Report - yqzydqhs.com/

Report Overview

Visited public
2025-04-02 07:52:23
Tags
URL
yqzydqhs.com/
Finishing URL
yqzydqhs.com/
IP / ASN
38.6.169.17
#400619 AROSS-AS
Title
应城市巨越科技有限公司

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
250219.bj.bcebos.com	unknown	2014-08-28	2025-03-01	2025-04-01	445 B	200 kB	103.235.47.176
cbu01.alicdn.com	44205	2008-06-25	2015-04-17	2025-03-27	1.9 kB	1.4 MB	47.246.44.248
sz.ggshezhantc.com	unknown	2024-10-16	2024-10-17	2025-03-29	899 B	449 kB	221.131.165.39
static.wixstatic.com	5648	2013-04-10	2013-06-07	2025-03-27	1.9 kB	288 kB	54.240.174.21
img.lanchougroup.com	unknown	2021-08-01	2025-03-22	2025-03-29	948 B	878 kB	90.84.161.22
img.jmyqsl.com	unknown	2024-07-01	2024-12-07	2025-03-26	922 B	286 kB	154.82.90.135
999abc777abc.com	unknown	unknown	2025-04-02	2025-04-02	463 B	838 kB	208.98.45.142
img.cospa3500.top	unknown	2024-11-17	2025-02-17	2025-03-27	439 B	0 B	0.0.0.0
images.607images.com	unknown	2025-02-06	2025-02-17	2025-03-28	909 B	0 B	0.0.0.0
img.cospa3600.top	unknown	2024-11-17	2025-02-07	2025-03-27	456 B	0 B	0.0.0.0
img.blkj58.com	unknown	2021-02-19	2024-12-10	2025-04-01	936 B	523 kB	84.17.37.217
we.nn11001.com	unknown	2024-09-08	2024-09-08	2025-03-27	922 B	0 B	0.0.0.0
lf26-cdn-tos.bytecdntp.com	356167	2021-01-11	2022-03-16	2025-03-28	452 B	95 kB	27.221.84.33
hhapk777.getehu.com	unknown	2024-07-01	2025-02-25	2025-04-01	2.7 kB	987 kB	180.163.146.86
lf6-cdn-tos.bytecdntp.com	420032	2021-01-11	2022-05-13	2025-03-29	458 B	566 kB	103.155.16.183
ky99.img3019946235.com	unknown	2025-03-05	2025-03-07	2025-04-01	457 B	308 kB	36.156.184.48
dfg7d.dfgdg655.top	unknown	2025-03-16	2025-03-22	2025-04-01	1.8 kB	384 kB	43.251.56.202
seyoutupian.dqntwl.com	unknown	2023-05-22	2025-02-26	2025-03-27	889 B	366 kB	180.163.146.81
imgs.imgclh.com	unknown	2023-01-19	2023-06-29	2025-04-01	1.8 kB	234 kB	172.67.197.136
images.835images13.com	unknown	2024-12-20	2024-12-21	2025-04-01	910 B	0 B	0.0.0.0
7299tu75.cc	unknown	2024-03-10	2024-04-16	2025-03-15	884 B	214 kB	149.104.142.92
tup.julai8.com	unknown	unknown	2025-04-01	2025-04-01	879 B	1.2 MB	104.21.32.1
yqzydqhs.com	unknown	2024-12-27	2025-04-02	2025-04-02	1.8 kB	75 kB	38.6.169.17
pic1.zhimg.com	38293	2011-08-05	2014-06-21	2025-03-27	424 B	40 kB	43.152.140.107
587image.com	unknown	2023-05-10	2024-10-26	2025-03-30	439 B	28 kB	45.207.243.68
ddf.hongyuec.com	unknown	unknown	No data	No data	10 kB	716 kB	198.200.56.65
yj88.img0861648062.com	unknown	2025-03-05	2025-03-14	2025-04-01	1.8 kB	1.3 MB	36.156.184.48
a250306.tp308ky0306.vip	unknown	2025-03-06	2025-03-26	2025-03-26	452 B	0 B	0.0.0.0
888abc555abc.com	unknown	2025-03-17	2025-03-25	2025-03-25	463 B	208 kB	208.98.45.142
hm.baidu.com	8254	1999-10-11	2012-05-26	2025-03-26	1.2 kB	31 kB	111.45.11.83
www.aoptf.top	unknown	2025-02-06	2025-02-14	2025-03-26	928 B	87 kB	188.114.96.1
images.537images12.com	unknown	2024-12-29	2025-01-23	2025-04-01	909 B	598 kB	23.150.248.237
222bbb333kkk.com	unknown	2025-02-13	2025-03-03	2025-03-22	463 B	502 kB	208.98.45.142
pg88.img5403410365.com	unknown	2025-03-05	2025-03-22	2025-04-01	913 B	667 kB	122.195.186.3
txdy.2016os.com	unknown	2016-01-20	2025-02-06	2025-04-01	877 B	524 kB	180.163.146.92
dd-static.jd.com	197375	1992-09-29	2021-06-29	2025-03-27	2.0 kB	610 kB	120.193.39.193
87img.ezrent.hk	unknown	2022-03-27	2025-02-16	2025-03-25	924 B	287 kB	47.246.44.221
img.729952.com	unknown	2023-11-15	2024-12-01	2025-03-22	460 B	38 kB	202.81.235.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-01	medium	jmyqsl.com	Sinkholed
2025-04-02	medium	835images13.com	Sinkholed
2025-04-02	medium	7299tu75.cc	Sinkholed
2025-04-02	medium	888abc555abc.com	Sinkholed
2025-04-02	medium	aoptf.top	Sinkholed
2025-04-01	medium	jmyqsl.com	Sinkholed
2025-04-02	medium	835images13.com	Sinkholed
2025-04-02	medium	7299tu75.cc	Sinkholed
2025-04-02	medium	aoptf.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	ddf.hongyuec.com/app/#/home	ScriptElement	144 B	2025-04-02	2025-04-02
Pretty URL ddf.hongyuec.com/app/#/home IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash e225f2c2630863b3e12092b45785e9ad dc2e73f2f9538215d3f82cbfdfe089644074780f c84f3131cbb22804d4a0d59575dfd129edc95833554a732db57d7509c2339d5f Loading...

	lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/video.js/7.15.4/video.min.js	ScriptElement	565 kB	2023-03-07	2025-04-02
Pretty URL lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/video.js/7.15.4/video.min.js IP 103.155.16.183 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-04-02 07:52 Times Seen232 Hash a2df35f9e35bf402739e420f53c32b20 1869f1754fead8bc0fc1992c3a467c819b6a92bc e2bc00ad423c38087c7704c762fafd0ea05109f81c84dbff23f89bc23703828f Loading...

	hm.baidu.com/hm.js?5bf28cf5500ae78fd47694fd36b1cedf	ScriptElement	30 kB	2025-04-02	2025-04-02
Pretty URL hm.baidu.com/hm.js?5bf28cf5500ae78fd47694fd36b1cedf IP 111.45.11.83 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 17956926c427b4621943055011ac8691 e1f82c209bbe791917850b94d55ba13d3805cbcd c45cf2323dd31789b4224542b3f1d65ef9791be19dee94f1842eb07cc307a928 Loading...

	yqzydqhs.com/	Function	363 B	2025-04-02	2025-04-02
Pretty URL yqzydqhs.com/ IP 38.6.169.17 ASN #400619 AROSS-AS Introduced by Function Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 6c9b703d163a0ac817c91bdc1615ec29 93419d3e171779d9d16cdc9a07ad081c8d6f5aa7 4b45bc4d2b14df99dc7b2e6d81c9033cbcdd63227e3f529a3b2cd24e430c4ca8 Loading...

	ddf.hongyuec.com/app/#/home	ScriptElement	7.5 kB	2025-04-02	2025-04-02
Pretty URL ddf.hongyuec.com/app/#/home IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 62c3656e1510985f9f933cee69cd19dd ad6d89eca2dae4abd18a68ef0d639dbb4e6b03f9 7c7453bd512fba3b8a844905722422d349a657645d878f4f9e40e8966eff5ef9 Loading...

	ddf.hongyuec.com/app/static/js/w4i0c8b9-app.main.js	ScriptElement	82 kB	2024-10-12	2025-04-02
Pretty URL ddf.hongyuec.com/app/static/js/w4i0c8b9-app.main.js IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:54 Last Seen2025-04-02 07:52 Times Seen12 Hash 3ac65206bdac67d1411a0fb167ab59cc 8d9123027e006a2617544412dc8d2f033cd5ade3 bf1b4ad6305a2a555c22710a749796b681ac5589f60a2b9250202ba3401c94bd Loading...

	ddf.hongyuec.com/app/#/home	ScriptElement	150 B	2025-04-02	2025-04-02
Pretty URL ddf.hongyuec.com/app/#/home IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 8a86a6a8dd7d1a6538fdf135cc1ca6c0 5d2e1133528ba193adcfb2fbf28c37137ef3db96 ecc0ef68f1f1e8fa3cb5225d574feb7c06143530ac20c00de92a88a808e4fc14 Loading...

	yqzydqhs.com/	ScriptElement	31 kB	2025-04-02	2025-04-02
Pretty URL yqzydqhs.com/ IP 38.6.169.17 ASN #400619 AROSS-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 46b141a4e46e7ff61bef6a9ec113b5fc 8d53e08436c0034d4ff8c610a133cf0af75f7911 8785ae5e95f3d52311da51a583e59ab5b43b6d3e1586969a048ec4913a6e7646 Loading...

	yqzydqhs.com/	Eval	8.9 kB	2025-03-03	2025-04-02
Pretty URL yqzydqhs.com/ IP 38.6.169.17 ASN #400619 AROSS-AS Introduced by eval Embedded in HTML false Observations First Seen2025-03-03 06:10 Last Seen2025-04-02 07:52 Times Seen7 Hash 3771b020735665830f877189ca7ea17f 5066eeb730567f682db8a08b0b66161483a7eb0d ddd7122d8657f9423479856273cff23a8acefa483a94f60d40fd0e797ce7a1f2 Loading...

	yqzydqhs.com/	Function	37 B	2023-04-11	2025-04-03
Pretty URL yqzydqhs.com/ IP 38.6.169.17 ASN #400619 AROSS-AS Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-04-03 07:36 Times Seen32837 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	ddf.hongyuec.com/app/#/home	Eval	1.8 kB	2025-04-02	2025-04-02
Pretty URL ddf.hongyuec.com/app/#/home IP 198.200.56.65 ASN #54600 PEG-SV Introduced by eval Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 0fe45db7725a560fbea1025a6d797fc4 89a73f418b0bda9f9dce9fa30bd6d93c70bdf19f 303d8db95e20420d15836ba2af2ece629cb174edeffd88c7d0f27a17c3a7d348 Loading...

	ddf.hongyuec.com/app/#/home	ScriptElement	82 B	2024-08-04	2025-04-02
Pretty URL ddf.hongyuec.com/app/#/home IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-04 07:59 Last Seen2025-04-02 07:52 Times Seen4 Hash 17b85ad967b9994478bf26d356687850 c03899779380fe7dd3af51b52197dadfc433e2ef 81a693f849491923a333f8708d5610373ffb189a0e43015959c2216bca69579d Loading...

	ddf.hongyuec.com/app/user/lang.js	ScriptElement	1.9 kB	2024-09-28	2025-04-02
Pretty URL ddf.hongyuec.com/app/user/lang.js IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 12:39 Last Seen2025-04-02 07:52 Times Seen51 Hash b0149f91b13d1255e6818f0868e278cf c6578f4862d97f2b0566613c9bd9a02048aa9701 6a2646b29c8d452f658bec632a61611cfe4ab94be8c0e273982bbc87dfc70b59 Loading...

	ddf.hongyuec.com/app/static/js/w4i0c8b9-vue.min.js	ScriptElement	94 kB	2023-03-07	2025-04-03
Pretty URL ddf.hongyuec.com/app/static/js/w4i0c8b9-vue.min.js IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-04-03 02:45 Times Seen1789 Hash 6c81f02ad0bf8e12a66c18cab188d029 abd239f02966b2d324b0512c203bdbaf82a4ed7a 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Loading...

	yqzydqhs.com/	ScriptElement	295 B	2025-04-02	2025-04-02
Pretty URL yqzydqhs.com/ IP 38.6.169.17 ASN #400619 AROSS-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 0b3ea363f5cf868c7d586e4931c898be af997114f626176c769bab7023fc6b5790bffb4e 1f6bab74a4185030ee83e3c09d6a4c1af24bfcbcf6f6f32db5a2b960eeb862e6 Loading...

	yqzydqhs.com/	Function	37 B	2023-04-11	2025-04-03
Pretty URL yqzydqhs.com/ IP 38.6.169.17 ASN #400619 AROSS-AS Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-04-03 07:36 Times Seen32837 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	ddf.hongyuec.com/app/user/userConfig.js	ScriptElement	330 B	2024-10-12	2025-04-02
Pretty URL ddf.hongyuec.com/app/user/userConfig.js IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:54 Last Seen2025-04-02 07:52 Times Seen12 Hash d16cfd112fbf45b5474edca80c5eb38c 31dfdd854a302fb02067551a9b9819f5c2f33638 7d52d8a53491a71582b1cc6b4c795e266d2b4c74c0e71631add880c291fbe72c Loading...

	lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/vue/2.6.11/vue.min.js	ScriptElement	94 kB	2023-03-07	2025-04-03
Pretty URL lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/vue/2.6.11/vue.min.js IP 27.221.84.33 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-04-03 02:45 Times Seen1789 Hash 6c81f02ad0bf8e12a66c18cab188d029 abd239f02966b2d324b0512c203bdbaf82a4ed7a 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Loading...

	ddf.hongyuec.com/app/user/app-tj.js	ScriptElement	963 B	2025-04-02	2025-04-02
Pretty URL ddf.hongyuec.com/app/user/app-tj.js IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 2d7736c8d7fbd4db333aec80c3bbc1cf 28c3708aec5a8e0dd0e50cd9023d050da9d7d59a fe870b5784c5418f5ce5d72a218b32349d04e1db8acdf04cc642b6adc0f0993a Loading...

	ddf.hongyuec.com/app/static/js/w4i0c8b9-chunk-vendors.js	ScriptElement	166 kB	2024-09-28	2025-04-02
Pretty URL ddf.hongyuec.com/app/static/js/w4i0c8b9-chunk-vendors.js IP 198.200.56.65 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 12:39 Last Seen2025-04-02 07:52 Times Seen50 Hash c81679ed5fc2c36d9ccf2dffd1bfb118 30a443dbadce3323d1cc217a9741a978aba95eba 2e36bda96baa49578af4a3c5d087db6fdfeefce972b247231854ebb8754aa8bf Loading...

		Size	First Seen	Last Seen
	#1 Write - 474eb5ab9fafbd3cc7b8a76f8621eace	1.8 kB	2025-04-02 07:52	2025-04-02 07:52
Pretty Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 474eb5ab9fafbd3cc7b8a76f8621eace fba00755f5dcece696863b4204e835d40ec4115a a1132c333c58a2225963eeb619fee6b5efbab744ae1e96827d55f761f1efdc67 Loading...

	#2 Write - 24d5f845edda343137166b84b2d85c7e	76 B	2025-04-02 07:52	2025-04-02 07:52
Pretty Observations First Seen2025-04-02 07:52 Last Seen2025-04-02 07:52 Times Seen1 Hash 24d5f845edda343137166b84b2d85c7e 423d93d13ad5a57239198b8dbf927e8ee11ca816 2aff3ceb9eb1e668ecefd8f73a190634bf24172494629c345e04671be3d74696 Loading...

HTTP Transactions (101)

URL IP Response Size

img.blkj58.com/images/91274636-75a7-4385-b3e7-cee240ce87ef

84.17.37.217

302 Found

105 kB

URL GET
img.blkj58.com/images/91274636-75a7-4385-b3e7-cee240ce87ef
IP
84.17.37.217:443
ASN
#60068 Datacamp Limited

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimg.blkj58.com
FingerprintFF:58:5F:1C:C2:D8:08:E8:0A:CF:D5:5F:34:9B:78:76:89:BE:FE:AE
ValiditySat, 29 Mar 2025 05:30:10 GMT - Fri, 27 Jun 2025 05:30:09 GMT

File type

Size
105 kB (105052 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/91274636-75a7-4385-b3e7-cee240ce87ef HTTP/1.1
Host: img.blkj58.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 02 Apr 2025 07:52:07 GMT
content-length: 0
location: https://cbu01.alicdn.com/img/ibank/O1CN01MbOFa01Bs32Wqj71N_!!0-1-cib.gif
server: BunnyCDN-HK1-1059
cdn-pullzone: 3538648
cdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954
cdn-requestcountrycode: NO
access-control-allow-headers: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cdn-proxyver: 1.22
cdn-requestpullsuccess: True
cdn-requestpullcode: 302
cdn-cachedat: 04/02/2025 06:28:02
cdn-edgestorageid: 1059
cdn-requestid: 54b5a4b34327081a1a413c99ae5be6f5
cdn-cache: HIT
cdn-status: 302
cdn-requesttime: 0
X-Firefox-Spdy: h2

img.blkj58.com/images/c4c8451c-31d5-4c62-9a95-ce39f8f8073e

84.17.37.217

302 Found

417 kB

URL GET
img.blkj58.com/images/c4c8451c-31d5-4c62-9a95-ce39f8f8073e
IP
84.17.37.217:443
ASN
#60068 Datacamp Limited

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimg.blkj58.com
FingerprintFF:58:5F:1C:C2:D8:08:E8:0A:CF:D5:5F:34:9B:78:76:89:BE:FE:AE
ValiditySat, 29 Mar 2025 05:30:10 GMT - Fri, 27 Jun 2025 05:30:09 GMT

File type

Size
417 kB (416881 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/c4c8451c-31d5-4c62-9a95-ce39f8f8073e HTTP/1.1
Host: img.blkj58.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 02 Apr 2025 07:52:07 GMT
content-length: 0
location: https://cbu01.alicdn.com/img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif
server: BunnyCDN-HK1-1059
cdn-pullzone: 3538648
cdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954
cdn-requestcountrycode: NO
access-control-allow-headers: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cdn-proxyver: 1.22
cdn-requestpullsuccess: True
cdn-requestpullcode: 302
cdn-cachedat: 04/02/2025 06:28:02
cdn-edgestorageid: 1059
cdn-requestid: 34e6926e1f677afd6c2a4d0d46e362bd
cdn-cache: HIT
cdn-status: 302
cdn-requesttime: 1
X-Firefox-Spdy: h2

ddf.hongyuec.com/api/d8768a/public/urls.json?ver=4-2-7&IC=a56f7b

198.200.56.65

200 OK

233 B

URL GET
ddf.hongyuec.com/api/d8768a/public/urls.json?ver=4-2-7&IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Unicode text, UTF-8 text, with no line terminators
Size
233 B (233 bytes)
Hash
e8c0b44c1e2c843743688f1066863f91
63525a27116ca8498a1d360ca0583f9f7a054c81
b9a423684859b61959977b3a2a9ed6c799864f5bd0d0e479c08d73764f0c6916

HTTP Headers

GET /api/d8768a/public/urls.json?ver=4-2-7&IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ec8ad7-e9"
last-modified: Wed, 02 Apr 2025 00:54:47 GMT
server: nginx
x-cache: UPDATING
content-length: 233
X-Firefox-Spdy: h2

dfg7d.dfgdg655.top:9990/banner/960X60.gif

43.251.56.202

200 OK

160 kB

URL GET
dfg7d.dfgdg655.top:9990/banner/960X60.gif
IP
43.251.56.202:9990
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectdfg7d.dfgdg655.top
FingerprintA1:AE:45:B6:AE:6B:25:81:4C:1B:32:A4:9F:8C:10:13:94:77:E7:3B
ValiditySun, 16 Mar 2025 14:43:10 GMT - Sat, 14 Jun 2025 14:43:09 GMT

File type
GIF image data, version 89a, 960 x 60
Size
160 kB (160358 bytes)
Hash
4d5c20cecb7dae5b3ba23e7b7952ac13
1ed367e234e7ba60edac68333e2d8bcaa45d0b23
f0d477e6ee6bfe68ca505cee7e756759a135048452f9fb8192d44117a3718256

HTTP Headers

GET /banner/960X60.gif HTTP/1.1
Host: dfg7d.dfgdg655.top:9990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 02 Apr 2025 07:52:08 GMT
Content-Type: image/gif
Content-Length: 160358
Connection: keep-alive
Last-Modified: Sun, 23 Mar 2025 13:22:59 GMT
ETag: "67e00b33-27266"
Expires: Thu, 24 Apr 2025 14:30:05 GMT
Cache-Control: max-age=2592000
Server: CDN
X-Cache-Status: HIT
Accept-Ranges: bytes

ddf.hongyuec.com/app/static/fonts/iconfont.woff2

198.200.56.65

200 OK

6.7 kB

URL GET
ddf.hongyuec.com/app/static/fonts/iconfont.woff2
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6740, version 1.0
Size
6.7 kB (6740 bytes)
Hash
a6dbce704d1dd4d8ac9d42f0f0db0c52
1e34ae9e4a197775fe52ed6ff9de300145b181c7
452e744a180f6c6d8b3a91fe74d1e293715396ed1596999429520afe79edbbdb

HTTP Headers

GET /app/static/fonts/iconfont.woff2 HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/static/css/w4i0c8b9-app.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: font/woff2
date: Wed, 02 Apr 2025 06:47:12 GMT
etag: "66ec63b2-1a54"
last-modified: Wed, 02 Apr 2025 06:47:12 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 6740
X-Firefox-Spdy: h2

pg88.img5403410365.com:8686/8888/PG/logo150.gif

122.195.186.3

200 OK

153 kB

URL GET
pg88.img5403410365.com:8686/8888/PG/logo150.gif
IP
122.195.186.3:8686
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectpg88.img5403410365.com
FingerprintA6:2C:A4:A5:12:D2:4A:B1:68:30:A4:40:D8:57:D0:EE:C1:A6:57:3E
ValidityWed, 05 Mar 2025 11:15:06 GMT - Tue, 03 Jun 2025 11:15:05 GMT

File type
GIF image data, version 89a, 150 x 150
Size
153 kB (153150 bytes)
Hash
9c2cd11f6ff22df91d4ea14d224e6f56
2298cb35de4d8749cfb462044fa6ef9ecc3f195f
3f800942e2a815e74c138ad564ca9f32c59ecae785a3c78017aad3b774b310c9

HTTP Headers

GET /8888/PG/logo150.gif HTTP/1.1
Host: pg88.img5403410365.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 06:45:06 GMT
etag: "668bf8ca-2563e"
expires: Fri, 02 May 2025 06:45:06 GMT
last-modified: Wed, 02 Apr 2025 07:05:11 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 153150
X-Firefox-Spdy: h2

seyoutupian.dqntwl.com/150x150-d.gif

180.163.146.81

200 OK

90 kB

URL GET
seyoutupian.dqntwl.com/150x150-d.gif
IP
180.163.146.81:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectseyoutupian.dqntwl.com
Fingerprint7A:F2:37:B4:6E:3A:C4:DC:54:0F:0E:73:13:92:E8:DF:8D:9B:97:44
ValidityMon, 24 Feb 2025 00:00:00 GMT - Sat, 24 May 2025 23:59:59 GMT

File type
GIF image data, version 89a, 150 x 150
Size
90 kB (89831 bytes)
Hash
c0199e916abf6b98406503986883300b
2ccce0e0db9f791e5d1803d514e4750051ba2628
11674350c066d52b9cbf6f351a04ee36660e582774d8a1559b7be6af7879aa2d

HTTP Headers

GET /150x150-d.gif HTTP/1.1
Host: seyoutupian.dqntwl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 89831
strict-transport-security: max-age=5184000
date: Mon, 10 Mar 2025 09:03:07 GMT
last-modified: Wed, 12 Feb 2025 08:41:12 GMT
vary: Accept-Encoding
etag: "67ac5ea8-15ee7"
expires: Wed, 09 Apr 2025 09:03:07 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: ens-cache12.l2cn7656[0,0,200-0,H], ens-cache29.l2cn7656[2,0], kunlun10.cn7174[0,0,200-0,H], kunlun1.cn7174[2,0]
age: 1982942
ali-swift-global-savetime: 1741597387
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 10 Mar 2025 10:49:58 GMT
x-swift-cachetime: 2585589
timing-allow-origin: *
eagleid: b4a3921517435803289997159e
X-Firefox-Spdy: h2

tup.julai8.com/gif/200x200.gif

104.21.32.1

200 OK

944 kB

URL GET
tup.julai8.com/gif/200x200.gif
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectjulai8.com
Fingerprint94:88:8B:40:44:2D:4C:70:D7:B0:43:98:56:A7:29:A1:C9:E4:7D:A7
ValiditySun, 23 Mar 2025 09:54:23 GMT - Sat, 21 Jun 2025 10:53:12 GMT

File type
GIF image data, version 89a, 200 x 200
Size
944 kB (944054 bytes)
Hash
2e2815ec2e477639d2b94236b07bb16d
4558c5fe0a0dd937568aac1584155074e73e19df
21c493a412bfd710b273ca20154592aacbc727dcc4046bad67f3e3227d1c3d5e

HTTP Headers

GET /gif/200x200.gif HTTP/1.1
Host: tup.julai8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:08 GMT
content-type: image/gif
content-length: 944054
server: cloudflare
last-modified: Tue, 01 Apr 2025 13:16:57 GMT
etag: "67ebe749-e67b6"
expires: Thu, 01 May 2025 23:54:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 28673
cf-cache-status: HIT
cf-ray: 929ebebbeebf56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/js/w4i0c8b9-vue.min.js

198.200.56.65

200 OK

94 kB

URL GET
ddf.hongyuec.com/app/static/js/w4i0c8b9-vue.min.js
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (93670 bytes)
Hash
6c81f02ad0bf8e12a66c18cab188d029
abd239f02966b2d324b0512c203bdbaf82a4ed7a
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

HTTP Headers

GET /app/static/js/w4i0c8b9-vue.min.js HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: application/javascript
date: Wed, 02 Apr 2025 06:47:11 GMT
etag: "66ec63b2-84f3"
last-modified: Wed, 02 Apr 2025 06:47:11 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 34035
X-Firefox-Spdy: h2

imgs.imgclh.com/imgs/2025/02/05/9b0ed081b086e2bc.gif

172.67.197.136

200 OK

50 kB

URL GET
imgs.imgclh.com/imgs/2025/02/05/9b0ed081b086e2bc.gif
IP
172.67.197.136:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectimgclh.com
FingerprintC3:42:03:36:AD:3A:35:54:E7:C4:2A:D2:39:32:E4:82:17:1B:B3:4C
ValiditySat, 15 Mar 2025 13:16:16 GMT - Fri, 13 Jun 2025 14:14:24 GMT

File type
GIF image data, version 89a, 200 x 200
Size
50 kB (49506 bytes)
Hash
6d24aeecbd65409b386b2c7d1bc4c9e5
4b54504d90ea796d79293b1bc109f71d91e9d152
3169934e3a2746d123b70916493a4c3c6f8dcde89eaddd2a87136fdac8caf745

HTTP Headers

GET /imgs/2025/02/05/9b0ed081b086e2bc.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:03 GMT
content-type: image/gif
content-length: 49506
last-modified: Tue, 04 Feb 2025 17:07:31 GMT
etag: "67a24953-c162"
expires: Mon, 21 Apr 2025 21:56:24 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 899739
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdYEI7%2FJL068SwESX%2BdiQiBsbdpbAENgIc4cG5HBvDzsOW0%2B0FucsWRb2ivl1NgodWVSQVL90hsUo%2FObP%2FeOWGesgJw%2FgHV4yuHLAk8rmBAVEc%2B7xIqMmb6IimxqiPDBrvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 929ebe9f69c00b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1573&min_rtt=846&rtt_var=263&sent=144&recv=47&lost=0&retrans=0&sent_bytes=187463&recv_bytes=1505&delivery_rate=39135135&cwnd=256&unsent_bytes=0&cid=33c475e016353969&ts=610&x=0"
X-Firefox-Spdy: h2

img.jmyqsl.com/bcd0d20f500f7d1ec58c04254e3303bf.gif

154.82.90.135

307 Temporary Redirect

228 kB

URL GET
img.jmyqsl.com/bcd0d20f500f7d1ec58c04254e3303bf.gif
IP
154.82.90.135:443
ASN
#399077 TERAEXCH

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerUnizeto Technologies S.A.
Subjectwg1.zjqjs.com
Fingerprint62:32:93:E5:23:17:B0:60:2A:F4:95:F7:3B:22:45:D7:7E:4A:C4:BD
ValidityMon, 18 Nov 2024 14:49:34 GMT - Thu, 18 Dec 2025 14:49:33 GMT

File type

Size
228 kB (227711 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bcd0d20f500f7d1ec58c04254e3303bf.gif HTTP/1.1
Host: img.jmyqsl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: NgxFence
date: Wed, 02 Apr 2025 07:52:09 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://87img.ezrent.hk/bcd0d20f500f7d1ec58c04254e3303bf.gif
x-cache: DYNAMIC
X-Firefox-Spdy: h2

txdy.2016os.com/150x150-l-1.gif

180.163.146.92

200 OK

58 kB

URL GET
txdy.2016os.com/150x150-l-1.gif
IP
180.163.146.92:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecttxdy.2016os.com
FingerprintE7:5F:81:4A:4E:88:2F:A0:68:C2:F7:26:53:28:C3:30:B7:C8:DB:3B
ValidityWed, 05 Feb 2025 22:32:01 GMT - Tue, 06 May 2025 22:32:00 GMT

File type
GIF image data, version 89a, 150 x 150
Size
58 kB (58278 bytes)
Hash
a92335255c35fe8948d6ca51b54269d0
536d5bc9643cb677af83cd2c9871af00d17f0811
ff742838029a27282f853e0a8401baff41b8738f199a00f4408411358b340c51

HTTP Headers

GET /150x150-l-1.gif HTTP/1.1
Host: txdy.2016os.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 58278
strict-transport-security: max-age=5184000
date: Sun, 23 Mar 2025 07:52:21 GMT
expires: Tue, 22 Apr 2025 07:52:21 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: ens-cache11.l2cn7656[0,0,304-0,H], ens-cache54.l2cn7656[1,0], kunlun8.cn7174[0,0,200-0,H], kunlun9.cn7174[2,0]
last-modified: Tue, 11 Mar 2025 07:19:59 GMT
vary: Accept-Encoding
etag: "67cfe41f-e3a6"
age: 863983
ali-swift-global-savetime: 1742716341
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 23 Mar 2025 07:52:26 GMT
x-swift-cachetime: 2591995
timing-allow-origin: *
eagleid: b4a3921d17435803247793874e
X-Firefox-Spdy: h2

250219.bj.bcebos.com/59x200x200.gif

103.235.47.176

200 OK

199 kB

URL GET
250219.bj.bcebos.com/59x200x200.gif
IP
103.235.47.176:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerDigiCert, Inc.
Subject*.bj.bcebos.com
FingerprintB1:52:29:A6:04:F3:08:89:4D:35:11:08:A6:C3:B3:08:3D:F5:68:96
ValidityMon, 24 Mar 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT

File type
GIF image data, version 89a, 200 x 200
Size
199 kB (199316 bytes)
Hash
8128463f230f7b7ff2ce81c6b7828e27
2fa4e672b7f751c1d48b7f81f4470d00337e308a
4eea069778a68a7d8f58a482cf63a2a68864ec43f9a03a0b14ea8520bd89cf53

HTTP Headers

GET /59x200x200.gif HTTP/1.1
Host: 250219.bj.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 02 Apr 2025 07:52:09 GMT
Content-Type: image/gif
Content-Length: 199316
Connection: keep-alive
Accept-Ranges: bytes
ETag: "-667cb5d83b97ffac7172efd38493cd68"
Expires: Sat, 05 Apr 2025 07:52:09 GMT
Last-Modified: Thu, 20 Feb 2025 07:35:11 GMT
Server: BceBos
x-bce-content-crc32: 2845565151
x-bce-debug-id: aj422QRUXg83RaBl2OjNMdmgB0UFDkSUUle6kBkWIVF7JvQ77VhSNhDjLPck5PL4Dimjnj5UUS5/TkWmvoCc3A==
x-bce-flow-control-type: -1
x-bce-is-transition: false
x-bce-request-id: 0936b85b-d5db-4e44-bdbf-5a38b6555625
x-bce-storage-class: STANDARD

ddf.hongyuec.com/app/static/css/w4i0c8b9-app.css

198.200.56.65

200 OK

48 kB

URL GET
ddf.hongyuec.com/app/static/css/w4i0c8b9-app.css
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
ASCII text, with very long lines (47495), with no line terminators
Size
48 kB (47495 bytes)
Hash
31f2726df7348698d68e864ee3b662d4
ee0c0c6894af9a88208523a370d308b3a8cc5ab8
278d911fd176b5c78f2ccff9e390a83bab9eca2f384664e629fd3ccb10e62121

HTTP Headers

GET /app/static/css/w4i0c8b9-app.css HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/css
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ec63b2-1fdd"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 8157
X-Firefox-Spdy: h2

cbu01.alicdn.com/img/ibank/O1CN010ZahmG1Bs32lftSoR_!!0-1-cib.gif

47.246.44.248

200 OK

523 kB

URL GET
cbu01.alicdn.com/img/ibank/O1CN010ZahmG1Bs32lftSoR_!!0-1-cib.gif
IP
47.246.44.248:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
GIF image data, version 89a, 200 x 200
Size
523 kB (523207 bytes)
Hash
7f8321ce389ac8ed6639fc8b08dfb278
e87739e43b44bae63384562f47c3bca91c16f5a4
b3f5ab0a58c294be184090b8f11a6bfd1c0b2ea3cca867e6f655d1b415514517

HTTP Headers

GET /img/ibank/O1CN010ZahmG1Bs32lftSoR_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddf.hongyuec.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 523207
date: Thu, 27 Mar 2025 11:21:56 GMT
last-modified: Wed, 26 Mar 2025 15:05:05 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.028
traceid: 2ff6329a17430745164285030e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: ens-cache5.l2de3[0,0,200-0,H], ens-cache12.l2de3[2,0], ens-cache9.se2[0,0,200-0,H], ens-cache8.se2[3,0]
access-control-allow-origin: *
age: 505815
ali-swift-global-savetime: 1743074516
x-cache: HIT TCP_HIT dirn:10:382598378
x-swift-savetime: Thu, 27 Mar 2025 14:56:33 GMT
x-swift-cachetime: 31523123
timing-allow-origin: *
eagleid: 2ff62c9c17435803317396865e
X-Firefox-Spdy: h2

imgs.imgclh.com/imgs/2025/02/05/78a97f8739e82d4d.gif

172.67.197.136

200 OK

50 kB

URL GET
imgs.imgclh.com/imgs/2025/02/05/78a97f8739e82d4d.gif
IP
172.67.197.136:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectimgclh.com
FingerprintC3:42:03:36:AD:3A:35:54:E7:C4:2A:D2:39:32:E4:82:17:1B:B3:4C
ValiditySat, 15 Mar 2025 13:16:16 GMT - Fri, 13 Jun 2025 14:14:24 GMT

File type
GIF image data, version 89a, 960 x 55
Size
50 kB (49925 bytes)
Hash
5b099c55cd5270e8d858ab60ef60913a
ab40737151301713b0302257ae93aaac26053e99
e7b7b83e57a3655179bf71b203098da12d93fafac95cadd4583a94351bf49ada

HTTP Headers

GET /imgs/2025/02/05/78a97f8739e82d4d.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:03 GMT
content-type: image/gif
content-length: 49925
server: cloudflare
accept-ranges: bytes
last-modified: Tue, 04 Feb 2025 17:07:31 GMT
etag: "67a24953-c305"
expires: Fri, 25 Apr 2025 00:51:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 630054
cf-ray: 929ebe9c3d650b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dd-static.jd.com/ddimg/jfs/t1/272546/30/14593/97196/004ed301F10de6ae8/1a20636dbad45378.gif

120.193.39.193

200 OK

97 kB

URL GET
dd-static.jd.com/ddimg/jfs/t1/272546/30/14593/97196/004ed301F10de6ae8/1a20636dbad45378.gif
IP
120.193.39.193:443
ASN
#56041 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint92:4E:4D:EF:01:B7:40:4D:09:8D:F8:98:68:CB:2E:83:EC:27:E6:59
ValidityThu, 14 Nov 2024 09:42:02 GMT - Mon, 15 Dec 2025 07:09:54 GMT

File type
GIF image data, version 89a, 200 x 200
Size
97 kB (97196 bytes)
Hash
0946a0e9b240ae36bafcf0506626d3c7
beda9e9f68417787aadf3b27722410ec5be17fcd
74311be9efd985113120732002d54dd2a8898719df53374b7ca341acd9a0fe1b

HTTP Headers

GET /ddimg/jfs/t1/272546/30/14593/97196/004ed301F10de6ae8/1a20636dbad45378.gif HTTP/1.1
Host: dd-static.jd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Apr 2025 07:52:09 GMT
Content-Type: image/gif
Content-Length: 97196
Connection: keep-alive
Cache-Control: max-age=15552000
Expires: Mon, 29 Sep 2025 06:39:58 GMT
Last-Modified: Tue, 01 Apr 2025 00:00:00 GMT
Age: 4331
Via: http/1.1 ORI-CLOUD-HUZ-MIX-30 (jcs [cMsSfW]), http/1.1 ZJwenzhou-CM-01-MIX-224 (jcs [cRs f ])
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Trace: 200-1743575998218-0-0-0-51-51;200;200-1743575998170-0-0-0-88-88;200-1743580329655-0-0-0-1-1

tup.julai8.com/gif/960-55.gif

104.21.32.1

200 OK

234 kB

URL GET
tup.julai8.com/gif/960-55.gif
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectjulai8.com
Fingerprint94:88:8B:40:44:2D:4C:70:D7:B0:43:98:56:A7:29:A1:C9:E4:7D:A7
ValiditySun, 23 Mar 2025 09:54:23 GMT - Sat, 21 Jun 2025 10:53:12 GMT

File type
GIF image data, version 89a, 960 x 55
Size
234 kB (234101 bytes)
Hash
f2ae39d547284aebe5590cb15dcd8201
c81ca23cb912db12e04fe719b6427799d301d9f1
cac7e46b667885c0bf04581304e1870a46ddea63f53f7e220592e35340f6def2

HTTP Headers

GET /gif/960-55.gif HTTP/1.1
Host: tup.julai8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:08 GMT
content-type: image/gif
content-length: 234101
server: cloudflare
accept-ranges: bytes
last-modified: Tue, 01 Apr 2025 13:16:12 GMT
etag: "67ebe71c-39275"
expires: Thu, 01 May 2025 23:53:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 28689
cf-ray: 929ebebbde9f56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

imgs.imgclh.com/imgs/2025/02/05/43025e82739265b6.gif

172.67.197.136

200 OK

64 kB

URL GET
imgs.imgclh.com/imgs/2025/02/05/43025e82739265b6.gif
IP
172.67.197.136:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectimgclh.com
FingerprintC3:42:03:36:AD:3A:35:54:E7:C4:2A:D2:39:32:E4:82:17:1B:B3:4C
ValiditySat, 15 Mar 2025 13:16:16 GMT - Fri, 13 Jun 2025 14:14:24 GMT

File type
GIF image data, version 89a, 250 x 250
Size
64 kB (63493 bytes)
Hash
c8a9e7b5ad80aea7ad8e20a1526e1de6
2ec223033a024d7da5be96687df7603b9275033a
71a744d99dc7036c6636b432d56c4e195eff50a86e56775f1fc38df0942baa45

HTTP Headers

GET /imgs/2025/02/05/43025e82739265b6.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:03 GMT
content-type: image/gif
content-length: 63493
server: cloudflare
accept-ranges: bytes
last-modified: Wed, 05 Feb 2025 10:58:58 GMT
etag: "67a34472-f805"
expires: Mon, 21 Apr 2025 21:56:24 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 899739
cf-ray: 929ebe9f093c0b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cbu01.alicdn.com/img/ibank/O1CN01MbOFa01Bs32Wqj71N_!!0-1-cib.gif

47.246.44.248

200 OK

105 kB

URL GET
cbu01.alicdn.com/img/ibank/O1CN01MbOFa01Bs32Wqj71N_!!0-1-cib.gif
IP
47.246.44.248:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
GIF image data, version 89a, 980 x 80
Size
105 kB (105052 bytes)
Hash
ab49bde381ec96be0fe9d898e0d22cf8
727772e44c22a3638e74d29fb1d1bc6a73c4534b
5fcffbc8ce8bd47c1b1965dd2032542b8478d089466bc93a6b2fd994bdd74e05

HTTP Headers

GET /img/ibank/O1CN01MbOFa01Bs32Wqj71N_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddf.hongyuec.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 105052
date: Wed, 19 Mar 2025 07:53:01 GMT
last-modified: Tue, 11 Mar 2025 08:01:50 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.007
traceid: 2ff6029b17423707812725741e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: ens-cache16.l2de3[0,0,200-0,H], ens-cache2.l2de3[1,0], ens-cache4.se2[0,0,200-0,H], ens-cache8.se2[1,0]
access-control-allow-origin: *
age: 1209550
ali-swift-global-savetime: 1742370781
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 19 Mar 2025 07:54:17 GMT
x-swift-cachetime: 31535924
timing-allow-origin: *
eagleid: 2ff62c9c17435803313026548e
X-Firefox-Spdy: h2

87img.ezrent.hk/bcd0d20f500f7d1ec58c04254e3303bf.gif

47.246.44.221

200 OK

228 kB

URL GET
87img.ezrent.hk/bcd0d20f500f7d1ec58c04254e3303bf.gif
IP
47.246.44.221:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerUnizeto Technologies S.A.
Subject87img.ezrent.hk
Fingerprint5F:13:A3:BF:BB:9D:EE:B9:13:E2:FE:71:FD:39:47:25:3F:47:EB:AC
ValiditySun, 16 Feb 2025 05:29:47 GMT - Wed, 18 Mar 2026 05:29:46 GMT

File type
GIF image data, version 89a, 960 x 60
Size
228 kB (227711 bytes)
Hash
982ae8070775a575183c87abcd35b1e8
d229bed6ed5de7e0e383803792464fb1b6e5c9df
593c1196c0f6809df6b8e2964588e312be4b34da9bfedd6e82827113601a8ff6

HTTP Headers

GET /bcd0d20f500f7d1ec58c04254e3303bf.gif HTTP/1.1
Host: 87img.ezrent.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddf.hongyuec.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 227711
Connection: keep-alive
Date: Wed, 19 Mar 2025 06:08:45 GMT
Expires: Fri, 18 Apr 2025 06:08:45 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Via: ens-cache14.l2de3[0,0,304-0,H], ens-cache18.l2de3[2,0], ens-cache8.se2[0,0,200-0,H], ens-cache7.se2[3,0]
Last-Modified: Thu, 06 Feb 2025 17:19:06 GMT
Vary: Accept-Encoding
ETag: "67a4ef0a-3797f"
Age: 1215807
Ali-Swift-Global-Savetime: 1742364525
X-Cache: HIT TCP_HIT dirn:9:271044058
X-Swift-SaveTime: Sat, 22 Mar 2025 04:51:17 GMT
X-Swift-CacheTime: 2337448
Timing-Allow-Origin: *
EagleId: 2ff62c9b17435803328306223e

dd-static.jd.com/ddimg/jfs/t1/283502/37/13402/92614/004ed301Fcca405cf/5eb7cd84a17c90c0.gif

120.193.39.193

200 OK

93 kB

URL GET
dd-static.jd.com/ddimg/jfs/t1/283502/37/13402/92614/004ed301Fcca405cf/5eb7cd84a17c90c0.gif
IP
120.193.39.193:443
ASN
#56041 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint92:4E:4D:EF:01:B7:40:4D:09:8D:F8:98:68:CB:2E:83:EC:27:E6:59
ValidityThu, 14 Nov 2024 09:42:02 GMT - Mon, 15 Dec 2025 07:09:54 GMT

File type
GIF image data, version 89a, 200 x 200
Size
93 kB (92614 bytes)
Hash
823b91eaf9e9c49a5db19990d90fbbc0
40efadc4968691f1d7914fcccde0682d4a3d3a58
5d9af39d932ba342317007ce69df7cb7c4544eb3c1c0246ef55b3794dc465b7e

HTTP Headers

GET /ddimg/jfs/t1/283502/37/13402/92614/004ed301Fcca405cf/5eb7cd84a17c90c0.gif HTTP/1.1
Host: dd-static.jd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Apr 2025 07:52:09 GMT
Content-Type: image/gif
Content-Length: 92614
Connection: keep-alive
Cache-Control: max-age=15552000
Expires: Mon, 29 Sep 2025 06:38:58 GMT
Last-Modified: Tue, 01 Apr 2025 00:00:00 GMT
Age: 4391
Via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cMsSfW]), http/1.1 ZJwenzhou-CM-01-MIX-221 (jcs [cRs f ])
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Trace: 200-1743575938821-0-0-0-27-27;200;200-1743575938788-0-0-0-106-106;200-1743580329535-0-0-0-1-1

dd-static.jd.com/ddimg/jfs/t1/277575/4/14493/209675/004ed301F9f385a90/a26f975030764719.gif

120.193.39.193

200 OK

210 kB

URL GET
dd-static.jd.com/ddimg/jfs/t1/277575/4/14493/209675/004ed301F9f385a90/a26f975030764719.gif
IP
120.193.39.193:443
ASN
#56041 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint92:4E:4D:EF:01:B7:40:4D:09:8D:F8:98:68:CB:2E:83:EC:27:E6:59
ValidityThu, 14 Nov 2024 09:42:02 GMT - Mon, 15 Dec 2025 07:09:54 GMT

File type
GIF image data, version 89a, 960 x 60
Size
210 kB (209675 bytes)
Hash
47759820eded9faee90c089d9d63d5b7
afedfc65d85d630376088ac48bc55deb908e1309
c5b58ebea8386fca069992522f0d0147a4d8c598bde3ea3df07267ccc71b286e

HTTP Headers

GET /ddimg/jfs/t1/277575/4/14493/209675/004ed301F9f385a90/a26f975030764719.gif HTTP/1.1
Host: dd-static.jd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Apr 2025 07:52:09 GMT
Content-Type: image/gif
Content-Length: 209675
Connection: keep-alive
Cache-Control: max-age=15552000
Expires: Mon, 29 Sep 2025 06:38:38 GMT
Last-Modified: Tue, 01 Apr 2025 00:00:00 GMT
Age: 4411
Via: http/1.1 ORI-CLOUD-HUZ-MIX-26 (jcs [cMsSfW]), http/1.1 ZJwenzhou-CM-01-MIX-223 (jcs [cRs f ])
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Trace: 200-1743575918498-0-0-1-35-35;200;200-1743575918371-0-0-0-68-68;200-1743580329591-0-0-0-1-1

images.835images13.com:6699/images/logo.gif

0.0.0.0

0 B

URL GET
images.835images13.com:6699/images/logo.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimages.835images13.com
Fingerprint6D:78:E1:5C:D9:21:58:6B:A5:96:E2:D7:00:B3:93:8F:6D:DE:E4:B8
ValidityTue, 21 Jan 2025 12:37:02 GMT - Mon, 21 Apr 2025 12:37:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.gif HTTP/1.1
Host: images.835images13.com:6699
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

we.nn11001.com/00165139bb76d845bfa39bde42b929c5.gif

0.0.0.0

0 B

URL GET
we.nn11001.com/00165139bb76d845bfa39bde42b929c5.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectwe.nn11001.com
Fingerprint6C:D7:A7:72:AE:69:3B:01:8C:6C:B3:F6:A4:74:C9:B2:E9:D9:4E:06
ValidityThu, 27 Feb 2025 15:28:50 GMT - Wed, 28 May 2025 15:28:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /00165139bb76d845bfa39bde42b929c5.gif HTTP/1.1
Host: we.nn11001.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

sz.ggshezhantc.com:8686/960x55-60b.gif

221.131.165.39

200 OK

231 kB

URL GET
sz.ggshezhantc.com:8686/960x55-60b.gif
IP
221.131.165.39:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectsz.ggshezhantc.com
FingerprintEB:E5:39:83:F5:8C:F1:2D:1B:A6:89:CD:B1:9B:92:10:7D:70:5D:2F
ValidityTue, 14 Jan 2025 10:03:56 GMT - Mon, 14 Apr 2025 10:03:55 GMT

File type
GIF image data, version 89a, 960 x 55
Size
231 kB (231207 bytes)
Hash
27c269136df88cdcc5002d937e24d882
c322bf655d1a759eae8b0d86ee1284bf73154b0e
1d50722dddc294a39773158eeb1f64eff28535857676707984f846130e82596f

HTTP Headers

GET /960x55-60b.gif HTTP/1.1
Host: sz.ggshezhantc.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 05:21:25 GMT
etag: "67cac6dc-38727"
expires: Fri, 02 May 2025 05:21:25 GMT
last-modified: Wed, 02 Apr 2025 05:22:12 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 231207
X-Firefox-Spdy: h2

yj88.img0861648062.com:8686/8888/jnc/jnc80.gif

36.156.184.48

200 OK

734 kB

URL GET
yj88.img0861648062.com:8686/8888/jnc/jnc80.gif
IP
36.156.184.48:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectyj88.img0861648062.com
Fingerprint0F:6F:32:B5:1C:45:51:BD:BF:A8:D2:67:D4:07:17:8A:F3:2D:16:8D
ValidityWed, 05 Mar 2025 11:15:07 GMT - Tue, 03 Jun 2025 11:15:06 GMT

File type
GIF image data, version 89a, 960 x 80
Size
734 kB (734027 bytes)
Hash
0fb098e34cbb802f261ed3126bf9e701
cd79336a660e7fcca51c79deb880daf66a860b94
b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150

HTTP Headers

GET /8888/jnc/jnc80.gif HTTP/1.1
Host: yj88.img0861648062.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 07:34:28 GMT
etag: "664dc89d-b334b"
expires: Fri, 02 May 2025 07:34:28 GMT
last-modified: Wed, 02 Apr 2025 07:37:35 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 734027
X-Firefox-Spdy: h2

pg88.img5403410365.com:8686/8888/pg1101/80.gif

122.195.186.3

200 OK

513 kB

URL GET
pg88.img5403410365.com:8686/8888/pg1101/80.gif
IP
122.195.186.3:8686
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectpg88.img5403410365.com
FingerprintA6:2C:A4:A5:12:D2:4A:B1:68:30:A4:40:D8:57:D0:EE:C1:A6:57:3E
ValidityWed, 05 Mar 2025 11:15:06 GMT - Tue, 03 Jun 2025 11:15:05 GMT

File type
GIF image data, version 89a, 960 x 80
Size
513 kB (513079 bytes)
Hash
8caf0ff9e9b12cc3e908d70df3e502c9
7e889aa7fe8705511422502b6b188ec76828e2fc
8b7c521e764182efa88f1a2202bb8c6cf63728e4f9915fa45681b90fe5941ade

HTTP Headers

GET /8888/pg1101/80.gif HTTP/1.1
Host: pg88.img5403410365.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 06:00:18 GMT
etag: "678fded9-7d437"
expires: Fri, 02 May 2025 06:00:18 GMT
last-modified: Wed, 02 Apr 2025 06:00:25 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 513079
X-Firefox-Spdy: h2

7299tu75.cc/ml/ml200x200-008.gif

149.104.142.92

200 OK

64 kB

URL GET
7299tu75.cc/ml/ml200x200-008.gif
IP
149.104.142.92:443
ASN
#8796 FD-298-8796

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject7299tu75.cc
FingerprintB8:31:8E:80:01:B1:5F:EA:A4:D5:C5:BD:B4:99:83:F6:AC:59:79:FD
ValidityWed, 19 Feb 2025 00:35:38 GMT - Tue, 20 May 2025 00:35:37 GMT

File type
GIF image data, version 89a, 200 x 200
Size
64 kB (63577 bytes)
Hash
f1c47a162ee308d92c80d9ecd31d033f
16cdd6ce349563f0505d59a90ef3305bd7a40d00
e591aa9688f77341fc345094485505712dfa97681dd978122fe8d07f40c5f4c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ml/ml200x200-008.gif HTTP/1.1
Host: 7299tu75.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 02 Apr 2025 07:52:04 GMT
Content-Type: image/gif
Content-Length: 63577
Connection: keep-alive
Last-Modified: Fri, 31 May 2024 12:21:08 GMT
ETag: "6659c0b4-f859"
Expires: Wed, 16 Apr 2025 11:50:06 GMT
Cache-Control: max-age=2592000
Via: mycdn
CDN-Cache: HIT
Accept-Ranges: bytes

ddf.hongyuec.com/app/static/js/w4i0c8b9-app.main.js

198.200.56.65

200 OK

82 kB

URL GET
ddf.hongyuec.com/app/static/js/w4i0c8b9-app.main.js
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
82 kB (81641 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/static/js/w4i0c8b9-app.main.js HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: application/javascript
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ec63b2-65d4"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 26068
X-Firefox-Spdy: h2

yqzydqhs.com/favicon.ico

38.6.169.17

200 OK

34 kB

URL GET
yqzydqhs.com/favicon.ico
IP
38.6.169.17:443
ASN
#400619 AROSS-AS

Requested by
https://yqzydqhs.com/
Certificate
IssuerLet's Encrypt
Subjectyqzydqhs.com
FingerprintC6:94:A3:F0:FD:FB:D7:08:32:CA:B9:0F:11:64:66:02:A6:9C:71:5C
ValidityMon, 17 Feb 2025 04:43:45 GMT - Sun, 18 May 2025 04:43:44 GMT

File type

Size
34 kB (34136 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: yqzydqhs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yqzydqhs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Apr 2025 07:51:54 GMT
Etag: W/"67d7e70d-8558"
Last-Modified: Mon, 17 Mar 2025 09:10:37 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Transfer-Encoding: chunked

ddf.hongyuec.com/api/d8768a/public/setting.json?ver=4-2-2&IC=a56f7b

198.200.56.65

200 OK

2.1 kB

URL GET
ddf.hongyuec.com/api/d8768a/public/setting.json?ver=4-2-2&IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Unicode text, UTF-8 text, with very long lines (2201), with no line terminators
Size
2.1 kB (2059 bytes)
Hash
95f8decd6bb49296ec9286341a9af177
a53c5cbb5eeacc756203fbbf7d1b15577b24db5f
da9c717f957e5d94cf3ef16f864c97da22c74e08ac2e8fcaf6b9959a54a0a962

HTTP Headers

GET /api/d8768a/public/setting.json?ver=4-2-2&IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ec8ad7-80b"
last-modified: Wed, 02 Apr 2025 00:54:47 GMT
server: nginx
x-cache: UPDATING
content-length: 2059
X-Firefox-Spdy: h2

ddf.hongyuec.com/api/d8768a/movie/home.json?IC=a56f7b

198.200.56.65

200 OK

16 kB

URL GET
ddf.hongyuec.com/api/d8768a/movie/home.json?IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
16 kB (15625 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/d8768a/movie/home.json?IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ec8ad7-3d09"
last-modified: Wed, 02 Apr 2025 00:54:47 GMT
server: nginx
x-cache: UPDATING
content-length: 15625
X-Firefox-Spdy: h2

ddf.hongyuec.com/api/d8768a/public/webdata.json?ver=4-2-7&IC=a56f7b

198.200.56.65

200 OK

29 kB

URL GET
ddf.hongyuec.com/api/d8768a/public/webdata.json?ver=4-2-7&IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
29 kB (28960 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/d8768a/public/webdata.json?ver=4-2-7&IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ece77a-7120"
last-modified: Wed, 02 Apr 2025 07:30:02 GMT
server: nginx
x-cache: UPDATING
content-length: 28960
X-Firefox-Spdy: h2

999abc777abc.com/e1c3e68755bc401a86b301248fdc184a.gif

208.98.45.142

200 OK

838 kB

URL GET
999abc777abc.com/e1c3e68755bc401a86b301248fdc184a.gif
IP
208.98.45.142:443
ASN
#46844 SHARKTECH

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerZeroSSL
Subject999abc777abc.com
FingerprintA7:ED:0A:DD:60:2A:FA:AD:48:E7:81:D8:BF:9B:2E:57:04:95:19:9D
ValidityTue, 18 Mar 2025 00:00:00 GMT - Mon, 16 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80
Size
838 kB (837644 bytes)
Hash
6d09e1bf9b9ea7c03bc5e425b50a9de8
7197363753bc7b4e8f7d14b2b137f1dec897ebd0
19d42abf9fa85ffe5a5871899db5371f9ca350ea0c737dba52d4160113fccf9b

HTTP Headers

GET /e1c3e68755bc401a86b301248fdc184a.gif HTTP/1.1
Host: 999abc777abc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 02 Apr 2025 07:52:08 GMT
content-type: image/gif
content-length: 837644
last-modified: Wed, 02 Oct 2024 06:55:12 GMT
etag: "66fcee50-cc80c"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

static.wixstatic.com/media/21a21b_3ed84369b35842ada1cc851a53d3713f~mv2.gif

54.240.174.21

200 OK

51 kB

URL GET
static.wixstatic.com/media/21a21b_3ed84369b35842ada1cc851a53d3713f~mv2.gif
IP
54.240.174.21:443
ASN
#16509 AMAZON-02

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject*.wixstatic.com
Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E
ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT

File type
GIF image data, version 89a, 200 x 200
Size
51 kB (50921 bytes)
Hash
9b053259fc977b35a855d3e3ab91eb5b
b74808e54e7fb830f63684943c1d692b168645b2
db57fd648cd48f4f5998718c5d9257f51908ee98701963d6290f2d8fe4244c9b

HTTP Headers

GET /media/21a21b_3ed84369b35842ada1cc851a53d3713f~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 50921
server: openresty/1.27.1.1
date: Wed, 05 Feb 2025 12:01:43 GMT
expires: Wed, 05 Feb 2025 13:01:43 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Wed, 05 Feb 2025 12:01:16 GMT
etag: "9b053259fc977b35a855d3e3ab91eb5b"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-62qd5
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Dj5YIjPFvq4tQ52sh6zlDiS0WqB_DAZS2FF6PgASQr8Ulpd4C977bA==
age: 4823421
X-Firefox-Spdy: h2

hhapk777.getehu.com/3391/1372/1372-150x150.gif

180.163.146.86

200 OK

152 kB

URL GET
hhapk777.getehu.com/3391/1372/1372-150x150.gif
IP
180.163.146.86:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT

File type
GIF image data, version 89a, 150 x 150
Size
152 kB (152416 bytes)
Hash
fd5fd8333d1bb74f320f917d5d276d02
86d777015e72e04624e8e8d4c6ff098a302c38ea
58ce4b25c3fb5b4dd2c5da7853ac66692d8b2d49aa96ec3e0d9375c192da5959

HTTP Headers

GET /3391/1372/1372-150x150.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 152416
strict-transport-security: max-age=5184000
date: Fri, 21 Mar 2025 08:45:51 GMT
expires: Sun, 20 Apr 2025 08:45:51 GMT
cache-control: max-age=2592000
last-modified: Thu, 13 Mar 2025 08:30:46 GMT
vary: Accept-Encoding
etag: "67d297b6-25360"
accept-ranges: bytes
via: cache35.l2cn7492[0,2,200-0,H], cache14.l2cn7492[3,0], kunlun1.cn7174[0,0,200-0,H], kunlun1.cn7174[1,0]
age: 1033576
ali-swift-global-savetime: 1742546751
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 30 Mar 2025 04:06:34 GMT
x-swift-cachetime: 1831157
timing-allow-origin: *
eagleid: b4a3921517435803277372415e
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/css/w4i0c8b9-variable-2.css

198.200.56.65

200 OK

930 B

URL GET
ddf.hongyuec.com/app/static/css/w4i0c8b9-variable-2.css
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
ASCII text, with very long lines (992), with no line terminators
Size
930 B (930 bytes)
Hash
ce6f7190e3354e9ddf266482041bfe8b
3e39856f595a0e394fa2987f4c455229fbe86088
8b9186565c92d8ff949bc4d27feaea565821e2f84e89a5ee23c2cfb49e698db4

HTTP Headers

GET /app/static/css/w4i0c8b9-variable-2.css HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: text/css
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ec63b2-3a2"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 930
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/user/app-tj.js

198.200.56.65

200 OK

963 B

URL GET
ddf.hongyuec.com/app/user/app-tj.js
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (765), with no line terminators
Size
963 B (963 bytes)
Hash
6dbdf5f53e0df545dfd1b5a1aebeca3f
29e8be7f68fb374d83edaf4390ccadca01f06fb0
94fc394608c157aebb2ae5471fcd79fda7b39d92f2ea3d22daea45beb6491f24

HTTP Headers

GET /app/user/app-tj.js HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/javascript
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "67ec76fa-3c3"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 963
X-Firefox-Spdy: h2

dd-static.jd.com/ddimg/jfs/t1/274677/9/14533/208566/004ed301F7c51dd70/bbdc6cf373d6f844.gif

120.193.39.193

200 OK

209 kB

URL GET
dd-static.jd.com/ddimg/jfs/t1/274677/9/14533/208566/004ed301F7c51dd70/bbdc6cf373d6f844.gif
IP
120.193.39.193:443
ASN
#56041 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint92:4E:4D:EF:01:B7:40:4D:09:8D:F8:98:68:CB:2E:83:EC:27:E6:59
ValidityThu, 14 Nov 2024 09:42:02 GMT - Mon, 15 Dec 2025 07:09:54 GMT

File type
GIF image data, version 89a, 960 x 60
Size
209 kB (208566 bytes)
Hash
bd3d68890cf8d60050b39576da003fb7
40376c8866b93f291936e32cf92a8a006184f999
ecb5857f55a18cfa783128d148fdd0272615f48a3d19ab2845f956c53b579e7a

HTTP Headers

GET /ddimg/jfs/t1/274677/9/14533/208566/004ed301F7c51dd70/bbdc6cf373d6f844.gif HTTP/1.1
Host: dd-static.jd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Apr 2025 07:52:09 GMT
Content-Type: image/gif
Content-Length: 208566
Connection: keep-alive
Cache-Control: max-age=15552000
Expires: Sun, 28 Sep 2025 13:10:49 GMT
Last-Modified: Tue, 01 Apr 2025 00:00:00 GMT
Age: 67280
Via: http/1.1 ORI-CLOUD-HUZ-MIX-26 (jcs [cRs f ]), http/1.1 ZJwenzhou-CM-01-MIX-217 (jcs [cRs f ])
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Trace: 200-1743513049818-0-0-0-2-2;200;200-1743513049836-0-0-0-295-295;200-1743580329563-0-0-0-1-1

hm.baidu.com/hm.js?5bf28cf5500ae78fd47694fd36b1cedf

111.45.11.83

200 OK

30 kB

URL GET
hm.baidu.com/hm.js?5bf28cf5500ae78fd47694fd36b1cedf
IP
111.45.11.83:443
ASN
#9808 China Mobile Communications Group Co., Ltd.

Requested by
https://yqzydqhs.com/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
JavaScript source, ASCII text, with very long lines (616)
Size
30 kB (29892 bytes)
Hash
17956926c427b4621943055011ac8691
e1f82c209bbe791917850b94d55ba13d3805cbcd
c45cf2323dd31789b4224542b3f1d65ef9791be19dee94f1842eb07cc307a928

HTTP Headers

GET /hm.js?5bf28cf5500ae78fd47694fd36b1cedf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yqzydqhs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11286
Content-Type: application/javascript
Date: Wed, 02 Apr 2025 07:51:55 GMT
Etag: 15278dc14143966c2fac6f91e944cc4d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=72B3590C6E78D1B4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ddf.hongyuec.com/app/static/css/w4i0c8b9-video-js.min.css

198.200.56.65

200 OK

41 kB

URL GET
ddf.hongyuec.com/app/static/css/w4i0c8b9-video-js.min.css
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
41 kB (40692 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/static/css/w4i0c8b9-video-js.min.css HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/css
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ec63b2-2898"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 10392
X-Firefox-Spdy: h2

hhapk777.getehu.com/i/3030/960x60.gif

180.163.146.86

200 OK

219 kB

URL GET
hhapk777.getehu.com/i/3030/960x60.gif
IP
180.163.146.86:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT

File type
GIF image data, version 89a, 960 x 60
Size
219 kB (219233 bytes)
Hash
662c62879567be3cdc5fde76973908dd
c86f6717ac1b1a53253654ecfd319a760b7975ab
94e8ad623c75487289b4a3f99be31e89072a06ec023964cc6da3ca15ff6fc167

HTTP Headers

GET /i/3030/960x60.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 219233
strict-transport-security: max-age=5184000
date: Sun, 30 Mar 2025 09:12:41 GMT
last-modified: Sun, 30 Mar 2025 09:06:05 GMT
vary: Accept-Encoding
etag: "67e9097d-35861"
expires: Tue, 29 Apr 2025 09:12:41 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache11.l2cn7492[0,0,200-0,H], cache32.l2cn7492[1,0], kunlun1.cn7174[0,0,200-0,H], kunlun1.cn7174[1,0]
age: 254365
ali-swift-global-savetime: 1743325962
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 01 Apr 2025 07:50:16 GMT
x-swift-cachetime: 2424146
timing-allow-origin: *
eagleid: b4a3921517435803279213104e
X-Firefox-Spdy: h2

static.wixstatic.com/media/21a21b_33f7d7ce0fea4a699b4e6009f09b14a5~mv2.gif

54.240.174.21

200 OK

125 kB

URL GET
static.wixstatic.com/media/21a21b_33f7d7ce0fea4a699b4e6009f09b14a5~mv2.gif
IP
54.240.174.21:443
ASN
#16509 AMAZON-02

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject*.wixstatic.com
Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E
ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT

File type
GIF image data, version 89a, 960 x 60
Size
125 kB (124937 bytes)
Hash
2bc91b40346f5148bbf949dd2cc5ed48
e86e387fb8de8b4ac73adee0d0d288931083716a
fc3f4aa5a2387631b54983437f1fbf08d17212673b84e4b0fe9502b0d2692c67

HTTP Headers

GET /media/21a21b_33f7d7ce0fea4a699b4e6009f09b14a5~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 124937
server: openresty/1.27.1.1
date: Wed, 05 Feb 2025 08:00:52 GMT
expires: Wed, 05 Feb 2025 09:00:52 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Wed, 05 Feb 2025 08:00:33 GMT
etag: "2bc91b40346f5148bbf949dd2cc5ed48"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-4chj2
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WLdwME42VjdVDWEX2mG5JfJMfQSldK-KF912Q8W4NKwZMcYvUDvOoA==
age: 4837873
X-Firefox-Spdy: h2

sz.ggshezhantc.com:8686/fangtu150X150.gif

221.131.165.39

200 OK

217 kB

URL GET
sz.ggshezhantc.com:8686/fangtu150X150.gif
IP
221.131.165.39:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectsz.ggshezhantc.com
FingerprintEB:E5:39:83:F5:8C:F1:2D:1B:A6:89:CD:B1:9B:92:10:7D:70:5D:2F
ValidityTue, 14 Jan 2025 10:03:56 GMT - Mon, 14 Apr 2025 10:03:55 GMT

File type
GIF image data, version 89a, 150 x 150
Size
217 kB (217188 bytes)
Hash
fda1c7a55b8c004b5528176024f2eb48
693d2362839ca7310a7bb35d38ce177c4593143d
49ea4854ee509369964c587f1ec021d818ae52cdc4744e088bd6b4453bf070cf

HTTP Headers

GET /fangtu150X150.gif HTTP/1.1
Host: sz.ggshezhantc.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 07:22:24 GMT
etag: "6783ca48-35064"
expires: Fri, 02 May 2025 07:22:24 GMT
last-modified: Wed, 02 Apr 2025 07:24:11 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 217188
X-Firefox-Spdy: h2

yqzydqhs.com/

38.6.169.17

200 OK

37 kB

URL User Request GET
yqzydqhs.com/
IP
38.6.169.17:443
ASN
#400619 AROSS-AS

Certificate
IssuerLet's Encrypt
Subjectyqzydqhs.com
FingerprintC6:94:A3:F0:FD:FB:D7:08:32:CA:B9:0F:11:64:66:02:A6:9C:71:5C
ValidityMon, 17 Feb 2025 04:43:45 GMT - Sun, 18 May 2025 04:43:44 GMT

File type

Size
37 kB (37306 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: yqzydqhs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Apr 2025 07:51:53 GMT
Etag: W/"67738a84-91ba"
Last-Modified: Tue, 31 Dec 2024 06:09:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Transfer-Encoding: chunked

img.729952.com/images/67c3203ccaa40b03bef7c125.gif

202.81.235.81

302 Found

38 kB

URL GET
img.729952.com/images/67c3203ccaa40b03bef7c125.gif
IP
202.81.235.81:443
ASN
#4658 2012 Limited Netfront

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject729952.com
Fingerprint64:52:18:95:BB:36:C5:61:BB:C7:1E:35:E1:15:B4:B3:30:C0:03:40
ValidityThu, 06 Feb 2025 10:23:51 GMT - Wed, 07 May 2025 10:23:50 GMT

File type

Size
38 kB (38332 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/67c3203ccaa40b03bef7c125.gif HTTP/1.1
Host: img.729952.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://pic1.zhimg.com/v2-bf428e3884143a8e6aa04959d776d645
X-Firefox-Spdy: h2

a250306.tp308ky0306.vip/gggg/200.200.1.gif

0.0.0.0

0 B

URL GET
a250306.tp308ky0306.vip/gggg/200.200.1.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecta250306.tp308ky0306.vip
Fingerprint2C:1B:B5:06:E3:8B:DC:DA:D2:1C:8B:90:27:E9:BB:A5:14:0B:4A:4D
ValidityThu, 06 Mar 2025 04:49:23 GMT - Wed, 04 Jun 2025 04:49:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gggg/200.200.1.gif HTTP/1.1
Host: a250306.tp308ky0306.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

yj88.img0861648062.com:8686/8888/jnc/logo150.gif

36.156.184.48

200 OK

26 kB

URL GET
yj88.img0861648062.com:8686/8888/jnc/logo150.gif
IP
36.156.184.48:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectyj88.img0861648062.com
Fingerprint0F:6F:32:B5:1C:45:51:BD:BF:A8:D2:67:D4:07:17:8A:F3:2D:16:8D
ValidityWed, 05 Mar 2025 11:15:07 GMT - Tue, 03 Jun 2025 11:15:06 GMT

File type
GIF image data, version 89a, 150 x 150
Size
26 kB (25916 bytes)
Hash
00bdc240c1a82587f2c68cff63816bfe
8952158b2f3b89a7a05b67062adebc820350b708
3f7b5e26234b9a36f2915996fe6564ac0aead32c9e55d9d80238fd9768f8d966

HTTP Headers

GET /8888/jnc/logo150.gif HTTP/1.1
Host: yj88.img0861648062.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 07:10:28 GMT
etag: "66d02fb5-653c"
expires: Fri, 02 May 2025 07:10:28 GMT
last-modified: Wed, 02 Apr 2025 07:19:35 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 25916
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/#/home

198.200.56.65

200 OK

14 kB

URL GET
ddf.hongyuec.com/app/#/home
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://yqzydqhs.com/
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
14 kB (14032 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/ HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yqzydqhs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Wed, 02 Apr 2025 07:51:57 GMT
etag: W/"67ec76fa-36d0"
last-modified: Tue, 01 Apr 2025 23:30:02 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
content-length: 3857
X-Firefox-Spdy: h2

img.cospa3500.top/150X150.gif

0.0.0.0

0 B

URL GET
img.cospa3500.top/150X150.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimg.cospa3500.top
FingerprintD9:3C:CA:BF:33:06:AE:45:CD:62:6C:8D:5D:06:F5:FD:5B:E8:34:3E
ValidityMon, 10 Feb 2025 15:26:21 GMT - Sun, 11 May 2025 15:26:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /150X150.gif HTTP/1.1
Host: img.cospa3500.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

hhapk777.getehu.com/i/2525/xinpj-200-200.gif

180.163.146.86

200 OK

150 kB

URL GET
hhapk777.getehu.com/i/2525/xinpj-200-200.gif
IP
180.163.146.86:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT

File type
GIF image data, version 89a, 200 x 200
Size
150 kB (150002 bytes)
Hash
3b69cdd0744cfcb5be4a3a0323842bef
caa3ea2ee8d041a23ef367ee46574d6a500aa20b
0943d13bf4222e2c8a4ecff33c2a6f71f71427daec1c6a1903b1d4ac3d472ec6

HTTP Headers

GET /i/2525/xinpj-200-200.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 150002
strict-transport-security: max-age=5184000
date: Fri, 21 Mar 2025 08:45:53 GMT
expires: Sun, 20 Apr 2025 08:45:53 GMT
cache-control: max-age=2592000
last-modified: Tue, 25 Feb 2025 11:14:50 GMT
vary: Accept-Encoding
etag: "67bda62a-249f2"
accept-ranges: bytes
via: ens-cache64.l2cn7656[0,0,200-0,H], ens-cache17.l2cn7656[0,0], kunlun1.cn7174[0,0,200-0,H], kunlun1.cn7174[10,0]
age: 1033574
ali-swift-global-savetime: 1742546753
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 30 Mar 2025 04:07:00 GMT
x-swift-cachetime: 1831133
timing-allow-origin: *
eagleid: b4a3921517435803278913007e
X-Firefox-Spdy: h2

hhapk777.getehu.com/i/3030/150-150-tuya.gif

180.163.146.86

200 OK

34 kB

URL GET
hhapk777.getehu.com/i/3030/150-150-tuya.gif
IP
180.163.146.86:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT

File type
GIF image data, version 89a, 150 x 150
Size
34 kB (34267 bytes)
Hash
f17b8db8ea863cf152b3896ce8d9091e
87d6eb00a740ebf54333dd5601425fd46292d5e4
86f9cf3f048e2546604c850639b4ad3ad10dad102baacd5626e5e84539a89f24

HTTP Headers

GET /i/3030/150-150-tuya.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 34267
strict-transport-security: max-age=5184000
date: Sun, 30 Mar 2025 09:12:30 GMT
last-modified: Sun, 30 Mar 2025 09:06:04 GMT
vary: Accept-Encoding
etag: "67e9097c-85db"
expires: Tue, 29 Apr 2025 09:12:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache79.l2cn3022[333,333,200-0,M], cache25.l2cn3022[335,0], kunlun6.cn7174[0,-1,200-0,H], kunlun1.cn7174[2,0]
age: 254377
ali-swift-global-savetime: 1743325950
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 30 Mar 2025 09:12:30 GMT
x-swift-cachetime: 2592000
timing-allow-origin: *
eagleid: b4a3921517435803279023038e
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/js/w4i0c8b9-chunk-vendors.js

198.200.56.65

200 OK

166 kB

URL GET
ddf.hongyuec.com/app/static/js/w4i0c8b9-chunk-vendors.js
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
166 kB (166489 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/static/js/w4i0c8b9-chunk-vendors.js HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: application/javascript
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ec63b2-d514"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 54548
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/user/lang.js

198.200.56.65

200 OK

1.9 kB

URL GET
ddf.hongyuec.com/app/user/lang.js
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Unicode text, UTF-8 text, with very long lines (1802), with no line terminators
Size
1.9 kB (1912 bytes)
Hash
9abaf094d8d6490190d039e779ae543d
2dd948fa38c8dae6906bed7b23a481b4dbcb2096
0e83b7c2cf57f4f992380394d5f98facbfbae3bebbce966a0ce5234eb3b0750c

HTTP Headers

GET /app/user/lang.js HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: application/javascript
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: W/"66ec63b2-778"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 1055
X-Firefox-Spdy: h2

images.607images.com:6699/images/150-150.gif

0.0.0.0

0 B

URL GET
images.607images.com:6699/images/150-150.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimages.607images.com
Fingerprint8C:95:CD:AA:68:DF:F7:3A:3C:79:ED:BF:D3:3E:9E:20:FB:ED:D6:50
ValidityThu, 06 Feb 2025 14:56:13 GMT - Wed, 07 May 2025 14:56:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/150-150.gif HTTP/1.1
Host: images.607images.com:6699
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

888abc555abc.com/27476899cda247b4a5669ecf02c1a402.gif

208.98.45.142

200 OK

208 kB

URL GET
888abc555abc.com/27476899cda247b4a5669ecf02c1a402.gif
IP
208.98.45.142:443
ASN
#46844 SHARKTECH

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerZeroSSL
Subject888abc555abc.com
Fingerprint30:CC:46:CE:60:9E:77:20:BC:9E:D8:60:23:EB:B0:F9:88:7F:84:EB
ValidityTue, 18 Mar 2025 00:00:00 GMT - Mon, 16 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 150 x 150
Size
208 kB (207595 bytes)
Hash
f68f3d0641d54e4dd2729fcb8e1d74cd
9d5f9e6ab489febefdb6b5191e29c88ec2b0efcb
fad384ae73f78b802fe8524b7d9d012a308140408176732ea23c399d72fee14c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27476899cda247b4a5669ecf02c1a402.gif HTTP/1.1
Host: 888abc555abc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 02 Apr 2025 07:52:12 GMT
content-type: image/gif
content-length: 207595
last-modified: Wed, 22 Jan 2025 11:33:05 GMT
etag: "6790d771-32aeb"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/css/w4i0c8b9-chunk-vendors.css

198.200.56.65

200 OK

147 kB

URL GET
ddf.hongyuec.com/app/static/css/w4i0c8b9-chunk-vendors.css
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
147 kB (147120 bytes)
Hash
2befec5baff49924b560d4a2de20a391
7b2437ce716811d7e181b87073702443196f48bd
b8ccb86084acae9aab75ad63e92c3d2ee6e93171c247661f6d2278f5812c2f4d

HTTP Headers

GET /app/static/css/w4i0c8b9-chunk-vendors.css HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/css
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ec63b2-ae8b"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 44683
X-Firefox-Spdy: h2

cbu01.alicdn.com/img/ibank/O1CN01DCDxBY1Bs32mfClgK_!!0-1-cib.gif

47.246.44.248

200 OK

354 kB

URL GET
cbu01.alicdn.com/img/ibank/O1CN01DCDxBY1Bs32mfClgK_!!0-1-cib.gif
IP
47.246.44.248:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
GIF image data, version 89a, 960 x 55
Size
354 kB (353525 bytes)
Hash
7961ece760acaf62d13064c62233f308
195b81549fb6a5a252d894ed313f9d3f2828c609
7aff13b8c205bae6ccefb7005f75b6716aa9b90767b761b3adcc74e3e752a8c2

HTTP Headers

GET /img/ibank/O1CN01DCDxBY1Bs32mfClgK_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddf.hongyuec.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 353525
date: Wed, 26 Mar 2025 15:03:34 GMT
last-modified: Wed, 26 Mar 2025 15:02:56 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.015
traceid: 2ff6309517430014139468493e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: ens-cache8.l2de3[0,0,200-0,H], ens-cache17.l2de3[1,0], ens-cache5.se2[0,1,200-0,H], ens-cache8.se2[3,0]
access-control-allow-origin: *
age: 578917
ali-swift-global-savetime: 1743001414
x-cache: HIT TCP_HIT dirn:9:292241320
x-swift-savetime: Thu, 27 Mar 2025 14:56:24 GMT
x-swift-cachetime: 31450030
timing-allow-origin: *
eagleid: 2ff62c9c17435803313126551e
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/user/userConfig.js

198.200.56.65

200 OK

330 B

URL GET
ddf.hongyuec.com/app/user/userConfig.js
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Unicode text, UTF-8 text, with very long lines (358), with no line terminators
Size
330 B (330 bytes)
Hash
ceebaea524b3f14d8efe35830cc62c99
eb7b77db7f2a9fa119ef29c3e68350c2f30218b1
f748baf721abec0761a0c8e3baeac300af3f378f0980d8844a55e45082bac42f

HTTP Headers

GET /app/user/userConfig.js HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/javascript
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: "66ed47dc-14a"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 330
X-Firefox-Spdy: h2

www.aoptf.top:2087/images/67c5afc104b5fea054729593.gif

188.114.96.1

200 OK

28 kB

URL GET
www.aoptf.top:2087/images/67c5afc104b5fea054729593.gif
IP
188.114.96.1:2087
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectwww.aoptf.top
Fingerprint58:73:6D:9C:0E:B4:53:DF:4D:E3:D3:D7:C2:A0:8E:2A:A4:0C:2A:7E
ValidityThu, 06 Feb 2025 08:13:52 GMT - Wed, 07 May 2025 09:13:50 GMT

File type
RIFF (little-endian) data, Web/P image
Size
28 kB (28130 bytes)
Hash
edfe1286450ec75ddf24c72401e26dab
58f238029bd0d9cc2963979572412ebed23b8c61
633b603bf6e5f1fd0d3f85dee15afab82dbaf21d3deda3482691877e1e9d2861

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/67c5afc104b5fea054729593.gif HTTP/1.1
Host: www.aoptf.top:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:08 GMT
content-type: image/gif
content-length: 28130
cache-control: max-age=86400
accept-ranges: bytes
last-modified: Fri, 21 Mar 2025 10:59:04 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FF4WXKyCH1oBmAJXonbzu6lkD%2FiJzVfd4rMZUCCAHGSFRXAKbHTveUireT%2F0jxB6kn%2Fa8jeHGPgR2PYCcCEu9%2FrlZZLr%2BdKskzGinZ0FDLVf0FCR%2BxiDz07XEdK%2Bd%2BbO5OlMNiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 929ebebb5f6256b5-OSL
alt-svc: h3=":2087"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1118&min_rtt=401&rtt_var=575&sent=35&recv=27&lost=0&retrans=1&sent_bytes=38527&recv_bytes=1321&delivery_rate=12202247&cwnd=254&unsent_bytes=0&cid=5e89b431297b405a&ts=2446&x=0"
X-Firefox-Spdy: h2

img.jmyqsl.com/2df7e3592284c1446e61f03b0bf0287a.gif

154.82.90.135

307 Temporary Redirect

58 kB

URL GET
img.jmyqsl.com/2df7e3592284c1446e61f03b0bf0287a.gif
IP
154.82.90.135:443
ASN
#399077 TERAEXCH

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerUnizeto Technologies S.A.
Subjectwg1.zjqjs.com
Fingerprint62:32:93:E5:23:17:B0:60:2A:F4:95:F7:3B:22:45:D7:7E:4A:C4:BD
ValidityMon, 18 Nov 2024 14:49:34 GMT - Thu, 18 Dec 2025 14:49:33 GMT

File type

Size
58 kB (57617 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2df7e3592284c1446e61f03b0bf0287a.gif HTTP/1.1
Host: img.jmyqsl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: NgxFence
date: Wed, 02 Apr 2025 07:52:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://87img.ezrent.hk/2df7e3592284c1446e61f03b0bf0287a.gif
x-cache: DYNAMIC
X-Firefox-Spdy: h2

static.wixstatic.com/media/432808_9b9384a878df48c9b80a77b14422d706~mv2.gif

54.240.174.21

200 OK

83 kB

URL GET
static.wixstatic.com/media/432808_9b9384a878df48c9b80a77b14422d706~mv2.gif
IP
54.240.174.21:443
ASN
#16509 AMAZON-02

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject*.wixstatic.com
Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E
ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT

File type
GIF image data, version 89a, 960 x 60
Size
83 kB (83246 bytes)
Hash
5c5c14a16e7e0c794096da2b75c13f29
c8d55fafe19f6d7c3650b5ef844ff6dc83c9fbcd
4536db2a9f852eae32a58e4a1051998901d16dbefb8c3b719a036733e27ee361

HTTP Headers

GET /media/432808_9b9384a878df48c9b80a77b14422d706~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 83246
server: openresty/1.27.1.1
date: Tue, 04 Feb 2025 13:21:11 GMT
expires: Tue, 04 Feb 2025 14:21:11 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Tue, 04 Feb 2025 13:20:54 GMT
etag: "5c5c14a16e7e0c794096da2b75c13f29"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-pqqzh
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NZgkEjh4-ht659XNCstdtT-j5mHUcEu9ss6B7tbQ_zcrpXz9-oKCEQ==
age: 4905054
X-Firefox-Spdy: h2

img.cospa3600.top/y960X801dd59345f0ab7af50.gif

0.0.0.0

0 B

URL GET
img.cospa3600.top/y960X801dd59345f0ab7af50.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimg.cospa3600.top
Fingerprint07:24:AE:6C:94:AC:C1:73:10:D1:BC:82:DD:1E:64:FD:61:8E:D3:6C
ValidityMon, 10 Feb 2025 15:26:37 GMT - Sun, 11 May 2025 15:26:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /y960X801dd59345f0ab7af50.gif HTTP/1.1
Host: img.cospa3600.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

images.835images13.com:6699/images/bt960-60.gif

0.0.0.0

0 B

URL GET
images.835images13.com:6699/images/bt960-60.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimages.835images13.com
Fingerprint6D:78:E1:5C:D9:21:58:6B:A5:96:E2:D7:00:B3:93:8F:6D:DE:E4:B8
ValidityTue, 21 Jan 2025 12:37:02 GMT - Mon, 21 Apr 2025 12:37:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bt960-60.gif HTTP/1.1
Host: images.835images13.com:6699
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

images.537images12.com:6699/images/smdt1.gif

23.150.248.237

200 OK

193 kB

URL GET
images.537images12.com:6699/images/smdt1.gif
IP
23.150.248.237:6699
ASN
#63023 AS-GLOBALTELEHOST

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimages.537images12.com
FingerprintC8:18:3D:4C:38:E5:FD:7D:41:18:79:65:77:83:F6:00:50:99:3F:78
ValidityTue, 21 Jan 2025 12:43:49 GMT - Mon, 21 Apr 2025 12:43:48 GMT

File type
GIF image data, version 89a, 200 x 200
Size
193 kB (192790 bytes)
Hash
9cad5e853481678bf0b61f47ca845034
99739f9894f2fcf894148a0b85e1fb3320c3620b
ecc2e2e6652988eb93a13b61dc39c9adac57337c3aaf2092df6b4ae145e800ca

HTTP Headers

GET /images/smdt1.gif HTTP/1.1
Host: images.537images12.com:6699
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
date: Wed, 02 Apr 2025 07:22:24 GMT
etag: "67e69d23-2f116"
last-modified: Wed, 02 Apr 2025 07:22:25 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 192790
X-Firefox-Spdy: h2

pic1.zhimg.com/v2-bf428e3884143a8e6aa04959d776d645

43.152.140.107

200 OK

38 kB

URL GET
pic1.zhimg.com/v2-bf428e3884143a8e6aa04959d776d645
IP
43.152.140.107:443
ASN
#139341 ACE

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerDigiCert, Inc.
Subject*.zhimg.com
Fingerprint87:81:D2:18:0A:9D:6A:15:CA:48:99:B7:32:A2:75:68:71:1B:5F:6C
ValidityTue, 14 Jan 2025 00:00:00 GMT - Wed, 11 Feb 2026 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
38 kB (38332 bytes)
Hash
b3ee484ac9061adc547ef8b801eed371
0ffc915f247baee61d6bcaee587e2f986e08d173
ef374ecd91f5b8c7611f432e05bd7c1554ef6bae30280bdcd5b899e2a2d3b954

HTTP Headers

GET /v2-bf428e3884143a8e6aa04959d776d645 HTTP/1.1
Host: pic1.zhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 09 Feb 2025 10:32:35 GMT
server: Byte-nginx
content-type: image/webp
date: Sun, 09 Feb 2025 10:32:35 GMT
imagex-fmt: awebp2awebp
nw-session-id: 20250209183235EF63DCC2229C6F61716Dbm89601ff
nw-session-trace: 2025-02-09T18:32:35.506917462+08:00 43
server-timing: inner; dur=46
x-bdcdn-cache-status: TCP_MISS
x-length: 38332
x-powered-by: ImageX
x-response-date: Sun, 09 Feb 2025 18:32:35 GMT
x-tt-logid: 20250209183235EF63DCC2229C6F61716D
x-tt-trace-host: 01cef63a2cfd46ca90494e0a58e40ec41ed5641689ebe86d43dee8c77094d1d1b4fbb554c6ea27aace5a3c5540cd0442e22730f4529a2500ea8659b9d4183b597ecdd63b42ddaa944476b526d5cbef3cf049a7787f9d738a159622ed60e9cdc9632df02b0b6d0b4b8403d8adc6d9dd188c1ae48d5c000f00adb0311fe827a39537
x-tt-trace-id: 202502091832358b390d7a259e20DC3727
x-tt-trace-tag: id=5
x-request-ip: 123.150.77.201
x-request-id: 2d6f7709eb8975adfb4245b723c853fd
x-response-cinfo: 123.150.77.201
x-response-cache: miss
cache-control: max-age=31536000
content-length: 38332
accept-ranges: bytes
x-nws-log-uuid: 2354427222683611274
x-cache-lookup: Cache Hit
access-control-allow-origin: *
access-control-max-age: 2592000
x-cdn-provider: tencent
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/css/w4i0c8b9-palette.css

198.200.56.65

200 OK

3.6 kB

URL GET
ddf.hongyuec.com/app/static/css/w4i0c8b9-palette.css
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
ASCII text, with very long lines (3996), with no line terminators
Size
3.6 kB (3618 bytes)
Hash
543b38a76db5bec81769c2b1c8b3223f
f49291dba8d0dfea61b5e20f8b8950d9b293390b
c101d43c2d2bfd05a15a79e98858320284ff936243c794d453b06d8d6a2d8854

HTTP Headers

GET /app/static/css/w4i0c8b9-palette.css HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/css
date: Wed, 02 Apr 2025 06:47:10 GMT
etag: W/"66ec63b2-e22"
last-modified: Wed, 02 Apr 2025 06:47:10 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 1379
X-Firefox-Spdy: h2

222bbb333kkk.com/25132c399320418bb292bf488c9b6653.gif

208.98.45.142

200 OK

501 kB

URL GET
222bbb333kkk.com/25132c399320418bb292bf488c9b6653.gif
IP
208.98.45.142:443
ASN
#46844 SHARKTECH

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerZeroSSL
Subject222bbb333kkk.com
Fingerprint24:C3:DD:D6:EE:AF:D9:FC:26:91:C2:E7:EE:EC:65:4D:F7:DA:85:00
ValidityThu, 13 Feb 2025 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80
Size
501 kB (501289 bytes)
Hash
838b985bf12eab272c63a35252dbf02e
cde9c9ec35767381a1e9b785e4ee21e916d69cdb
823a7e7acc70f13d2815f398739c4acb953ae78cee72fba3c0ff65381acfa731

HTTP Headers

GET /25132c399320418bb292bf488c9b6653.gif HTTP/1.1
Host: 222bbb333kkk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 02 Apr 2025 07:52:05 GMT
content-type: image/gif
content-length: 501289
last-modified: Sun, 02 Mar 2025 12:26:29 GMT
etag: "67c44e75-7a629"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/video.js/7.15.4/video.min.js

103.155.16.183

200 OK

565 kB

URL GET
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/video.js/7.15.4/video.min.js
IP
103.155.16.183:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerDigiCert Inc
Subject*.bytecdntp.com
FingerprintC8:2B:2D:5B:D5:B8:4C:BB:79:6C:99:30:A1:71:01:D1:D0:6D:AE:62
ValidityWed, 22 May 2024 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT

File type

Size
565 kB (565119 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn/expire-1-M/video.js/7.15.4/video.min.js HTTP/1.1
Host: lf6-cdn-tos.bytecdntp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 158442
server: TLB
etag: W/"6265ae91-89f7f"
date: Mon, 31 Mar 2025 05:10:48 GMT
last-modified: Sun, 24 Apr 2022 20:09:53 GMT
expires: Wed, 30 Apr 2025 05:10:48 GMT
age: 182472
cache-control: max-age=2592000
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
server-timing: inner; dur=20
x-tt-trace-host: 01debfb791a7b7ddaedc308ca7eb9d6b6f32b12e99b0d6b12fae18e23904c2927755c7d7eb32edb3858e2eb3cb89dfb4aa043762affb14d8b2c65955c82a2d7f801a31a9d1f2add4a81d6c397d67200c649ee3451d609db4b5caf72ce083f810db
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
x-tt-trace-id: 00-2408212337424C450DACA6BE0382D110-4175550E8744269C-00
x-tt-logid: 202408212337424C450DACA6BE0382D110
x-response-cache: edge_hit
x-link-via: xjp21:443;yancmp15:443;
x-cache-status: HIT from KS-CLOUD-YANC-MP-15-02, HIT from KS-CLOUD-XJP-FOREIGN-21-04
x-response-cinfo: 91.90.42.154
timing-allow-origin: *
x-cdn-request-id: 8947c6ec7d1e3ab5cdaf575809cb7b17
X-Firefox-Spdy: h2

ddf.hongyuec.com/api/d8768a/public/alert.json?ver=4-2-7-5&IC=a56f7b

198.200.56.65

200 OK

3.3 kB

URL GET
ddf.hongyuec.com/api/d8768a/public/alert.json?ver=4-2-7-5&IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Unicode text, UTF-8 text, with very long lines (3363), with no line terminators
Size
3.3 kB (3271 bytes)
Hash
be88b9f63044fb2f219190e812180add
172770745443037494282c18696c4bd063fc1f0b
295201d8bc9557129021748cad6e717dd05fcdc07e50e4ef5861a19ba917cb56

HTTP Headers

GET /api/d8768a/public/alert.json?ver=4-2-7-5&IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ec8ad7-cc7"
last-modified: Wed, 02 Apr 2025 00:54:47 GMT
server: nginx
x-cache: UPDATING
content-length: 3271
X-Firefox-Spdy: h2

yqzydqhs.com/config/config.json?refresh=202532751

38.6.169.17

200 OK

853 B

URL GET
yqzydqhs.com/config/config.json?refresh=202532751
IP
38.6.169.17:443
ASN
#400619 AROSS-AS

Requested by
https://yqzydqhs.com/
Certificate
IssuerLet's Encrypt
Subjectyqzydqhs.com
FingerprintC6:94:A3:F0:FD:FB:D7:08:32:CA:B9:0F:11:64:66:02:A6:9C:71:5C
ValidityMon, 17 Feb 2025 04:43:45 GMT - Sun, 18 May 2025 04:43:44 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (907), with no line terminators
Size
853 B (853 bytes)
Hash
7e5b3ef53f09cb6685714b87472be368
3cd9ae8da25ca86f3eae3ec469914fbd989efb58
df7b3380fe61da1c30832c985e62a76403f736b18babd31c4557f970c17e96b5

HTTP Headers

GET /config/config.json?refresh=202532751 HTTP/1.1
Host: yqzydqhs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yqzydqhs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 853
Content-Type: application/json
Date: Wed, 02 Apr 2025 07:51:54 GMT
Etag: "67ea7547-355"
Last-Modified: Mon, 31 Mar 2025 10:58:15 GMT
Server: nginx

dfg7d.dfgdg655.top:9990/banner/mxx360x100.gif

43.251.56.202

200 OK

192 kB

URL GET
dfg7d.dfgdg655.top:9990/banner/mxx360x100.gif
IP
43.251.56.202:9990
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectdfg7d.dfgdg655.top
FingerprintA1:AE:45:B6:AE:6B:25:81:4C:1B:32:A4:9F:8C:10:13:94:77:E7:3B
ValiditySun, 16 Mar 2025 14:43:10 GMT - Sat, 14 Jun 2025 14:43:09 GMT

File type
GIF image data, version 89a, 360 x 100
Size
192 kB (191513 bytes)
Hash
1eb5ea214b94d312a304f67a0e78190f
8bc1992bb11ea2c050dd164d5b37575995c4b7c6
035d7b82cd4c43cf430c2f0894e909859b038c35e7fdccebcd80cf90397b452c

HTTP Headers

GET /banner/mxx360x100.gif HTTP/1.1
Host: dfg7d.dfgdg655.top:9990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 02 Apr 2025 07:52:12 GMT
Content-Type: image/gif
Content-Length: 191513
Connection: keep-alive
Last-Modified: Mon, 17 Mar 2025 14:46:32 GMT
ETag: "67d835c8-2ec19"
Expires: Thu, 24 Apr 2025 07:33:19 GMT
Cache-Control: max-age=2592000
Server: CDN
X-Cache-Status: HIT
Accept-Ranges: bytes

img.lanchougroup.com/images/0331460e-2305-45c7-ac5d-c3570deced9c

90.84.161.22

302 Found

523 kB

URL GET
img.lanchougroup.com/images/0331460e-2305-45c7-ac5d-c3570deced9c
IP
90.84.161.22:443
ASN
#2285 Orange

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectimg.lanchougroup.com
Fingerprint18:D5:7D:6B:01:CB:E6:F0:14:8F:B3:17:9E:D9:89:CF:DE:5E:64:1C
ValidityThu, 13 Mar 2025 00:00:00 GMT - Tue, 10 Jun 2025 23:59:59 GMT

File type

Size
523 kB (523207 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/0331460e-2305-45c7-ac5d-c3570deced9c HTTP/1.1
Host: img.lanchougroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Wed, 02 Apr 2025 07:52:06 GMT
Content-Length: 0
Connection: keep-alive
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: *
Location: https://cbu01.alicdn.com/img/ibank/O1CN010ZahmG1Bs32lftSoR_!!0-1-cib.gif
Strict-Transport-Security: max-age=31536000
X-CCDN-Origin-Time: 498
Age: 1
via: EU-GER-frankfurt-EDGE5-CACHE6[583],EU-GER-frankfurt-EDGE5-CACHE2[570,TCP_MISS,581],EU-GBR-london-GLOBAL1-CACHE30[527],EU-GBR-london-GLOBAL1-CACHE15[516,TCP_MISS,525],EU-FRA-paris-GLOBAL1-CACHE15[506],EU-FRA-paris-GLOBAL1-CACHE15[503,TCP_MISS,505]
x-hcs-proxy-type: 0
X-CCDN-CacheTTL: 86400
X-CCDN-REQ-ID-46B1: 4c63b8a4e314a488ca8ff248ae1172ea
Cache-Control: max-age=86400

7299tu75.cc/ml/ml960x100-008.gif

149.104.142.92

200 OK

150 kB

URL GET
7299tu75.cc/ml/ml960x100-008.gif
IP
149.104.142.92:443
ASN
#8796 FD-298-8796

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject7299tu75.cc
FingerprintB8:31:8E:80:01:B1:5F:EA:A4:D5:C5:BD:B4:99:83:F6:AC:59:79:FD
ValidityWed, 19 Feb 2025 00:35:38 GMT - Tue, 20 May 2025 00:35:37 GMT

File type
GIF image data, version 89a, 960 x 100
Size
150 kB (150074 bytes)
Hash
c187225924f5da98335c6e359fa4efe2
542240b1c11c28df96d6fc1d89f2a16bb1269b7c
a050b9b42284db09b7bd7cfc692dda6ba23c4bea1fd7035857fb73967f80a731

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ml/ml960x100-008.gif HTTP/1.1
Host: 7299tu75.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 02 Apr 2025 07:52:04 GMT
Content-Type: image/gif
Content-Length: 150074
Connection: keep-alive
Last-Modified: Sat, 14 Sep 2024 06:21:02 GMT
ETag: "66e52b4e-24a3a"
Expires: Wed, 16 Apr 2025 11:49:36 GMT
Cache-Control: max-age=2592000
Via: mycdn
CDN-Cache: HIT
Accept-Ranges: bytes

seyoutupian.dqntwl.com/960x60.gif

180.163.146.81

200 OK

275 kB

URL GET
seyoutupian.dqntwl.com/960x60.gif
IP
180.163.146.81:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectseyoutupian.dqntwl.com
Fingerprint7A:F2:37:B4:6E:3A:C4:DC:54:0F:0E:73:13:92:E8:DF:8D:9B:97:44
ValidityMon, 24 Feb 2025 00:00:00 GMT - Sat, 24 May 2025 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 60
Size
275 kB (275275 bytes)
Hash
7127035cd6db2fa0dec3f8ca1af80bc5
2c5343e8a6526d84a9b58b5befabf9c235518619
4c65a5970255884f5152194cfa8038294c28e6b75a7f4621d94d1e7cc88b12ce

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: seyoutupian.dqntwl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 275275
strict-transport-security: max-age=5184000
date: Sun, 09 Mar 2025 20:30:08 GMT
last-modified: Wed, 12 Feb 2025 08:43:52 GMT
vary: Accept-Encoding
etag: "67ac5f48-4334b"
expires: Tue, 08 Apr 2025 20:30:08 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache7.l2cn7492[0,0,200-0,H], cache2.l2cn7492[2,0], kunlun9.cn7174[0,0,200-0,H], kunlun1.cn7174[5,0]
age: 2028120
ali-swift-global-savetime: 1741552208
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 10 Mar 2025 13:06:13 GMT
x-swift-cachetime: 2532235
timing-allow-origin: *
eagleid: b4a3921517435803289607034e
X-Firefox-Spdy: h2

images.607images.com:6699/images/960x60-1.gif

0.0.0.0

0 B

URL GET
images.607images.com:6699/images/960x60-1.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimages.607images.com
Fingerprint8C:95:CD:AA:68:DF:F7:3A:3C:79:ED:BF:D3:3E:9E:20:FB:ED:D6:50
ValidityThu, 06 Feb 2025 14:56:13 GMT - Wed, 07 May 2025 14:56:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/960x60-1.gif HTTP/1.1
Host: images.607images.com:6699
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ky99.img3019946235.com:8686/8888/xm/5088/80.gif

36.156.184.48

200 OK

308 kB

URL GET
ky99.img3019946235.com:8686/8888/xm/5088/80.gif
IP
36.156.184.48:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectky99.img3019946235.com
Fingerprint39:89:2F:33:95:2B:07:CF:45:5F:AF:3C:6F:4D:73:F9:5A:9B:FC:34
ValidityWed, 05 Mar 2025 11:15:06 GMT - Tue, 03 Jun 2025 11:15:05 GMT

File type
GIF image data, version 89a, 960 x 80
Size
308 kB (308083 bytes)
Hash
83fe69097dc96cf2bc1776292a81592f
e11e5631d21dc74a5224096f8aaaa4dbc96f659c
a236aeca76b74f56d17f4a841d22a933f03b9ea3287cc3efcd80b21b99288f6e

HTTP Headers

GET /8888/xm/5088/80.gif HTTP/1.1
Host: ky99.img3019946235.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 07:43:28 GMT
etag: "66e82c4a-4b373"
expires: Fri, 02 May 2025 07:43:28 GMT
last-modified: Wed, 02 Apr 2025 07:43:35 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 308083
X-Firefox-Spdy: h2

yj88.img0861648062.com:8686//8888/mt/200.gif

36.156.184.48

200 OK

97 kB

URL GET
yj88.img0861648062.com:8686//8888/mt/200.gif
IP
36.156.184.48:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectyj88.img0861648062.com
Fingerprint0F:6F:32:B5:1C:45:51:BD:BF:A8:D2:67:D4:07:17:8A:F3:2D:16:8D
ValidityWed, 05 Mar 2025 11:15:07 GMT - Tue, 03 Jun 2025 11:15:06 GMT

File type
GIF image data, version 89a, 200 x 200
Size
97 kB (97013 bytes)
Hash
2cffc78b8a291452a1feb942e9f045c5
86763e1ad270c5e50b3c50fa0a4c2e0ea781efe2
3a08a6b5fbdc6ca142ec4160ff3a007e1bcba9f8890026fb6ca493f97bd7b829

HTTP Headers

GET //8888/mt/200.gif HTTP/1.1
Host: yj88.img0861648062.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 05:56:41 GMT
etag: "66e1cf3b-17af5"
expires: Fri, 02 May 2025 05:56:41 GMT
last-modified: Wed, 02 Apr 2025 05:56:47 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 97013
X-Firefox-Spdy: h2

587image.com:3188/200x200.gif

45.207.243.68

200 OK

28 kB

URL GET
587image.com:3188/200x200.gif
IP
45.207.243.68:3188
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject587image.com
FingerprintFE:39:87:73:0F:B1:4C:87:EA:55:C1:69:5E:BC:68:D5:66:C2:F3:10
ValidityFri, 14 Mar 2025 16:15:20 GMT - Thu, 12 Jun 2025 16:15:19 GMT

File type
GIF image data, version 89a, 200 x 200
Size
28 kB (27469 bytes)
Hash
522db5903163ecd827ad83b0e2fc76b8
f781736eada01ec1416bea7dfd1e0e5a19fb5c53
7c5e31f913860f6faf785df79a59f149319c62c099449129712b0b81e20653c2

HTTP Headers

GET /200x200.gif HTTP/1.1
Host: 587image.com:3188
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 02 Apr 2025 07:52:12 GMT
Content-Type: image/gif
Content-Length: 27469
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:19:01 GMT
Vary: Accept-Encoding
ETag: "63a307c5-6b4d"
Expires: Thu, 01 May 2025 11:27:02 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

ddf.hongyuec.com/api/d8768a/movie/tags.json?IC=a56f7b

198.200.56.65

200 OK

1.5 kB

URL GET
ddf.hongyuec.com/api/d8768a/movie/tags.json?IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
Unicode text, UTF-8 text, with very long lines (1646), with no line terminators
Size
1.5 kB (1458 bytes)
Hash
08f8674f588e3232a62c045daadee439
9171e10d0ddf104e1b53e956e6b27124b8d1095a
e848b51224e46c42d1200c59a1f879146a8064a0c4d8cf8f617b254e1d47382d

HTTP Headers

GET /api/d8768a/movie/tags.json?IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ec8aea-5b2"
last-modified: Wed, 02 Apr 2025 00:55:06 GMT
server: nginx
x-cache: UPDATING
content-length: 1458
X-Firefox-Spdy: h2

hhapk777.getehu.com/i/1919/xxpp1-960-60.gif

180.163.146.86

200 OK

41 kB

URL GET
hhapk777.getehu.com/i/1919/xxpp1-960-60.gif
IP
180.163.146.86:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT

File type
GIF image data, version 89a, 960 x 60
Size
41 kB (40901 bytes)
Hash
391bf0c23d5098d3db8d66fef87b4349
06dfe8a499f50f7bf1b7e7e2e1acb154185c5256
6493779792656675a14664c251e5f8bedb7354fb778fc7c5718d78f0215b8c89

HTTP Headers

GET /i/1919/xxpp1-960-60.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 40901
strict-transport-security: max-age=5184000
date: Fri, 21 Mar 2025 08:45:52 GMT
expires: Sun, 20 Apr 2025 08:45:52 GMT
cache-control: max-age=2592000
last-modified: Wed, 19 Mar 2025 08:03:53 GMT
vary: Accept-Encoding
etag: "67da7a69-9fc5"
accept-ranges: bytes
via: cache6.l2cn2647[0,0,200-0,H], cache58.l2cn2647[0,0], kunlun8.cn7174[0,0,200-0,H], kunlun1.cn7174[1,0]
age: 1033575
ali-swift-global-savetime: 1742546752
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 31 Mar 2025 03:07:19 GMT
x-swift-cachetime: 1748313
timing-allow-origin: *
eagleid: b4a3921517435803278782957e
X-Firefox-Spdy: h2

dfg7d.dfgdg655.top:9990/banner/logo200x200.png

43.251.56.202

200 OK

31 kB

URL GET
dfg7d.dfgdg655.top:9990/banner/logo200x200.png
IP
43.251.56.202:9990
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectdfg7d.dfgdg655.top
FingerprintA1:AE:45:B6:AE:6B:25:81:4C:1B:32:A4:9F:8C:10:13:94:77:E7:3B
ValiditySun, 16 Mar 2025 14:43:10 GMT - Sat, 14 Jun 2025 14:43:09 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
31 kB (30613 bytes)
Hash
9c8fb2f13a13bef20469b0750eb76c1a
dbf182d98fd6c3741b6bef8098713345891afc9d
ff8fc1db0bbddcdae3530ac1f35f0e33de80399d2614cd3a64771c831ab219c6

HTTP Headers

GET /banner/logo200x200.png HTTP/1.1
Host: dfg7d.dfgdg655.top:9990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 02 Apr 2025 07:52:08 GMT
Content-Type: image/png
Content-Length: 30613
Connection: keep-alive
Last-Modified: Sun, 16 Mar 2025 15:38:49 GMT
ETag: "67d6f089-7795"
Expires: Thu, 24 Apr 2025 07:33:25 GMT
Cache-Control: max-age=2592000
Server: CDN
X-Cache-Status: HIT
Accept-Ranges: bytes

www.aoptf.top:2087/images/67c5afc004b5fea054729592.gif

188.114.96.1

200 OK

57 kB

URL GET
www.aoptf.top:2087/images/67c5afc004b5fea054729592.gif
IP
188.114.96.1:2087
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectwww.aoptf.top
Fingerprint58:73:6D:9C:0E:B4:53:DF:4D:E3:D3:D7:C2:A0:8E:2A:A4:0C:2A:7E
ValidityThu, 06 Feb 2025 08:13:52 GMT - Wed, 07 May 2025 09:13:50 GMT

File type
RIFF (little-endian) data, Web/P image
Size
57 kB (56868 bytes)
Hash
14969fff3cf0230dc1e0a1099c049d4f
b4f736eb9239640fe3ba1f76438bfa6b5ee2ae0f
1dcb8ed4c751996660bed6a5cc82cef5799491f68885b1671134b0ef6718e257

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/67c5afc004b5fea054729592.gif HTTP/1.1
Host: www.aoptf.top:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:08 GMT
content-type: image/gif
content-length: 56868
cf-ray: 929ebebaae1556b5-OSL
server: cloudflare
cache-control: max-age=86400
accept-ranges: bytes
last-modified: Fri, 21 Mar 2025 10:59:04 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ih3Yl2Oxfe0c7GKJGGC4U2bfMrADVIAEv%2FRYqypfyKUUQAoSROjVeJ9jYVOcBX60JWsqZkk2DNFtqz5FP0H5wV2Flt9eXOBSzfQF214zYEi6bMw%2F84dIymhC9vdGKxOo0AycGN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":2087"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=700&min_rtt=401&rtt_var=464&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3261&recv_bytes=1321&delivery_rate=7313131&cwnd=254&unsent_bytes=0&cid=5e89b431297b405a&ts=2329&x=0"
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/img/loading.gif

198.200.56.65

200 OK

16 kB

URL GET
ddf.hongyuec.com/app/static/img/loading.gif
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
GIF image data, version 89a, 106 x 98
Size
16 kB (15681 bytes)
Hash
f14839a7d053977e56867d98772ad679
82c7e43dac69df11ac79bfcdc797c1d9ccae8f36
f8604a543495d2544a825e882c8461f0c09290caaf580bc73dce463496121637

HTTP Headers

GET /app/static/img/loading.gif HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/static/css/w4i0c8b9-app.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: image/gif
date: Wed, 02 Apr 2025 06:47:13 GMT
etag: "66ec63b2-3d41"
last-modified: Wed, 02 Apr 2025 06:47:13 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 15681
X-Firefox-Spdy: h2

ddf.hongyuec.com/app/static/css/variable-2.css

198.200.56.65

200 OK

930 B

URL GET
ddf.hongyuec.com/app/static/css/variable-2.css
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type
ASCII text, with very long lines (992), with no line terminators
Size
930 B (930 bytes)
Hash
ce6f7190e3354e9ddf266482041bfe8b
3e39856f595a0e394fa2987f4c455229fbe86088
8b9186565c92d8ff949bc4d27feaea565821e2f84e89a5ee23c2cfb49e698db4

HTTP Headers

GET /app/static/css/variable-2.css HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: text/css
date: Wed, 02 Apr 2025 06:47:12 GMT
etag: "66ec63b2-3a2"
last-modified: Wed, 02 Apr 2025 06:47:12 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 930
X-Firefox-Spdy: h2

lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/vue/2.6.11/vue.min.js

27.221.84.33

200 OK

94 kB

URL GET
lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/vue/2.6.11/vue.min.js
IP
27.221.84.33:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerDigiCert Inc
Subject*.bytecdntp.com
FingerprintE9:24:12:F4:43:F0:0C:16:91:A1:E3:6B:D1:7C:07:92:A1:92:DE:FB
ValidityThu, 23 May 2024 00:00:00 GMT - Fri, 23 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (93670 bytes)
Hash
6c81f02ad0bf8e12a66c18cab188d029
abd239f02966b2d324b0512c203bdbaf82a4ed7a
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

HTTP Headers

GET /cdn/expire-1-M/vue/2.6.11/vue.min.js HTTP/1.1
Host: lf26-cdn-tos.bytecdntp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:01 GMT
content-type: application/javascript
content-length: 34100
server: openresty
last-modified: Fri, 21 Jan 2022 11:47:00 GMT
vary: Accept-Encoding
etag: W/"61ea9d34-16de6"
expires: Sun, 13 Apr 2025 08:34:53 GMT
content-encoding: gzip
server-timing: inner; dur=25
x-tt-trace-host: 01cde17b439d61e7f23be7be9c0cab44a7053f72a3499433ceb86d68b08d203f8faffd21cb211477d30a36f6a2e0f7041b803e7d0131d66b91a1ed1b44d55e2f0b2267a1e4df2109c12ad132f871d7e65ad6a7f069bf58266491e33453ead6fadd441e6ed89a60006b4d8e5e6c967bb00c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
x-tt-trace-id: 00-25031416403956AD6771DA0357785340-1E41F98C5C935FFD-00
x-tt-logid: 2025031416403956AD6771DA0357785340
x-ccdn-expires: 1975309
via: CHN-SDqingdao-CUCC7-CACHE17[18],CHN-SDqingdao-CUCC7-CACHE15[0,TCP_HIT,14],CHN-TJ-GLOBAL1-CACHE113[6],CHN-TJ-GLOBAL1-CACHE15[0,TCP_HIT,3],CHN-HEshijiazhuang-GLOBAL1-CACHE19[16],CHN-HEshijiazhuang-GLOBAL1-CACHE15[0,TCP_HIT,11]
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
nginx-hit: 1
age: 616691
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2

ddf.hongyuec.com/api/d8768a/movie/category.json?IC=a56f7b

198.200.56.65

200 OK

34 kB

URL GET
ddf.hongyuec.com/api/d8768a/movie/category.json?IC=a56f7b
IP
198.200.56.65:443
ASN
#54600 PEG-SV

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectddf.gaibanmj.com
Fingerprint73:C2:FF:07:29:B7:55:41:30:D0:82:87:72:A0:78:72:15:95:91:4C
ValidityMon, 31 Mar 2025 12:11:30 GMT - Sun, 29 Jun 2025 12:11:29 GMT

File type

Size
34 kB (33718 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/d8768a/movie/category.json?IC=a56f7b HTTP/1.1
Host: ddf.hongyuec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Wed, 02 Apr 2025 07:52:02 GMT
etag: "67ece77a-83b6"
last-modified: Wed, 02 Apr 2025 07:30:02 GMT
server: nginx
x-cache: UPDATING
content-length: 33718
X-Firefox-Spdy: h2

images.537images12.com:6699/images/960-60.gif

23.150.248.237

200 OK

405 kB

URL GET
images.537images12.com:6699/images/960-60.gif
IP
23.150.248.237:6699
ASN
#63023 AS-GLOBALTELEHOST

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectimages.537images12.com
FingerprintC8:18:3D:4C:38:E5:FD:7D:41:18:79:65:77:83:F6:00:50:99:3F:78
ValidityTue, 21 Jan 2025 12:43:49 GMT - Mon, 21 Apr 2025 12:43:48 GMT

File type
GIF image data, version 89a, 960 x 60
Size
405 kB (405114 bytes)
Hash
2adfc06cf6790655e6ef56850ebd236c
29d70a81b47999f1b2549dce4d857c46e5738287
48a1676d50cee4ded6c53e8821b13606f9b02387e51c9120f42280ba201d15c0

HTTP Headers

GET /images/960-60.gif HTTP/1.1
Host: images.537images12.com:6699
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
date: Wed, 02 Apr 2025 07:15:03 GMT
etag: "672db7b6-62e7a"
last-modified: Wed, 02 Apr 2025 07:15:04 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 405114
X-Firefox-Spdy: h2

dfg7d.dfgdg655.top:9990/banner/mxx360x100.gif

0.0.0.0

0 B

URL GET
dfg7d.dfgdg655.top:9990/banner/mxx360x100.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /banner/mxx360x100.gif HTTP/1.1
Host: dfg7d.dfgdg655.top:9990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.wixstatic.com/media/432808_58262ca973b7452d9d012fc683ecbc4c~mv2.gif

54.240.174.21

200 OK

26 kB

URL GET
static.wixstatic.com/media/432808_58262ca973b7452d9d012fc683ecbc4c~mv2.gif
IP
54.240.174.21:443
ASN
#16509 AMAZON-02

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subject*.wixstatic.com
Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E
ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT

File type
GIF image data, version 89a, 150 x 150
Size
26 kB (25863 bytes)
Hash
1a34fff32a7feaaf6c47b1e71dc83f91
24831bbf94b02bcb714ca2a26f512bdcf199821b
0b3aef4a2895412aa66e68f3f6d34f4f0a7163ee1c46012f31a71badf9d03800

HTTP Headers

GET /media/432808_58262ca973b7452d9d012fc683ecbc4c~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 25863
server: openresty/1.27.1.1
date: Fri, 14 Feb 2025 12:30:13 GMT
expires: Fri, 14 Feb 2025 13:30:13 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Fri, 18 Oct 2024 13:23:55 GMT
etag: "1a34fff32a7feaaf6c47b1e71dc83f91"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-z5cwb
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 54W5Y1HXFrLFeCFxqFPczuZoZfdlDWwy1hWjXla9T13hfWk_veKy2g==
age: 4044112
X-Firefox-Spdy: h2

yqzydqhs.com/config/hosts.json?refresh=202532751

38.6.169.17

200 OK

1.8 kB

URL GET
yqzydqhs.com/config/hosts.json?refresh=202532751
IP
38.6.169.17:443
ASN
#400619 AROSS-AS

Requested by
https://yqzydqhs.com/
Certificate
IssuerLet's Encrypt
Subjectyqzydqhs.com
FingerprintC6:94:A3:F0:FD:FB:D7:08:32:CA:B9:0F:11:64:66:02:A6:9C:71:5C
ValidityMon, 17 Feb 2025 04:43:45 GMT - Sun, 18 May 2025 04:43:44 GMT

File type
data
Size
1.8 kB (1816 bytes)
Hash
14a01554d258849c0579643aa2e85a3c
b58c37dcbafd5417a3c4a92b3b950155f3cfc8e4
0253540c19e7a97578b528d62fa73740ef7dc0e020801e3bacbc415511e1f216

HTTP Headers

GET /config/hosts.json?refresh=202532751 HTTP/1.1
Host: yqzydqhs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yqzydqhs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1816
Content-Type: application/json
Date: Wed, 02 Apr 2025 07:51:54 GMT
Etag: "67ece73d-718"
Last-Modified: Wed, 02 Apr 2025 07:29:01 GMT
Server: nginx

yj88.img0861648062.com:8686/8888/mt/mt80.gif

36.156.184.48

200 OK

449 kB

URL GET
yj88.img0861648062.com:8686/8888/mt/mt80.gif
IP
36.156.184.48:8686
ASN
#56046 China Mobile communications corporation

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectyj88.img0861648062.com
Fingerprint0F:6F:32:B5:1C:45:51:BD:BF:A8:D2:67:D4:07:17:8A:F3:2D:16:8D
ValidityWed, 05 Mar 2025 11:15:07 GMT - Tue, 03 Jun 2025 11:15:06 GMT

File type
GIF image data, version 89a, 960 x 80
Size
449 kB (449235 bytes)
Hash
2765121603ed96e8e483970e2ddb8b5a
d540502486d87bd455fc6c6d85dbe063dc0f23cf
dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

HTTP Headers

GET /8888/mt/mt80.gif HTTP/1.1
Host: yj88.img0861648062.com:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 02 Apr 2025 07:16:28 GMT
etag: "664dc9a9-6dad3"
expires: Fri, 02 May 2025 07:16:28 GMT
last-modified: Wed, 02 Apr 2025 07:16:36 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 449235
X-Firefox-Spdy: h2

txdy.2016os.com/960x60.gif

180.163.146.92

200 OK

464 kB

URL GET
txdy.2016os.com/960x60.gif
IP
180.163.146.92:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecttxdy.2016os.com
FingerprintE7:5F:81:4A:4E:88:2F:A0:68:C2:F7:26:53:28:C3:30:B7:C8:DB:3B
ValidityWed, 05 Feb 2025 22:32:01 GMT - Tue, 06 May 2025 22:32:00 GMT

File type
GIF image data, version 89a, 960 x 60
Size
464 kB (464319 bytes)
Hash
e4ccf9fc2a6f39a41bb95dd10e35367a
9e9b4a1ea8962cd2230007038f81f4702d61f046
255b5190719eede8ca1d86a2fa82544fa90b0e1a152596f6abb12fd0d1c3c430

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: txdy.2016os.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 464319
strict-transport-security: max-age=5184000
date: Sun, 23 Mar 2025 07:52:27 GMT
expires: Tue, 22 Apr 2025 07:52:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache28.l2cn8047[0,0,304-0,H], cache23.l2cn8047[1,0], kunlun1.cn7174[0,0,200-0,H], kunlun9.cn7174[1,0]
last-modified: Wed, 12 Feb 2025 08:43:46 GMT
vary: Accept-Encoding
etag: "67ac5f42-715bf"
age: 863977
ali-swift-global-savetime: 1742716347
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 30 Mar 2025 04:06:35 GMT
x-swift-cachetime: 2000752
timing-allow-origin: *
eagleid: b4a3921d17435803247793869e
X-Firefox-Spdy: h2

imgs.imgclh.com/imgs/2025/02/04/5340f2aba78dd9de.gif

172.67.197.136

200 OK

68 kB

URL GET
imgs.imgclh.com/imgs/2025/02/04/5340f2aba78dd9de.gif
IP
172.67.197.136:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGoogle Trust Services
Subjectimgclh.com
FingerprintC3:42:03:36:AD:3A:35:54:E7:C4:2A:D2:39:32:E4:82:17:1B:B3:4C
ValiditySat, 15 Mar 2025 13:16:16 GMT - Fri, 13 Jun 2025 14:14:24 GMT

File type
GIF image data, version 89a, 960 x 55
Size
68 kB (68408 bytes)
Hash
dae3cbb680ff835ea3f859398a9af855
ba2e0a2af1d8725bcbfe778b35e114e02fe82f88
088710719c053b33cfe205a7079afeb9708c0d9bfe4784d2a08c6d514f58c715

HTTP Headers

GET /imgs/2025/02/04/5340f2aba78dd9de.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Apr 2025 07:52:03 GMT
content-type: image/gif
content-length: 68408
server: cloudflare
accept-ranges: bytes
last-modified: Tue, 04 Feb 2025 09:29:10 GMT
etag: "67a1dde6-10b38"
expires: Mon, 07 Apr 2025 17:27:23 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2125480
cf-ray: 929ebe9bed100b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

87img.ezrent.hk/2df7e3592284c1446e61f03b0bf0287a.gif

47.246.44.221

200 OK

58 kB

URL GET
87img.ezrent.hk/2df7e3592284c1446e61f03b0bf0287a.gif
IP
47.246.44.221:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerUnizeto Technologies S.A.
Subject87img.ezrent.hk
Fingerprint5F:13:A3:BF:BB:9D:EE:B9:13:E2:FE:71:FD:39:47:25:3F:47:EB:AC
ValiditySun, 16 Feb 2025 05:29:47 GMT - Wed, 18 Mar 2026 05:29:46 GMT

File type
GIF image data, version 89a, 200 x 200
Size
58 kB (57617 bytes)
Hash
2704ae5989a0aeaaaa42c12606345feb
245ef003a2e14fe2d384460b480701215fb4014c
994d7cf9c91f2f2d8c56853dd1cda443c1f508a90a88dab3f86e57835046d5a5

HTTP Headers

GET /2df7e3592284c1446e61f03b0bf0287a.gif HTTP/1.1
Host: 87img.ezrent.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddf.hongyuec.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 57617
Connection: keep-alive
Date: Sat, 22 Mar 2025 04:32:07 GMT
Expires: Mon, 21 Apr 2025 04:32:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Via: ens-cache18.l2de3[0,0,304-0,H], ens-cache6.l2de3[1,0], ens-cache2.se2[0,0,200-0,H], ens-cache1.se2[1,0]
Last-Modified: Wed, 12 Feb 2025 07:00:42 GMT
Vary: Accept-Encoding
ETag: "67ac471a-e111"
Age: 962405
Ali-Swift-Global-Savetime: 1742617927
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sat, 22 Mar 2025 04:33:05 GMT
X-Swift-CacheTime: 2591942
Timing-Allow-Origin: *
EagleId: 2ff62c9517435803328351183e

img.lanchougroup.com/images/0bc40f73-454f-48df-8292-d1e69a63c01e

90.84.161.22

302 Found

354 kB

URL GET
img.lanchougroup.com/images/0bc40f73-454f-48df-8292-d1e69a63c01e
IP
90.84.161.22:443
ASN
#2285 Orange

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectimg.lanchougroup.com
Fingerprint18:D5:7D:6B:01:CB:E6:F0:14:8F:B3:17:9E:D9:89:CF:DE:5E:64:1C
ValidityThu, 13 Mar 2025 00:00:00 GMT - Tue, 10 Jun 2025 23:59:59 GMT

File type

Size
354 kB (353525 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/0bc40f73-454f-48df-8292-d1e69a63c01e HTTP/1.1
Host: img.lanchougroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Wed, 02 Apr 2025 07:52:07 GMT
Content-Length: 0
Connection: keep-alive
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: *
Location: https://cbu01.alicdn.com/img/ibank/O1CN01DCDxBY1Bs32mfClgK_!!0-1-cib.gif
Strict-Transport-Security: max-age=31536000
X-CCDN-Origin-Time: 486
Age: 1
via: EU-GER-frankfurt-EDGE5-CACHE5[554],EU-GER-frankfurt-EDGE5-CACHE6[551,TCP_MISS,554],EU-GBR-london-GLOBAL1-CACHE14[509],EU-GBR-london-GLOBAL1-CACHE6[504,TCP_MISS,506],EU-FRA-paris-GLOBAL1-CACHE15[496],EU-FRA-paris-GLOBAL1-CACHE26[490,TCP_MISS,494]
x-hcs-proxy-type: 0
X-CCDN-CacheTTL: 86400
X-CCDN-REQ-ID-46B1: 745d693e5311f68aa446dce2d8f4e21b
Cache-Control: max-age=86400

hhapk777.getehu.com/3391/1372/1372-960x80.gif

180.163.146.86

200 OK

386 kB

URL GET
hhapk777.getehu.com/3391/1372/1372-960x80.gif
IP
180.163.146.86:443
ASN
#4812 China Telecom Group

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT

File type
GIF image data, version 89a, 960 x 80
Size
386 kB (385649 bytes)
Hash
99420771ab574e6197a995c28a8e22fb
eb51cd497134b44e1c957b10caf4d2c9569668a5
e0f9613ae55c18751ed65c2b466290eec01e4d71bc4881c52d71578456582d8a

HTTP Headers

GET /3391/1372/1372-960x80.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 385649
strict-transport-security: max-age=5184000
date: Fri, 21 Mar 2025 08:45:51 GMT
expires: Sun, 20 Apr 2025 08:45:51 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache24.l2cn3147[523,524,304-0,H], cache47.l2cn3147[525,0], kunlun6.cn7174[0,0,200-0,H], kunlun1.cn7174[1,0]
last-modified: Mon, 20 Jan 2025 07:20:43 GMT
vary: Accept-Encoding
etag: "678df94b-5e271"
age: 1033576
ali-swift-global-savetime: 1742546751
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 21 Mar 2025 08:45:51 GMT
x-swift-cachetime: 2592000
timing-allow-origin: *
eagleid: b4a3921517435803278442841e
X-Firefox-Spdy: h2

we.nn11001.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif

0.0.0.0

0 B

URL GET
we.nn11001.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerLet's Encrypt
Subjectwe.nn11001.com
Fingerprint6C:D7:A7:72:AE:69:3B:01:8C:6C:B3:F6:A4:74:C9:B2:E9:D9:4E:06
ValidityThu, 27 Feb 2025 15:28:50 GMT - Wed, 28 May 2025 15:28:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: we.nn11001.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddf.hongyuec.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cbu01.alicdn.com/img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif

47.246.44.248

200 OK

417 kB

URL GET
cbu01.alicdn.com/img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif
IP
47.246.44.248:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://ddf.hongyuec.com/app/#/home
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
GIF image data, version 89a, 200 x 200
Size
417 kB (416881 bytes)
Hash
dc8ff108f0a8d2faa220b9fdac680589
7b861f20bd0e553e2427984aba8e55491515404f
23cb555b99f9f5d8e13380227ef7da4ca264a905a920f80bcfc14dcbef130668

HTTP Headers

GET /img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddf.hongyuec.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 416881
date: Fri, 21 Feb 2025 06:52:29 GMT
last-modified: Fri, 21 Feb 2025 06:52:05 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.015
traceid: 2ff607a017401207490643714e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: ens-cache17.l2de3[0,0,200-0,H], ens-cache11.l2de3[1,0], ens-cache8.se2[0,0,200-0,H], ens-cache8.se2[1,0]
access-control-allow-origin: *
age: 3459582
ali-swift-global-savetime: 1740120749
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 21 Feb 2025 07:00:11 GMT
x-swift-cachetime: 31535538
timing-allow-origin: *
eagleid: 2ff62c9c17435803314026633e
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?hca=72B3590C6E78D1B4&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=609220518&si=5bf28cf5500ae78fd47694fd36b1cedf&v=1.3.2&lv=1&sn=21641&r=0&ww=1280&u=https%3A%2F%2Fyqzydqhs.com%2F&tt=%E5%BA%94%E5%9F%8E%E5%B8%82%E5%B7%A8%E8%B6%8A%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

111.45.11.83

200 OK

43 B

URL GET
hm.baidu.com/hm.gif?hca=72B3590C6E78D1B4&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=609220518&si=5bf28cf5500ae78fd47694fd36b1cedf&v=1.3.2&lv=1&sn=21641&r=0&ww=1280&u=https%3A%2F%2Fyqzydqhs.com%2F&tt=%E5%BA%94%E5%9F%8E%E5%B8%82%E5%B7%A8%E8%B6%8A%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
111.45.11.83:443
ASN
#9808 China Mobile Communications Group Co., Ltd.

Requested by
https://yqzydqhs.com/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?hca=72B3590C6E78D1B4&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=609220518&si=5bf28cf5500ae78fd47694fd36b1cedf&v=1.3.2&lv=1&sn=21641&r=0&ww=1280&u=https%3A%2F%2Fyqzydqhs.com%2F&tt=%E5%BA%94%E5%9F%8E%E5%B8%82%E5%B7%A8%E8%B6%8A%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yqzydqhs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 02 Apr 2025 07:51:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4E74A13BE7FD37C6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML