd8d3f3128d61547
965f093b1e1f19a4d905b654ce71c593ef7e0d5ff757f0e6648d86a7138dc1f3

HTTP Headers

GET /json/vendors~layouts__BasicLayout~layouts__SecurityLayout~layouts__UserLayout~layouts__VipLogin~p__AskVid~a9630bf7.26d8372d.chunk.css HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-287c"
Server: nginx
Date: Fri, 22 Mar 2024 15:02:58 GMT
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 1968
Accept-Ranges: bytes
X-NWS-LOG-UUID: 14151738049505111015
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~9e82a60c.488ee397.async.js

123.234.2.80

200 OK

5.0 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~9e82a60c.488ee397.async.js
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (23392), with no line terminators
Size
5.0 kB (4962 bytes)
Hash
220664469d005e85a5cfeaceff12852b
f7dda5efdf1b99fef9da3ea2d96c25a766b16758
991fe1e8e4f3600575283f80a94084c481d196805a8fefee3647e223750c426b

HTTP Headers

GET /json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~9e82a60c.488ee397.async.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-5b60"
Server: nginx
Date: Tue, 26 Mar 2024 12:33:10 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 4962
Accept-Ranges: bytes
X-NWS-LOG-UUID: 10513252624409645978
Connection: keep-alive
X-Cache-Lookup: Cache Hit

hm.baidu.com/hm.js?d72936b577d7f5edb33ab6b7fdea8051

111.45.11.83

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?d72936b577d7f5edb33ab6b7fdea8051
IP
111.45.11.83:443
ASN
#56040 China Mobile communications corporation

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
JavaScript source, ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
45fd65d1406d0498406f3280f8582ca9
f9ccd4bcff30054cd9338a9576a159cdbcccbcd9
e908fd31725d420ce6f047ad79c9a4ae2a2c6c175567589823adf1e6a3575dfb

HTTP Headers

GET /hm.js?d72936b577d7f5edb33ab6b7fdea8051 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Fri, 26 Apr 2024 18:26:42 GMT
Etag: 0b04fed578206bf9715a6dfdee5d12bc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=830F9CADF410E0AE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1330374350&si=d72936b577d7f5edb33ab6b7fdea8051&su=https%3A%2F%2Fkaod42.com%2F&v=1.3.0&lv=1&sn=22543&r=0&ww=1280&u=https%3A%2F%2Fhfcd66.com%2Fuser%2Flogin%2F%3Foofelo%3Dmvn0q&tt=91TV

111.45.11.83

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1330374350&si=d72936b577d7f5edb33ab6b7fdea8051&su=https%3A%2F%2Fkaod42.com%2F&v=1.3.0&lv=1&sn=22543&r=0&ww=1280&u=https%3A%2F%2Fhfcd66.com%2Fuser%2Flogin%2F%3Foofelo%3Dmvn0q&tt=91TV
IP
111.45.11.83:443
ASN
#56040 China Mobile communications corporation

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1330374350&si=d72936b577d7f5edb33ab6b7fdea8051&su=https%3A%2F%2Fkaod42.com%2F&v=1.3.0&lv=1&sn=22543&r=0&ww=1280&u=https%3A%2F%2Fhfcd66.com%2Fuser%2Flogin%2F%3Foofelo%3Dmvn0q&tt=91TV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 26 Apr 2024 18:26:43 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4BEF95919B6F6639; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

indexs.zjqfart.cn/json/layouts__UserLayout.7a697a25.async.js

123.6.40.224

200 OK

179 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/layouts__UserLayout.7a697a25.async.js
IP
123.6.40.224:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
179 kB (179404 bytes)
Hash
066c6cb1e577f8011a65940bbea94413
04644b3bc1d4857100f975734946cb6f7e5e665c
32a2c55748bb2e12f8623bf2e0afe31cbbfa00d09f5e4627adcd91e9319f6d07

HTTP Headers

GET /json/layouts__UserLayout.7a697a25.async.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-862aa"
Server: nginx
Date: Tue, 26 Mar 2024 22:41:44 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 179404
Accept-Ranges: bytes
X-NWS-LOG-UUID: 17812893826379947719
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~7dd54bcf.137aec48.async.js

123.6.40.224

200 OK

353 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~7dd54bcf.137aec48.async.js
IP
123.6.40.224:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
353 kB (352644 bytes)
Hash
2a78bf399de73f12e433ef5d0f229101
750e1f8b6720476129a99783f14f6e9bcbce50e5
84e228c452561f2dc07ac93f601fef77e37be87723cc808cc90ae176fef6ad60

HTTP Headers

GET /json/vendors~layouts__BasicLayout~layouts__UserLayout~p__AskVideoList~p__BloggerList~p__BloggerListVideo~~7dd54bcf.137aec48.async.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: "65e7f7f9-10c1ce"
Server: nginx
Date: Wed, 06 Mar 2024 09:55:24 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 352644
Accept-Ranges: bytes
X-NWS-LOG-UUID: 4973322328771695248
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/icon.png

123.234.2.80

11 kB

URL GET
indexs.zjqfart.cn/json/icon.png
IP
123.234.2.80:0
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
PNG image data, 234 x 239, 8-bit/color RGBA, non-interlaced
Size
11 kB (11167 bytes)
Hash
e7edabb29e5b2694b2c5045335abee62
ceeb132f5c16a2ae210eef62bb2f35978b6791ff
c37f229e2c245dd049c2570feebe7708ef570d6852d8865e9ae0c9f0a94d57df

HTTP Headers

GET /json/icon.png HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-2bac"
Server: nginx
Date: Fri, 26 Apr 2024 12:19:13 GMT
Content-Type: image/png
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 11167
Accept-Ranges: bytes
X-NWS-LOG-UUID: 15789131132975377813
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600

indexs.zjqfart.cn/json/p__Login.479cb0ae.chunk.css

123.6.40.224

200 OK

5.9 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/p__Login.479cb0ae.chunk.css
IP
123.6.40.224:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (39792), with no line terminators
Size
5.9 kB (5877 bytes)
Hash
80801ca79e79ccace2aa702b29934501
92316406f4231276050e2d28033ecff37fad5e1b
d1b19c1ad5bcb28813b8d479d96b840512a96d923afd0e5aad7c5960b74a4d07

HTTP Headers

GET /json/p__Login.479cb0ae.chunk.css HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-9b70"
Server: nginx
Date: Sat, 09 Mar 2024 03:36:25 GMT
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 5877
Accept-Ranges: bytes
X-NWS-LOG-UUID: 7563440554015141721
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/p__Login.3a272e5d.async.js

123.6.40.224

200 OK

21 kB

URL GET HTTP/1.1
indexs.zjqfart.cn/json/p__Login.3a272e5d.async.js
IP
123.6.40.224:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (21439 bytes)
Hash
b3691645c91f67ce8e72511a19b5f1be
22aa4727a27952a82194d938cc574ce8224d8b4b
050cb8a4788bc69da5f5c0fc1bfb86a44d9333270a50d4646e497cd0f0250244

HTTP Headers

GET /json/p__Login.3a272e5d.async.js HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Content-Encoding: gzip
Etag: W/"65e7f7f9-13523"
Server: nginx
Date: Fri, 29 Mar 2024 16:31:19 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 21439
Accept-Ranges: bytes
X-NWS-LOG-UUID: 7581341118932363234
Connection: keep-alive
X-Cache-Lookup: Cache Hit

indexs.zjqfart.cn/json/static/telegram.83e6c0a1.svg

123.234.2.80

200 OK

710 B

URL GET HTTP/1.1
indexs.zjqfart.cn/json/static/telegram.83e6c0a1.svg
IP
123.234.2.80:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectindexs.zjqfart.cn
Fingerprint58:49:CD:8B:D3:8C:F8:80:95:79:C7:7D:93:56:22:2A:CB:58:27:61
ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
710 B (710 bytes)
Hash
881693c4de111a1fc53c977dc08a38b0
3ea07153ef560e2519c1956002a784f0fd562051
9924b5c6628b75571a26fdd4a9bc6ed2635f04049272f65460d21d93a6922e99

HTTP Headers

GET /json/static/telegram.83e6c0a1.svg HTTP/1.1
Host: indexs.zjqfart.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 06 Mar 2024 04:58:33 GMT
Etag: "65e7f7f9-2c6"
Server: nginx
Date: Mon, 01 Apr 2024 11:28:53 GMT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,content-type,app_type,sign,did,time
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Length: 710
Accept-Ranges: bytes
X-NWS-LOG-UUID: 4569651885841704850
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600

enctvmage.bhstz.com/77xxx/files/202403/26/1711443846_RhfmuiMvzw.png

54.230.111.73

200 OK

165 kB

URL GET HTTP/2
enctvmage.bhstz.com/77xxx/files/202403/26/1711443846_RhfmuiMvzw.png
IP
54.230.111.73:443
ASN
#16509 AMAZON-02

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerAmazon
Subjectenctvmage.bhstz.com
FingerprintEC:77:0C:85:DA:D5:BF:0D:5F:91:90:BC:84:AD:4B:27:41:48:CB:2D
ValidityFri, 09 Jun 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
165 kB (164632 bytes)
Hash
57a3de6c6977029bcc7933c5137ec9aa
6366e2128357383f3e36fc3be98cd8223b823271
3309cad3e9395ec3daac96f45213aca7e10a7015cb27514df1c94739193e1fd6

HTTP Headers

GET /77xxx/files/202403/26/1711443846_RhfmuiMvzw.png HTTP/1.1
Host: enctvmage.bhstz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 164632
server: openresty
last-modified: Tue, 26 Mar 2024 09:04:06 GMT
accept-ranges: bytes
date: Fri, 26 Apr 2024 18:22:41 GMT
etag: "66028f86-28318"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s1XVczhdJIbTXntbD87AGDxf4bmzwfM6hT_CpWWQ6LdK-JC7NgkpFg==
age: 36775
X-Firefox-Spdy: h2

enctvmage.bhstz.com/77xxx/files/202404/08/1712577272_E8hHeUf4il.jpg

54.230.111.73

200 OK

30 kB

URL GET HTTP/2
enctvmage.bhstz.com/77xxx/files/202404/08/1712577272_E8hHeUf4il.jpg
IP
54.230.111.73:443
ASN
#16509 AMAZON-02

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerAmazon
Subjectenctvmage.bhstz.com
FingerprintEC:77:0C:85:DA:D5:BF:0D:5F:91:90:BC:84:AD:4B:27:41:48:CB:2D
ValidityFri, 09 Jun 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 1080x1080, components 3
Size
30 kB (29505 bytes)
Hash
b621c773dfdeeff742757521f19adf62
8fda197e7f6d73b04339b3616e47135a039b5978
4a811bdddc47f7ea7fd5d6c174e5d78a47127b97220ea0b756be19837b8a6bb4

HTTP Headers

GET /77xxx/files/202404/08/1712577272_E8hHeUf4il.jpg HTTP/1.1
Host: enctvmage.bhstz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 29505
server: openresty
last-modified: Mon, 08 Apr 2024 11:54:32 GMT
accept-ranges: bytes
date: Fri, 26 Apr 2024 18:22:41 GMT
etag: "6613daf8-7341"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WjWjI30KPIv54rVuKoa9CkPTmK-tnptH_36p-MMh0wFY9eRq7eUbNw==
age: 53661
X-Firefox-Spdy: h2

enctvmage.bhstz.com/77xxx/files/logo1/MaoMiAV.jpeg

54.230.111.73

200 OK

2.0 kB

URL GET HTTP/2
enctvmage.bhstz.com/77xxx/files/logo1/MaoMiAV.jpeg
IP
54.230.111.73:443
ASN
#16509 AMAZON-02

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerAmazon
Subjectenctvmage.bhstz.com
FingerprintEC:77:0C:85:DA:D5:BF:0D:5F:91:90:BC:84:AD:4B:27:41:48:CB:2D
ValidityFri, 09 Jun 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x120, components 3
Size
2.0 kB (2049 bytes)
Hash
6e98c64b4ab1acde7ccfbd750af7a7ec
481cedeb59da60db8c9923976740db1664c34cc9
92eabc41d2cf27d3c744c8ed4079235fb535855ef5b10b67d432ab5ab63818a7

HTTP Headers

GET /77xxx/files/logo1/MaoMiAV.jpeg HTTP/1.1
Host: enctvmage.bhstz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2049
server: openresty
date: Fri, 26 Apr 2024 06:25:36 GMT
last-modified: Thu, 29 Dec 2022 16:15:04 GMT
etag: "63adbd08-801"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GRylcuvJG2DrnwASS6qLFJomzc-iYmscIRf7GI_b1XhRJqL3s8f0Cg==
age: 43269
X-Firefox-Spdy: h2

image.yahoo10007.icu/KFUB/images/index/logo.jpg

104.208.71.232

200 OK

40 kB

URL GET HTTP/2
image.yahoo10007.icu/KFUB/images/index/logo.jpg
IP
104.208.71.232:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerUnizeto Technologies S.A.
Subjectgamelist.yahoo10000.icu
FingerprintE2:D6:C9:B4:67:71:D4:E5:E6:F7:98:F3:27:B4:BE:6E:9F:36:11:2F
ValiditySun, 29 Oct 2023 07:44:27 GMT - Wed, 27 Nov 2024 07:44:26 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=154, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=175], baseline, precision 8, 175x154, components 3
Size
40 kB (39541 bytes)
Hash
96fdc7002f1258d988337d291965ea5a
9b85bbd0b127ca359cdc8702fbf3992340d84975
0a8b47cf71becd046ee572cd67d740a975fbe5ff290d7c552e0b08008733dcc8

HTTP Headers

GET /KFUB/images/index/logo.jpg HTTP/1.1
Host: image.yahoo10007.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 18:26:45 GMT
content-type: image/jpeg
content-length: 39541
last-modified: Fri, 29 Dec 2023 13:07:07 GMT
etag: "658ec47b-9a75"
expires: Fri, 26 Apr 2024 19:26:45 GMT
cache-control: max-age=3600
access-control-allow-origin: *
x-proxy-cache: HIT
x-remote-addr: 91.90.42.154
x-forwarded-port: 443
http-geo-ipcountry: NO
accept-ranges: bytes
X-Firefox-Spdy: h2

hfcd66.com/api/config/list

194.53.53.246

200 OK

3.6 kB

URL POST HTTP/3
hfcd66.com/api/config/list
IP
194.53.53.246:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGoogle Trust Services LLC
Subjecthfcd66.com
Fingerprint6C:6C:67:15:B4:8D:F5:3E:73:20:04:81:1D:3C:EC:E2:7C:D5:AD:9D
ValiditySun, 14 Apr 2024 03:36:36 GMT - Sat, 13 Jul 2024 03:36:35 GMT

File type
JSON text data
Size
3.6 kB (3566 bytes)
Hash
d0558f3ac2d58f09fca7e93d199ab5ce
9881cc231b86762a161110849b7662ccf9de0cb0
bf933e9416dd11e76b2bd8b75acd9b38cb27c2d4113a36942bbc3d3a27d926bd

HTTP Headers

POST /api/config/list HTTP/1.1
Host: hfcd66.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
suffix: 7PR36V
Content-Length: 124
Origin: https://hfcd66.com
DNT: 1
Connection: keep-alive
Cookie: _ga_S50MDY57KE=GS1.1.1714156002.1.0.1714156002.0.0.0; _ga=GA1.1.1658380387.1714156002; Hm_lvt_d72936b577d7f5edb33ab6b7fdea8051=1714156003; Hm_lpvt_d72936b577d7f5edb33ab6b7fdea8051=1714156003
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:26:44 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/7.2.34
access-control-allow-methods: *, GET,POST,OPTIONS,DELETE, GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: x-requested-with,content-type,suffix, Origin,XMLHttpRequest,X-Requested-With,Content-Type,Accept,Connection,User-Agent,Cookie,access-control-allow-methods,access-control-allow-origin,content-type,suffix,lang, X-Requested-With,content-type,app_type,sign,did,time
access-control-allow-origin: *, *
x-cache-lookup: Cache Miss, Cache Miss
x-nws-log-uuid: 12594665005215275432
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTRZalkeYsDzs1cwzq4suPzujMKSwSl7inP0NVqRGeQQeA6TH1V0PPalTA0iIiJ1sJfUmM1ONQdiCF1X8v%2FlMugF6UCSo1ns%2FdKsEmcMpyqI6Xs4XppuiUyqWhYA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f7048cfb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.hgty3379.com/pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1

202.79.161.87

200 OK

86 kB

URL GET HTTP/1.1
www.hgty3379.com/pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1
IP
202.79.161.87:443
ASN
#64050 BGPNET Global ASN

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerLet's Encrypt
Subjectwww.hgty3379.com
FingerprintC0:FB:55:4B:9C:86:B3:6E:07:46:18:C1:B0:DD:EE:D7:84:24:27:F1
ValidityWed, 10 Apr 2024 19:29:30 GMT - Tue, 09 Jul 2024 19:29:29 GMT

File type
PNG image data, 2000 x 561, 8-bit/color RGBA, non-interlaced
Size
86 kB (85462 bytes)
Hash
82508791e1a0057cea533553d49da2aa
ca753434e69e04b4d50f2ec3e8a5e460623eb408
e9f17d99d4b0b6a5c29e28d5c5cbbaadee4d3ae1570fb497fc007f8baf4754e3

HTTP Headers

GET /pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1 HTTP/1.1
Host: www.hgty3379.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 85462
Content-Type: image/png
Date: Fri, 26 Apr 2024 09:16:11 GMT
ETag: "1714122971"
Last-Modified: Fri, 26 Apr 2024 09:16:11 GMT
Server: openresty/1.21.4.2
X-Amz-Id-2: OiX4VLmzZEfPfrqYTfF5/mQ4NaNJ4hF0Nj9jn93iUGb9McD1gjrpYm5ulGrAUVSI/8AyOUZ1DwQ=
X-Amz-Request-Id: J42QXQ41G5Q61YZC
X-Amz-Version-Id: LydeaKqJjzdxJIOkdfaDBmoc05R6NIdc
X-Cache: HIT, policy, disk

hfcd66.com/user/login/?oofelo=mvn0q

194.53.53.246

200 OK

8.3 kB

URL User Request GET HTTP/2
hfcd66.com/user/login/?oofelo=mvn0q
IP
194.53.53.246:443
ASN
#209242 Cloudflare London, LLC

Certificate
IssuerGoogle Trust Services LLC
Subjecthfcd66.com
Fingerprint6C:6C:67:15:B4:8D:F5:3E:73:20:04:81:1D:3C:EC:E2:7C:D5:AD:9D
ValiditySun, 14 Apr 2024 03:36:36 GMT - Sat, 13 Jul 2024 03:36:35 GMT

File type
HTML document, ASCII text, with very long lines (8727), with no line terminators
Size
8.3 kB (8310 bytes)
Hash
cd33dbaca4f0f19c27a6b8d39dcd6c80
226658f091192cc3182cdb95bd44c9db4b0a3574
4c5e39145db3dbb2ff9da2bf1d4f59c690adad7c387eef2ff8b780f573b9640e

HTTP Headers

GET /user/login/?oofelo=mvn0q HTTP/1.1
Host: hfcd66.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kaod42.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:26:39 GMT
content-type: text/html
last-modified: Wed, 06 Mar 2024 04:58:33 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type,app_type,sign,did,time
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c7gvJx84fiNf4wM4fKmA5hhSe7Wf7H7g%2BXbPs0Worrm2I5DxWDsf9dSfoFcHYpxMwuqgnzG6l%2B1wSJiKyVpxP44%2BtEwGtmDiOVvz9Ioo3xhtBM4sG%2Bri%2Fyj1zgaZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f557e827127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

baidutongji.baidutongj.com/bootstrap

8.219.174.235

200

89 B

URL GET HTTP/1.1
baidutongji.baidutongj.com/bootstrap
IP
8.219.174.235:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectbaidutongji.baidutongj.com
FingerprintEF:8C:A4:00:1B:ED:09:DC:EC:2D:43:8C:DE:55:9E:36:02:E8:A8:E3
ValiditySat, 02 Mar 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with no line terminators
Size
89 B (89 bytes)
Hash
6627f7b2ed1393ffb6cd5163eaf7a6cc
79a74bd28cce8600c77d61e2412fdb2e3489b179
637289c8738cf485abd6213da48c35e57c1b3d025221334c561a749ee4489105

HTTP Headers

GET /bootstrap HTTP/1.1
Host: baidutongji.baidutongj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hfcd66.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 26 Apr 2024 18:26:41 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 89
Connection: keep-alive

hgty3379.com/pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1

52.231.111.19

301 Moved Permanently

86 kB

URL GET HTTP/1.1
hgty3379.com/pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1
IP
52.231.111.19:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerLet's Encrypt
Subjectwww.hgty3379.com
FingerprintC0:FB:55:4B:9C:86:B3:6E:07:46:18:C1:B0:DD:EE:D7:84:24:27:F1
ValidityWed, 10 Apr 2024 19:29:30 GMT - Tue, 09 Jul 2024 19:29:29 GMT

File type

Size
86 kB (85462 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1 HTTP/1.1
Host: hgty3379.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Length: 175
Content-Type: text/html
Date: Fri, 26 Apr 2024 18:26:46 GMT
Location: https://www.hgty3379.com/pc2/ypt/static/upload/compression/new/03c3b27f34b01cd851514d9355be4026.png?noHome=1
Server: openresty/1.21.4.2
X-Cache: BYPASS, Status: 301

hfcd66.com/api/announcement/list

194.53.53.246

200 OK

528 B

URL POST HTTP/3
hfcd66.com/api/announcement/list
IP
194.53.53.246:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGoogle Trust Services LLC
Subjecthfcd66.com
Fingerprint6C:6C:67:15:B4:8D:F5:3E:73:20:04:81:1D:3C:EC:E2:7C:D5:AD:9D
ValiditySun, 14 Apr 2024 03:36:36 GMT - Sat, 13 Jul 2024 03:36:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (543), with no line terminators
Size
528 B (528 bytes)
Hash
4f60a846c40c78966e3704fc6e976a10
477f95cb671539b38262b55693bae43160377649
1def0069f35902b3b12dd852bd0f87ec7f1ce6b7877be4c4d6f4cfd2a3183abf

HTTP Headers

POST /api/announcement/list HTTP/1.1
Host: hfcd66.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
suffix: SHAXS5
Content-Length: 168
Origin: https://hfcd66.com
DNT: 1
Connection: keep-alive
Cookie: _ga_S50MDY57KE=GS1.1.1714156002.1.0.1714156002.0.0.0; _ga=GA1.1.1658380387.1714156002; Hm_lvt_d72936b577d7f5edb33ab6b7fdea8051=1714156003; Hm_lpvt_d72936b577d7f5edb33ab6b7fdea8051=1714156003
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:26:45 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/7.2.34
access-control-allow-methods: *, GET,POST,OPTIONS,DELETE, GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: x-requested-with,content-type,suffix, Origin,XMLHttpRequest,X-Requested-With,Content-Type,Accept,Connection,User-Agent,Cookie,access-control-allow-methods,access-control-allow-origin,content-type,suffix,lang, X-Requested-With,content-type,app_type,sign,did,time
access-control-allow-origin: *, *
x-cache-lookup: Cache Miss, Cache Miss
x-nws-log-uuid: 18105888008590253980
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x71lbFRFIr4animmXwftTWoukd5whUKAy0ccEL9BTj5WYeeM1%2F8EsqzlWpgfvmvm72Ly5Js38H7x2QzuTPTkqah0YjJFQKDw1sGfISF1NTifGJFO1yS%2FWs2qJKOH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f774c11b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

kaod42.com/user/login/?oofelo=mvn0q

194.53.53.11

307 Temporary Redirect

8.3 kB

URL User Request GET HTTP/3
kaod42.com/user/login/?oofelo=mvn0q
IP
194.53.53.11:443
ASN
#209242 Cloudflare London, LLC

Certificate
IssuerLet's Encrypt
Subjectkaod42.com
FingerprintEE:99:76:35:BF:35:18:AB:EB:76:7A:DA:25:01:D6:E9:CE:C3:73:76
ValidityMon, 18 Mar 2024 04:00:51 GMT - Sun, 16 Jun 2024 04:00:50 GMT

File type

Size
8.3 kB (8310 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user/login/?oofelo=mvn0q HTTP/1.1
Host: kaod42.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kaod42.com/user/login/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 307 Temporary Redirect
date: Fri, 26 Apr 2024 18:26:39 GMT
location: /user/login/?oofelo=mvn0q
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWflUVkrbs6fnxygUAxi04eeh3Ys4d4EgZYpuHZPnx6c%2FF9xjhQBllPK0SbQ4AsmBlguVL%2FAoJChk5wVdOB2DLhi%2FFLlh5Eb4FvviXeXjflbATYUr0ShYuZKY7Ak"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f50f9beb527-OSL
alt-svc: h3=":443"; ma=86400

hfcd66.com/api/title/list

194.53.53.246

200 OK

4.4 kB

URL POST HTTP/3
hfcd66.com/api/title/list
IP
194.53.53.246:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://hfcd66.com/user/login/?oofelo=mvn0q
Certificate
IssuerGoogle Trust Services LLC
Subjecthfcd66.com
Fingerprint6C:6C:67:15:B4:8D:F5:3E:73:20:04:81:1D:3C:EC:E2:7C:D5:AD:9D
ValiditySun, 14 Apr 2024 03:36:36 GMT - Sat, 13 Jul 2024 03:36:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4437), with no line terminators
Size
4.4 kB (4373 bytes)
Hash
4e49b34eebedbc5bf45a88ea24c3e619
b7b81df1961d319dec8840c22f204e3f75bd1f16
9ef6f15efe1bd64a12133ca183ee9b0aad7bf538304b8cbac24aa3f1ec22536f

HTTP Headers

POST /api/title/list HTTP/1.1
Host: hfcd66.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hfcd66.com/user/login/?oofelo=mvn0q
Content-Type: application/json
suffix: RLJBFS
Content-Length: 124
Origin: https://hfcd66.com
DNT: 1
Connection: keep-alive
Cookie: _ga_S50MDY57KE=GS1.1.1714156002.1.0.1714156002.0.0.0; _ga=GA1.1.1658380387.1714156002
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:26:43 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/7.2.34
access-control-allow-methods: *, GET,POST,OPTIONS,DELETE, GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: x-requested-with,content-type,suffix, Origin,XMLHttpRequest,X-Requested-With,Content-Type,Accept,Connection,User-Agent,Cookie,access-control-allow-methods,access-control-allow-origin,content-type,suffix,lang, X-Requested-With,content-type,app_type,sign,did,time
access-control-allow-origin: *, *
x-cache-lookup: Cache Miss, Cache Miss
x-nws-log-uuid: 17066379979457117669
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjaozTASa4oFBKKf%2FzTX3IvKdcYbJY%2FFPREEuhET2RUbSYW7XineLqlSpa8ZLa8L0tw0IOU43tTVszJn5CFQEY5ka3S0DwfNMyeUeQx6U8M1IRhPlLADiMjkCFt9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f686d40b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

kaod42.com/user/login/?oofelo=mvn0q

194.53.53.11

301 Moved Permanently

8.3 kB

URL User Request GET HTTP/3
kaod42.com/user/login/?oofelo=mvn0q
IP
194.53.53.11:443
ASN
#209242 Cloudflare London, LLC

Certificate
IssuerLet's Encrypt
Subjectkaod42.com
FingerprintEE:99:76:35:BF:35:18:AB:EB:76:7A:DA:25:01:D6:E9:CE:C3:73:76
ValidityMon, 18 Mar 2024 04:00:51 GMT - Sun, 16 Jun 2024 04:00:50 GMT

File type

Size
8.3 kB (8310 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user/login/?oofelo=mvn0q HTTP/1.1
Host: kaod42.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kaod42.com/user/login/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Fri, 26 Apr 2024 18:26:39 GMT
content-type: text/html
location: https://hfcd66.com/user/login/?oofelo=mvn0q
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FeBeBbeMLzvLMnl9l9IQUrZjJzl23pnrpqeJA9GOzpt%2BQW%2F0CG7BaJlgrGx5ZCYhHM7M0d8F0ibA5sRMdNI1vF4VENjIbmWZsghC%2B5C5%2FEahFjLSBLqX1r8wBVl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a89f532d03b527-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by