{"report_id":"2379f25e-0400-43c0-bff8-e6b4f2ad0a87","version":0,"status":"done","tags":[],"date":"2026-06-25T00:21:19Z","url":{"schema":"http","addr":"dev.biymu.com","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"dev.biymu.com/","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"title":"英国上市公司官网365(认证平台)Platinum China","dom":{"size":420,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"56870f0a1b92b7433a7cae77628b2483","sha1":"1c9f49f0f4f2da22335ccb405d669d45905b9396","sha256":"0e1c0bdde22e69e23491a2ef3674a9f859a134dcf7286c1219a4695b3b4c7dc2","sha512":"8d7b0c25f0763e097021fb8843d4339271eeca586e1026533449300c729b948de9fcde80c0e24d441f86c4cba724a9d2e6cfe8639c355f92b2c275f57c20bb20","ssdeep":"","tlshash":"dae0f1839c10848ea1208bd45fe3f11cc1ec7db9b292cc44c9d4318f4ce0bc84c138a8","dom_hash":"domhashd0c231bf27deb973c770c049e72bbcec","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dev.biymu.com","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-30T00:21:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.3152018.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.huayudo.com","ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":164,"received_data":5964177,"sent_data":80680,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]},{"fqdn":"dev.biymu.com","ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2025-04-10","domain_rank":0,"first_seen":"2026-06-25T00:21:23.072648Z","last_seen":"2026-06-25T00:21:23.072648Z","alert_count":182,"request_count":91,"received_data":276638,"sent_data":40175,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:1.8.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.3152018.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-11-20","domain_rank":0,"first_seen":"2017-12-01T15:11:57Z","last_seen":"2026-06-19T23:57:50.647888Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":459,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"dev.biymu.com/jquery.min.js","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c2bd3932347b979088dbf6dae4d88ba","sha1":"f4f172ec0213bd6009fb99de8fd3e6348587321d","sha256":"7e6f89c96ec9e8c1613749f5e12ad565a9b20319442deb3c6fa8044dced6ff58","sha512":"afbfa8694d01caed6ac7811215fb4b9a4059c747b2f513eb57fc6598b6c8dfe40805316c3abf16ed9fe7eb6ded4e10b5df8177d022e4d6eedb63039a7dcebb35","ssdeep":"","tlshash":"210181d8d7c4d88b7ecc2c53e909decb25b2823b96d53283832cfe8c049a151d49c048","size":686,"data":"","first_seen":"2023-03-10T19:50:01Z","last_seen":"2026-06-26T01:06:18.863295Z","times_seen":251,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221926879367705.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.380Z","timestamp":1782346857380,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221926879367705.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221926879367705.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NscU2u15QOwDyudzjVjANP24nKpM8541aRQSzbVlE7yHGGiP3TVNRFdEybyTE93JkDF0DOZnIHCR9w5Tcxs8PsTbED1UluMQQqJ2qhV8JI7Wfd1TRbuIUeD7ar44ecy%2F7Qw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c2f9eb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1544,"timings":{"blocked":-1,"dns":1523,"connect":2,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221962672990964.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.055Z","timestamp":1782346859055,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221962672990964.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 35643\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"ccda58e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SxhqxzBfCIolnCq7EjUcZjdcskRUh7%2FdHlh5YnKu9OZhgALksR7HZYp5TXZQWXp4L08lI%2FLev7w8di01IZ6%2B9bib5aQ31tR6OPH0G9%2Bmc%2FfcAB0aWSJZ8RbjM0xu3bJVTMs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d1cd532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35643,"size_decoded":36385,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"c422c0e4fbbbabd528b0292b7517dd6a","sha1":"57c95e9d359b4a86f58b07918437517987de0c32","sha256":"511ed53554b4f557ae2969d8bd6be158517d59d96b194625b4541f67a8c974c5","sha512":"36b61fbd7718ab6fc728291d59626aa70f52c1443d10d6f36276d2622e3449ba45f7610f62f7a6b5f38d7edda2c6c974ffc23c925245285759516d78869d20be","ssdeep":"768:9nRa63/xKxe6HkcEQJPD58CGHyNYUavu9OFRa4JuPA+eUaJisR:9nt336EcESPWCGSjOF5Z+eUap","tlshash":"96f26a538808cb83f625c2e9ff035e2c66072b15f81376f655608edf5e4182aadd647e","first_seen":"2026-06-25T00:21:38.020631Z","last_seen":"2026-06-25T02:06:14.119866Z","times_seen":4,"resource_available":false,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":550,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg19.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.863Z","timestamp":1782346856863,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg19.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg19.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1445,"timings":{"blocked":1251,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221961104625318.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.069Z","timestamp":1782346859069,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221961104625318.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56047\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"197a57e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nTt67gezmusPvlUAB8bl5Mw9g40IDjZTt%2BJNy3xWFQFpEVc%2By%2B52JTwxxjbAldXW8DsLvKPdMPFb%2BLJslUrdKO6u4mEay1F%2BdPptJMJWUre39%2BRC6%2FayxgusuNXnJs9rz7c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d3cf332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56047,"size_decoded":56793,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 750x750, components 3","md5":"21c925d77b289e2f509eaa6cde9c1cbc","sha1":"d4bcf2844e4b1fb4728852c9bbaafacac14034e7","sha256":"44d295f35458f34edc1a5ea3e213b1f51db13d9e294cdc31ef8e661464a1ee1d","sha512":"498c4db386e143cf1b41f14d1a3203c240d494c071f0b5e3826595b326f0780702165c30bd05e254c151bf071b5dac3ce2a4d5ebe4be43d8ccbfdc43c4217ec5","ssdeep":"1536:S87S3q3Zu4F6v0bSLh881adiZWinmqSNE3TcUzsEp:5Imv8vKSLhTdnmqSNmJAEp","tlshash":"fe43027b03d1495696c58f993c32765be28f0487b4bb5947f0a6e407be368e206c73e1","first_seen":"2026-06-25T00:21:38.023827Z","last_seen":"2026-06-25T02:06:14.208205Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":551,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20220610/16548558762688154.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.114Z","timestamp":1782346859114,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220610/16548558762688154.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20220610/16548558762688154.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PaZUHnTkqf%2F%2FdQaV06BwfPrgXp3eiZlihaGkGeYQpUJ8D91YmsZGdB23YbaiawwIPHUmNeg1wChDcRsEU%2BGeAom9xf%2B5VFg0NfaBzk4Kfbfvpz%2Bs7DkP81dZqE67rB6t9Y4%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3d784ab500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20221203/16700624678486601.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.876Z","timestamp":1782346856876,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20221203/16700624678486601.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20221203/16700624678486601.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1922,"timings":{"blocked":1737,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.3152018.com:8259/bella/sj.js","fqdn":"www.3152018.com","domain":"3152018.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.142Z","timestamp":1782346857142,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /bella/sj.js HTTP/1.1\r\nHost: www.3152018.com:8259\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.3152018.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20250606/17491825812671537.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.440Z","timestamp":1782346858440,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20250606/17491825812671537.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20250606/17491825812671537.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t5priskKrVnqj4VDm5Cj9qw%2BoG8XibyE9gdibyzBkb50%2BYzomVwR4M0dLvzGn%2BciBtI%2BtA4qZrMBwLPLPb%2B2zlZ95wmjeZVlyPgS37q4sWB04red9lQyPNJFURPa4Xv2juQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fd0b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":514,"timings":{"blocked":507,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221961774369337.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.190Z","timestamp":1782346858190,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221961774369337.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221961774369337.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dzFLTMSHaTiFpz%2FAsedkWJlMCG8%2BVi7jgnYz%2FJXqc8mvB6zpJwgfyGNcb8rT8eD7WiDOHunxOnI9SmENrGyIiDJFltY6cfrogumR8Volg5c8aeBErefM5K2E2B3751RelJ8%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6f1076ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":755,"timings":{"blocked":751,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.340Z","timestamp":1782346860340,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B05l6GL5ixyzjMTyBLpqn8PJ2872hck0keyCgK5Fv4vDvBxCj1xKicS8b3EHQt5eUjQtOotYUd6tSjkn5D%2BSSwzRB3LYwaviGF1fspd0PEuq%2FhCxg2WLyOJu2acKwOEB4Oc%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf452e23b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg39.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.403Z","timestamp":1782346859403,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg39.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg39.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mEfrkjxlJN6RUXC900vd9FsOpkcIS4reCkyNfAtuaHlBjDZyNQlvr66inJ0ZnqSsktaVjBSyv8u2klrcVTDlQZEdAXz7osOJumtbglzIiZYFWU%2BSj75WdoIHl3afVvj5up0%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3f5c0276ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221931596415815.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.862Z","timestamp":1782346856862,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221931596415815.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221931596415815.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1376,"timings":{"blocked":1156,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221964321312803.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.344Z","timestamp":1782346860344,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221964321312803.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221964321312803.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iYDu4lfWBpE%2F86y7MTT%2FYDy5NGeM8vJ4l7hnKDEMsiM5l6h0phbLmrMCJ4hDs8blvtNzdhe1wCsn5lbDfdaU%2FYfRhuviY0q0GDqt%2F5BnLDDZy%2BY09NZQu%2BOR5Au55D41Eq8%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf452e25b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg38s.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.453Z","timestamp":1782346859453,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg38s.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg38s.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Yrlp4Pol3hif9KX%2F2RzpyBx5HM3wMvLCKj%2BjtICWKTWJiKiZen7B7jhrDyjK4voQu%2FMxKzjTzpIo01u07AjX8zZ9jIgSHIZCwIwElweWDnk521JXRP0FPFZT6ZLXtqUxTw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3f9a17b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240321/17109955861655713.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.869Z","timestamp":1782346856869,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240321/17109955861655713.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240321/17109955861655713.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1670,"timings":{"blocked":1471,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20220416/16501062528954619.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.883Z","timestamp":1782346856883,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220416/16501062528954619.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20220416/16501062528954619.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2119,"timings":{"blocked":1944,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.573Z","timestamp":1782346857573,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B2MB75H7QZ52TUoHC3q2sDP9u2qajV2h%2F%2BDk7lESIZZ1YkHBs9oP3vLCEt%2BOUasfuUFwrsK%2BSime1B4XzZUFxaC%2FjgGwrSApPHBQLftq4TWleVSapnkeVkZ%2BsjFYrg7zeu8%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4eed76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1349,"timings":{"blocked":1344,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/ny3.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.003Z","timestamp":1782346858003,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/ny3.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/ny3.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y%2FE50ZusRlfm4meWBB09Y5Jh%2BRWLOWp%2FfaTv90YN9i629SStt0MY4t%2B4lA0hSDSqJj%2Bo5YCPMMQrc7Wpnhz%2B9y%2FrQLJf%2Fa7gLkBK%2BWPWWlWwz2Rt9iQnqn%2F1Vv7hv%2Bq7B%2Fc%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5f0a76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":937,"timings":{"blocked":933,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240312/17102186405872129.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.091Z","timestamp":1782346859091,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240312/17102186405872129.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 168606\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"88a182e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HGVu%2FhxhwgLiDBah79%2Fm8z7wANfHCMyo8oXw4QXHjAtIqCvrnGp6PyvkwA54UJ1ccsERS%2FJu7mZtoHaYjCH11qJi95UKkhaYWLEtPJvG0jKG3MnY4pXn3tr81K8DtTs1pTo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d2932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":168606,"size_decoded":169345,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:36:00], baseline, precision 8, 800x600, components 3","md5":"a605742fbe352e3aec8a53abf1e2e717","sha1":"e95d11a30409faf6534ca71ec00fe4c6794628dd","sha256":"44f3965393dba4e18607fbeb496d435094766db675e83a3fcab3224b7700a6a2","sha512":"70536ae39ce2a70584569ec4203a7bcc70f9a9b7df064ad7e52b3200057b79af438d592eefb32ae3f56b3755ed82b71f0db3054eb9e13f8e6c585493c250c28d","ssdeep":"3072:A/0FcO8aLibl/QQVIk3mczgznewnr4uWw7EriPnSuj//Nk5i:vZ/8VVIkmagzewnkuWzySu//W4","tlshash":"9df3026aeb780ea6ddd635330102d625c7308ff243a773e67d3c75963b2c6a1a890617","first_seen":"2026-06-25T00:21:38.026428Z","last_seen":"2026-06-25T02:06:14.174482Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":609,"receive":1197,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg10.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.139Z","timestamp":1782346859139,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg10.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1124\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"16d3e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cARawEH7HAmLsH7aZpfL3fi4XwB%2FRUbEZHQiOAJvluNMEFv8oF88kKgU6Ia6eDduvpxgdClIEpBIJwk4NKKocGgDU9I5xCDJcDUNAVwFrss%2BCwPX7v4B9EqnwdkB1S%2FpYeQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d9da432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1124,"size_decoded":1858,"mime_type":"image/png","magic":"PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced","md5":"45dab564847914e760e500cd88b26b34","sha1":"c7d66aa133d203e6b5597ab83fba2b199fbd45da","sha256":"64ad862d41b2680707c1971065717d70339c9c9c87f5dad41cbc51520a6b52b7","sha512":"5a2617485d6646e849b55c6855d030d0dcf78062f2b6a5ba1d8946d75e1d3d146f40c3fdc7ea387a8978035b53d9cb3cbac6140ae5ef5be11d2cc4937c177a2c","ssdeep":"","tlshash":"4921b21defc22ae58088f2a124f124234b2e0840d6c9b124bcfae4265cf40fa987c8c7","first_seen":"2025-02-23T01:47:41.219614Z","last_seen":"2026-06-25T05:53:27.10523Z","times_seen":7,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240321/17109955861655713.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.088Z","timestamp":1782346859088,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240321/17109955861655713.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 169778\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"28fe82e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=itfxmf%2Fw%2BvH3dMLETuS5DpjJgaHqeO7VmFugcfuhufdSYlZqDtyqZb4F%2BX0vU%2F9anHveJvcCTKH9F6diyIxTY3i97x7tgU%2B2XoAqHZM6Moz4FbcgwW2ZgCFIrpDeZ2TkyIQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d4d1e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":169778,"size_decoded":170521,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:36:13], baseline, precision 8, 800x600, components 3","md5":"95bf02c0c523b3c7861297aa876fff15","sha1":"c72c680f51a176748ff2656e6f2910df8418c7f6","sha256":"fa67451f1ab50c1df5c4117d9d74e9935eecc971e77159867b28b3a769d903dd","sha512":"b858341ab9d13a98e9a53fbcaa090ca4063223d53ee2d74d897681ae33dcc9fe03392121fcb772ea2a2a5142d3014825e63b7c100e4b1f491397021ec94cb5c9","ssdeep":"3072:s2XBP0qehHeHzhsrHHX6NNs/k/gWp5XByewVaMJ5uqyryKDzm6oypF:DBMq+H8z2DX48kpNBUVUyKDTf","tlshash":"dbf313fb36640e22faf615b658cbc8d32f203d526ab67b063c4f0502375f967616d254","first_seen":"2026-06-25T00:21:38.031683Z","last_seen":"2026-06-25T02:06:14.175019Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":827,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240116/17053806235852491.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.097Z","timestamp":1782346859097,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240116/17053806235852491.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 155884\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"f33180e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pLYdHIC7p74uKybWl2YSoa%2F46QDmiujFj9Nd4aB18yy5Bmx035yR6ZGePUVnY%2Fzt5PkYQOvvQH3xhdknJdUUbYvBYTMN%2FID5T1SAFCnJlW1Vof%2FZKjl4CQ1WfAsSlgzb%2Fg8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d4032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155884,"size_decoded":156627,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:34:52], baseline, precision 8, 800x600, components 3","md5":"0a92eac65141592326989a747648a7ed","sha1":"38f68594690f6ae99e1eb3d820523c7c21cdfa79","sha256":"bd5d5771f5974d57707d4c5d27c03fecde7cb2ce74fd8aea6a295250c3e8da61","sha512":"c0650b46cafbc141117439529d2f0d3a0555f8e0b1f270f819ca4c8470b7268e911bc553b7e19ac0d77d3c40436356c086ba7cffa5d2b22a4dd0428c79072ba4","ssdeep":"3072:97AB7Ao/Qrn0wOmLUF5Ye01qSYbSCywyKy7olsH5n/x2R4xP/lU5bja+5:97AB7AoUbUF5Ye01qxbrfnla5nZ2yxPI","tlshash":"d0e3123d58a4fe54d4d9a5f2004af7f68f231dc038432ab2f90db92a7b61e9ac455387","first_seen":"2026-06-25T00:21:38.033736Z","last_seen":"2026-06-25T02:06:14.154694Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1649,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":1092,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg8.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.137Z","timestamp":1782346859137,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg8.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 2042\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"10b57e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qHYXjHrDWeSz9e1MZbJUtH3Rj5EXjK3sPFSDqQFbdNIa8ODbJ5BpwxeR6WKaJPaszDc7j94LpjeTBdE0Z1ChyE6skS4BNUBFFLp%2F89M%2FeEh8afZZU8aKnmC1DMN9MzbKOGQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d9da132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2042,"size_decoded":2775,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"dac50ceaf85e241b79569aecd4da7aac","sha1":"f9a4e79e27808b70b1aacaaa4e76e44f10ee7b08","sha256":"563f67d49365a13dc4070e4552b2a4ea7bac3adcc8306baa743e437ce94df0c7","sha512":"82ceb8ce46fd0ba9389ee070b13d78017c45240e42356b0c3bd509d3db80a29229ba5f634841178f6e712f17aa808890fc042178b9f1312cc35bb6ba86fd488e","ssdeep":"","tlshash":"c4412a5afce469d0814ce73118e10156d9368c8444e4f165a8cbc6810b314fa4cbc5e3","first_seen":"2025-02-23T01:47:41.217918Z","last_seen":"2026-06-25T02:06:14.148202Z","times_seen":11,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.852Z","timestamp":1782346856852,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1075,"timings":{"blocked":875,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.980Z","timestamp":1782346857980,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AqSMvjRV3B2pLX4%2F3tFZbUXHUtTKTpGDdrPE%2Bn1rD0uio6%2Fyxcc1g3AKjaLPRcTFDH4L4nNjWTZP%2FkRptzZaSKgcSLCRqptYyYQYAMaPyAFdh0zgXsm3cixOp2wxK%2B5OF38%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5fbbb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":953,"timings":{"blocked":947,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/hmh.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.015Z","timestamp":1782346859015,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/hmh.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 200897\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"af6c35e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S%2B9XA9Zti6OTEe%2BnTMy0eiQBkk6N9f5ck2uzdeUg8d10XZKa6WmgdhXq%2Bl1WrZX1QphQ%2Bq6x4evti6AtA3zmrcQWcHazn%2BCHxWtYM%2BMdB%2F8P7KQEddE9OaIcQJX42oPFplc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cdc5532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200897,"size_decoded":201643,"mime_type":"image/png","magic":"PNG image data, 599 x 450, 8-bit/color RGB, non-interlaced","md5":"b67036b35b677e6006cbceab83911150","sha1":"611bef6fa9d73523c6aece44b2dce76fec94c75d","sha256":"9b4b7aac4e6838703531fd3413d6f732ef2764d31de5cfb071cf796b0792da29","sha512":"fae7e815d9ef5278cb075a28c4eee962e9c116b939e69655436d95ebc3c35a77ae1639ceaf17bdbf0b5fe90072583a1183e02d91ba04df1ea46011b96cfb5428","ssdeep":"6144:2dufchndbu/4lXXbgbhckYHTOdeXAmmkk2z4amCbZS:ABdcANbgVcAwXxMamy8","tlshash":"9f1423646f4c906aff60754d05ff1bcb78b3206ca76d8f6409e4bd805b81f68ab50ea1","first_seen":"2026-06-25T00:21:38.03842Z","last_seen":"2026-06-25T02:06:14.177737Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1829,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":1213,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.026Z","timestamp":1782346859026,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 150021\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"290a2e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gEwEOuIZBIv3vQn6pX7%2BbB1ZxXAUDHG0AIVtDUAlyVLOHRAbcTVs42b5Y6qKR9vDZc7PaEqFl1YcZpYov%2FF8M9l%2Fv4qxiY2NX2kGdq26lj%2FPEVhdPMV9gS19cTHGtCPIO40%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cec7732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150021,"size_decoded":150761,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 800x602, components 3","md5":"ac326e3f869316a89fe95a08ed8ec7bd","sha1":"7bae22560dbc6eff2ab8b8fae929bdb639e0bde9","sha256":"8d6331272ab632639492d3c702c0d9b52853228c72cabf793ba3f5684648ae22","sha512":"1acc8d0e03e605e575a7881075ae43556b270e9eb675d1e792284eb447eed77975d9d474300785121bfdc9b0c563753171ab862acf33926a7bf7a8737edd7570","ssdeep":"3072:o0Hs9eYfzIWUqge9NSiOANTRUe+G0/huh5ICeXmL+8kbeXRuOfoOzop:o0H0RfUkgpiOANRUeVUucHmi8pg+5zop","tlshash":"ece302e3f81ada42c77d3ff1b8b754ae95444df18932de89f80c20a6db6a4164e8548c","first_seen":"2026-06-25T00:21:38.040917Z","last_seen":"2026-06-25T02:06:14.111276Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":767,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.378Z","timestamp":1782346857378,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4uc46b9SsXX1KZlyszvjMb5OgajAgG8EzpL%2BG5sMqhx%2F1E%2BNLVIF6kjA6zk0UXtHe9cvY94DV4eppL4L22Zxb2buu%2FxREYuzNYorO%2FhY4AL%2F3bvlXboh%2BJsY%2FuR3uCJCTEw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c2f9fb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1545,"timings":{"blocked":-1,"dns":1523,"connect":2,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221972736283293.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.345Z","timestamp":1782346860345,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221972736283293.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221972736283293.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2B1%2FgB4%2B62cI7hb6IqoaD1BgiHC%2B3oMQ5g2VagCtEDHP2VdBBCXUx016rhV1MMyUeR7eyGPMoCP7W5TEVoMBjbfqquMdvkUdU6BiCC4NOHqyaj753wJdPSkjKm4i5rFAY%2F8%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf452cbe76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/global.css","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.736Z","timestamp":1782346856736,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/global.css HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":35822,"size_decoded":8619,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"cccbaaf7411332002d5d57c4c2dea94b","sha1":"49eb18f53ef5335840d2ac6c0d334dc06a52dc38","sha256":"346be637ba9936c9bc97bada963988b71fd78413d4c8361a9745626db0db9f24","sha512":"c888b6dc67e85bff750a21aebd410397d7e07f17085c4babc25bcb32de0d161f04e1fae40cc9016a432752b0694027b680b774a00898a5e865f9ff4990d060d8","ssdeep":"768:zSHSO5qBo74uEtcgtCNkG6Cxi1HlDXuAXC5cEmVFWGeU:+O72GRXucV","tlshash":"b3f27435d23122adb03756127b51abddb239d01f734766bcee9a3a30c18f48aba35351","first_seen":"2026-06-25T00:21:38.042971Z","last_seen":"2026-06-25T02:06:14.132825Z","times_seen":4,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":150,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221965251478009.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.833Z","timestamp":1782346856833,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221965251478009.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221965251478009.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2884,"timings":{"blocked":2684,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240116/17053806235852491.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.732Z","timestamp":1782346858732,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240116/17053806235852491.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240116/17053806235852491.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aT8WS7toEqZbt311Y1jx84NR2sqbonb4ha%2FNSMOJjhht6hK%2B9n7IFZiik4cXGZTcgFTvAOrnFfeEkPz0EH5sb1DLM4jc3j7RdyEIUQ9E0dHkZTptdRFtSY1lxk6JC3WmXls%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fdbb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.008Z","timestamp":1782346859008,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 163487\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"4c1831e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wzrr7erw%2BP%2BpU%2BMqQhcOfhfmxR7kv7Ie4F3dw%2F4kdOWUB0X9wvzgytiHJqK6TTB2qB%2Bqz94PWBFD0eVJZE9004P4eX%2FLEBg8dm21EjAISurGaxCeD2HRxvM6vc2XA8Y95VY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3ccc4432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":163487,"size_decoded":164232,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"fd5523f73015f93cb15b9f44fe623623","sha1":"bf868611b9a6882680280764a4a4dc9b74b592eb","sha256":"ff51e3e980653c0c421b1db374d9a5fdfdbb6a125d8622a524a19b27683d2386","sha512":"3514a569b78974295d6500e0f249f07fb2d87140cd60f02de23ae199a9d11590beff3da587e1a6c4fb787347e3ffe097eb5c085221d751e0bbb466b3a59cae2a","ssdeep":"3072:Ek/ZsbmRy+LuV3ef5HIxdwRHesXtZ5kLA/0IPqXTjDnb:R/bjLuV3eIxybXtZ5kLE06qH/","tlshash":"59f39e25d0967b76ff997578f7508baba001273f51ee681c7c2d94823bb4029b60f18e","first_seen":"2026-06-25T00:21:38.044977Z","last_seen":"2026-06-25T02:06:14.161926Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":1003,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221962027604811.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.066Z","timestamp":1782346859066,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221962027604811.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 27026\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"3f4f58e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ELqe2LkVoBxPBmmTSaXtPWl15KkAnh8snEtPOXi5NIShzHAhwQFRerq5rkZhHZf9Q9Dt6k3nMgdbl6eiOHApKyBmhXfKHqAA27UJnIgJSuFVt9wEBdpvtXyCHVwIVWiux9I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d2cec32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27026,"size_decoded":27758,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"a14213f23f3d54c9d8200b2277ca38ea","sha1":"6b1971eb46253c83267e6cef9e74fb85efa3226f","sha256":"b539cd9d907f2c7845fc10337bf4e8b9e9227f5763e69a9230eb5d4e9d2dd1e4","sha512":"ac2a3286e92cba5ff7325d83316d977ece73dd55d554317c87e67518db37127793bee9a186d1576c0167efb4234815b2eb834aacb19485d23c9e0df367ea18f7","ssdeep":"384:9FQsm6KPFRBLPcmNyfqxDNIgIS3LQa6+4UKS0zgff6GtMduDMT0ZdYj:9uf6KlLkDSDIgv3LI+4UzhXedurdYj","tlshash":"00c27c07dc08cb43a22683fcbe430d78275f5b59a99673f940726d9f0ea1a605ccb56e","first_seen":"2026-06-25T00:21:38.046907Z","last_seen":"2026-06-25T02:06:14.188966Z","times_seen":4,"resource_available":false,"data":null}},"time_used":935,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":630,"receive":305,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/email.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.192Z","timestamp":1782346859192,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/email.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 15386\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"7f1e9e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KCEuGmWH9SIcK%2Fgp7OMZMW37qL1A5WjS35NPiGvitarbHQ44U%2FJLMNlfqb9xWrp1Opob%2Byscd3lwLFQgYVAp1PHf%2BqZZo53gbeE6GxIieNdC1jYLNVwNgQC1%2Bo7kHcEAgz4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3dfe1c32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15386,"size_decoded":16126,"mime_type":"image/png","magic":"PNG image data, 12 x 9, 8-bit/color RGBA, non-interlaced","md5":"0808d684d3d0f15554aeb9db567edc4c","sha1":"002009d79dc0b9663d0e2fa9479bd1f7e6bb90a9","sha256":"07ebec0b3a56716fdf338c029ab3bbefdef671f1b360dc2b7972a5a3e98e233d","sha512":"8b241260ad3650d3bd6e65ad5e5bec82e92ae26667b61fd6ed9d7109aff0cd8f027e981a1c8ba9efe9c14cdd75bfae4d3dffc19924aa7c12fdca3a561919036a","ssdeep":"48:b/6vM+k29W8sEvGRgpbxN+Y9He/FF/rBCpyHRHL3bf/sc5007k8MMXVN:bSxkEWRLGpbxNXqhB/sc5LkLMN","tlshash":"d7628565fdf27269545aa2311de1244d9c730783d582ac88bbcd4c1b6f11bed8c4f182","first_seen":"2026-06-25T00:21:38.048831Z","last_seen":"2026-06-25T02:06:14.190648Z","times_seen":4,"resource_available":false,"data":null}},"time_used":793,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":529,"receive":264,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg38.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.465Z","timestamp":1782346859465,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg38.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 1287\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"dbad6e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G5OpD6l2rkp0RCNmz4CZJ5i8QB34dCqpVUI1JswHE%2BSlGs8sxc0tx%2BOYHori2CCCdJ7o%2F9U7GHDp7XLjihEKA1XjoGwl7qEnzfboPKO4WaGfS%2Fgqfn4A1K%2ByjWJ7Rb%2BS8F8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3fc8a732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1287,"size_decoded":2028,"mime_type":"image/png","magic":"PNG image data, 33 x 40, 8-bit/color RGBA, non-interlaced","md5":"ab749f6f9cd1f8c00042010961fac393","sha1":"523de620cd2fad413903631ab87bc709494d3230","sha256":"36a816f62a42868bc6df0a8d8501cd7f689abe3e16abb9249fa96c6ea042fcde","sha512":"935388e2e11c3be7a288e43d539991ceb6e07c462da0518c6dfc50c80928b2254395123ee9c00117342484dfe357cee57981c1a552ba06f2bf7121fad4831aa5","ssdeep":"","tlshash":"7c218464fae12cc6545ca9d624ea103384371845df94e8abfbcfd63668391f5901f4cb","first_seen":"2025-02-23T01:47:41.229349Z","last_seen":"2026-06-25T02:06:14.153988Z","times_seen":6,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/tupian3s.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.303Z","timestamp":1782346860303,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian3s.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/tupian3s.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NiaYkF5MEXr1XudndY6xvWEy5UL8Cas%2BzHNBDLgpj9%2FIl6WyRWhG1wgAln2BFMydebvNneQobYpyoMRkotgPnlbrq9ACTr%2Bgxxusrgb%2BihVtDYBUoErmjb7ChmpAzgdYe0w%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf44ee07b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.840Z","timestamp":1782346856840,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.900Z","timestamp":1782346856900,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":12476,"size_decoded":4608,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12427)","md5":"1f47a8abf3794739dba5b15208f8876a","sha1":"b47b6cc4b0cce8b16c62e9c85bd54ee3eac10015","sha256":"4192a513dc0c49066ee2f6955e45b5b8b7570cabc2cd9f6b4d2e675c1442f7c1","sha512":"5887bb2faeae2eed698ca8fed05af2d50ecb8f61de9e8ac52365640a2095813bb538e44f84c123a8784b42825cfb87c72f0b605020a0bc9d8e25524095ee2fce","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHhc/7uN0VZG05w:NHSG+j/y2xa3bn72+0a0O","tlshash":"2b42c89c7e95ba30075b92b1a27ff30f6276605a640bc0a0b05ddcd1ac78d8d192bf79","first_seen":"2026-06-25T00:21:38.052581Z","last_seen":"2026-06-25T02:06:14.115556Z","times_seen":4,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20221011/16654833266095014.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.099Z","timestamp":1782346859099,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20221011/16654833266095014.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 123240\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"54f368e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OWWgHObSjD62w%2BiKw9CBJc%2FrHX1OwX19DxWD5fvxw4kf495bJFSl7eWEVcAB2NS1uzMY0Ibb1mJMg%2For28uhXiDZDjhQpG6Mv%2FvZgh9MzD%2B0eQu8JiTvCK3WXTz3gT6VZDU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d4632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":123240,"size_decoded":123983,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:10:11 18:15:04], baseline, precision 8, 800x600, components 3","md5":"9f983ca05ae4287d7f6418ff8d063a56","sha1":"099a66d8681542f7723f86ff5a4d547094bf93b9","sha256":"1003d9b374ea3148304315f3d63a15a3b851b59a775a4af86e80d1aa9f397776","sha512":"3303cc8066b1e1cbf2a342d3ebcf42292ac6461c9ac064097854dcb0f680ecb3942c344ab997ef723ffc6ab3cefa5fa913cd43b6fb182f8b7affc868c6706c17","ssdeep":"1536:hSAmJSAZuVOsbuh43tOryodMDicQwUxuj9vX2yZ+CMflaSUdQeXnUCNiS+I8ydpL:VmdMMW89vpwgmJ2IVMNdUCeXYGLdJD","tlshash":"57c3127fd765ee41c8e684b2e0cedfb09614cd129ae9b70032ad13a93b387752d69d40","first_seen":"2026-06-25T00:21:38.054676Z","last_seen":"2026-06-25T02:06:14.198548Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":859,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221926879367705.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.836Z","timestamp":1782346856836,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221926879367705.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221926879367705.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":479,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221976362063169.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.794Z","timestamp":1782346857794,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221976362063169.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221976362063169.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hy3hph1x7HYV6vEk2L01SwX%2FgxeX4XaTuWAg7Wr5XDnBf0%2Bo3KP3QOt%2BKEqa5BtOH1hvLZkuyDj5Lju9xq%2BZvf%2ByS6JqyX%2BYFDqJ4XMjw3tdUbSCN8rCxdfNtHiDl2GmDrY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5fb7b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1141,"timings":{"blocked":1135,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20220915/16632366072038724.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.897Z","timestamp":1782346858897,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220915/16632366072038724.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20220915/16632366072038724.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2B9vRhOXa9hOA%2Bs0SYGipV3jt9%2FjbqjveDrHS7KnJ8VQbMR9UHZvh2OyI3p7e546uMVQ1nD%2FtO1lkYPbpGt89H64lMcNnhVENNdGHKtiZI7cijZOEuq6iWnapGGQGf2tRdU%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c8fe2b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221960139209501.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.835Z","timestamp":1782346856835,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221960139209501.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221960139209501.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2865,"timings":{"blocked":2676,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/ny2.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.855Z","timestamp":1782346856855,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/ny2.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/ny2.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1097,"timings":{"blocked":897,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240328/17116010987454710.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.868Z","timestamp":1782346856868,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240328/17116010987454710.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240328/17116010987454710.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1610,"timings":{"blocked":1444,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg23.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.394Z","timestamp":1782346860394,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg23.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/png\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"beaa4e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TpCUHvJ6aAitygyPvo%2Bq74jicgtCXRK1LbgsxG%2BEBw5g96esUbnInMgI4arvunFiiULn3pqZDHZ1S3pDu9TmBr5bwnW7rXdYd0f39CcM0DRGLNhnkLCD49OP6NW9WsP%2BpSA%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 1313\r\ncf-ray: a10fcf457ef656bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1313,"size_decoded":2070,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"40a28b472d8410429c239dd8624ade47","sha1":"61186e57f3ce6320f6f24c5b29bd9536d34c0ecd","sha256":"e23632daa388ac7201763c6d340ea3a4e552887844b4095e30b1d65ea9945b36","sha512":"b754b23cae51de440b87efb80a688dc9272ba5fc6bb990b36ff49cb0ff1ff5a37dc7a4e349739bf91cbd10611befd6e1404934bc210fb5e0a6e09eea67f5f9b0","ssdeep":"","tlshash":"7721238c7dd6b981664dd84318ed90239a670d60cbd8ecaba4cbcc1a1df05b6141d5cb","first_seen":"2025-02-23T01:47:41.241542Z","last_seen":"2026-06-25T05:53:27.062415Z","times_seen":8,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240304/17095394956259123.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.092Z","timestamp":1782346859092,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240304/17095394956259123.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 151679\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"551682e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H%2FZC6Z%2FhwfQEcqRqQj%2BJs2rYXplmIhhZ45F%2FQ42VdxlGMcRu9xdCbdvH5n1oYp2Zsi9d2fejtYxEwlWR21nvv5%2FzPx6I8GQLCkB%2Fx7nZnme%2FgwAHkkaSqTWjIYXfjmaPVp0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d2e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151679,"size_decoded":152426,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:35:49], baseline, precision 8, 800x600, components 3","md5":"3840d713b977eed9da6dac34334e0f15","sha1":"9eccd70e002fd1f884e5c9aff5a3ccc298a489a9","sha256":"e4ebcd337813686ec102fb905799a4554746023d8f73ff0436740881729ee83f","sha512":"016191a47f9983d8afec5fa128c022cb0d2d9210eabe5f8ab78292e140979ada735d91d46627d2e8b8de33fd30a7ea6e424c42be956fa8812c9906139368fdd4","ssdeep":"3072:jcm/kqmpUfaAC7elnRDGiizaUCmumfiRHHGrJMLPqIDJwU:jc9qmpU9TFRDZtJtPFHGrSL1GU","tlshash":"0ae31362238aac22f4d071790596e7244b1a59d587574ad372adac9237f33f0fcadb03","first_seen":"2026-06-25T00:21:38.059118Z","last_seen":"2026-06-25T02:06:14.198059Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1447,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":855,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg36.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.251Z","timestamp":1782346859251,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg36.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1298\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"e87a6e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N66OwWuwrX5b2miSbsFo5OJpb9a%2BchWo5F9TUI%2Bkc%2BsMekP%2B2KyFDoimHa0hOXgRw009gLr8a2y%2F%2B%2BH%2FoCO%2FZTbFCbaJwY7SymC4vyaVF%2FDCBiuTLek9ruOcEGd5ZN3H1Fo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3e5ea432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1298,"size_decoded":2047,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ffb8eb6057f6913b2d7fc9ac70555af2","sha1":"15358c2e0d1491deebbff133eb8f147acb33fc68","sha256":"38c76850320f44a8226670ea3290948cd6f73f91d4fd0adaca5aff8222322f5a","sha512":"f9d6a728ffc15c5b0654ea8e92f75ecacd3e5e2d93c054ece1aa8dd6e6ccfa84531978dbe30f6f71ffdba6310f8ed78a815ad220ec0bb320dff3ae1d2fca1372","ssdeep":"","tlshash":"9021655ef7a1a480e5cdd65114f7402be9120c98daedb46b39cbc4f65a709f0641d1cf","first_seen":"2025-02-23T01:47:41.231626Z","last_seen":"2026-06-25T05:53:27.152506Z","times_seen":11,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg40.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.459Z","timestamp":1782346859459,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg40.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1035\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"fe477e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XhMY9fDupd2gwDrgjIejGy0YhkIQ2t57nczqYIvT12MduNSTnCGACsAWU7qWrLgwD%2BiaCI4vyh9qurxSSA1SgAvZufoQo04yz94PkAzG2idUjzYB2IOo%2BIDNdjbdjobls%2FQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3fc8a532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1035,"size_decoded":1770,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"a5f3c0be69c32c5a4f2fe53e6bc7ee39","sha1":"3cb92902fc7e9e4691b5344983d4bf6869c58845","sha256":"fe5d6b9ce3355e94ac9d736b876b75543a4b05d02ea1c36e873037156587e7af","sha512":"0d7865a482205cce1f6233af2e72a7f32a9909572b653c44cf3e2bd75d5a2394a4d2c112ea8f0c0648dafaf6fcd896bc7339864a9e5e1d2456dc97e69151b753","ssdeep":"","tlshash":"8011328cfec13c029a9d9d5620ea1027df23098085c0a825eecec60619741f65c6d9e7","first_seen":"2025-02-23T01:47:41.233282Z","last_seen":"2026-06-25T02:06:14.207624Z","times_seen":8,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":531,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg35.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.813Z","timestamp":1782346856813,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg35.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg35.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2330,"timings":{"blocked":2146,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.832Z","timestamp":1782346856832,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2685,"timings":{"blocked":2506,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240226/17089197165101438.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.639Z","timestamp":1782346858639,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240226/17089197165101438.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240226/17089197165101438.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M84za7ypuHj5v5iG%2FroGkjdg%2BWCmJ71PvRAEiJx2JTJ8bAM%2F69B7kTGx%2BL4H83BLXY5U9MOMKvpaNfgcfD5%2FrkUHoXLyg6mQ9LZMxQqqFavs0XpCpQKC5Z12grzMWCgC7wA%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7f3376ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":315,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240116/17053806235852491.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.874Z","timestamp":1782346856874,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240116/17053806235852491.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240116/17053806235852491.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1832,"timings":{"blocked":1669,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221977617947309.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.020Z","timestamp":1782346859020,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221977617947309.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 27021\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"4bcc5de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CSbgumwhwGayT6QdhtV3hbyKn4BTALMJCg5xDDoHqNzWDWataSFIuMZaoq7qcIDXv7XDhM%2Bo7D4S5PyDati1loWwcIItdhmS6KlstWx0I94CffhavV021eRypJ5pSg7Qsuo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cec6232fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27021,"size_decoded":27755,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"d37621c2bd8852045c98e1c133948f3f","sha1":"9a695491a35da1fce6909880ceca4f06fdfaa410","sha256":"40a0010f078596c9ecee10778f14c88c97bb679daa5629bea20e5b3bcd2589f4","sha512":"e79eda9f0ab32067586477ee4716be46a0ff4abcc1dae975f12f5d1d26ba118e7a71a55dd92ce8ee5b3d341a36df368cb70a6d95a81b6da50eee44e9213c0b45","ssdeep":"768:9Mi8ZORrwL1xWxwRKNA8R75UJ4VXIYYA1hNLkvK3fY:9rMO8hIxfK8RNUJ4dIPATNLfQ","tlshash":"72c2d1376b0828974eb41372bbae403fb6524f7c9075793ea17251b14668f18d40ecf8","first_seen":"2026-06-25T00:21:38.064676Z","last_seen":"2026-06-25T02:06:14.125821Z","times_seen":4,"resource_available":false,"data":null}},"time_used":831,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240219/17083171168191893.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.094Z","timestamp":1782346859094,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240219/17083171168191893.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 155321\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"b05381e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3FvHwuY3ZFpwXbXipeji8vOLLBQhRzmP6Dh4Wespn2Gw37%2Fs0VU8s%2FMzFe4azXp3hM9%2Bwv%2BHcqdhQ93lkUBs3dkHgFJVO99yEmUpkSyaM3Bvx4cHZxNFzqOhitevASjURiw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d3332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155321,"size_decoded":156062,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:35:19], baseline, precision 8, 800x600, components 3","md5":"2a6c4c0e67073f177a6e413f02494a60","sha1":"5d0f8c0edb4bc90780a1dcaf33d536498917aa51","sha256":"3b8d30b80471e0447e11297a3a981cce37d011c7b42ec28e477f1800b45efb17","sha512":"b1c45c6e01df662ba7644c65df9ae100624cca195e3af4c21a513cf8cddb4b0856fa46ff55fa5f49d3c6c9e69aad0d334bbc79a60960196c3b30baf8df05b8d6","ssdeep":"3072:ejejVqFhUxGsIMGcoeKVakBDc38GaGbfx05CIRq/NQS:444Fh0GsIMGmwVDc35jx05jRq/OS","tlshash":"e1e31228be8a0dd0d0d1de751042f6627626bce03bd32d52b96ef81a33565edf98430e","first_seen":"2026-06-25T00:21:38.06637Z","last_seen":"2026-06-25T02:06:14.152153Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":742,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg11.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.121Z","timestamp":1782346859121,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg11.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg11.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XLLM3mo8TE2cF2YKBXOamqwfMKp%2BIZ34oOV%2BaeweXIEWh3ZgE89wO4h8uUnT1RGZKJTzaORTdCjizPRj724GH%2FOFaz%2BXGcvXpQbvc066irWniDHwv8xBfh%2BHqowPFSQeGDs%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3d8857b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/6A2.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.420Z","timestamp":1782346860420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/6A2.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/png\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"b57a2de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F1yZ6CvJz%2Bhh%2Fl63IRKfoojSbs%2B78xU4YpcuUWWUWqmB1HQnN5DfDLm%2FfokXQLaC9TisQidQ3weJ93KMETjE7n%2F9eSgWtKJfA0MbZ73vbHKFZ95KQg%2F7BnviLu7subEsQWw%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 128827\r\ncf-ray: a10fcf45aeff56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128827,"size_decoded":129593,"mime_type":"image/png","magic":"PNG image data, 491 x 328, 8-bit/color RGB, non-interlaced","md5":"2fc75909ee548cb1afcd721bb3f1185b","sha1":"466d5113666a5b0353997f5154708bbf1db118e0","sha256":"326d1b17c7d7fca7268d068200028a3357d9cf5f1a08743c1093d18995d9318b","sha512":"c161adf5adbc098b0c9817ca2d8963d923b02a074745c9730dbb282e0efbce310d95f9c2b203b2ff8dcafb3f40dca3bbc50873ad6101406cc4f95314e3c1beca","ssdeep":"3072:5mTC/o50El5AdT8o8M8bqwgYMtzm4+Xy+yB1:5mTb72dAo8tbq3YMSyH","tlshash":"7ac312c01815fd3e65a38ecb93873fd02d489f850ec06cc81ba6c6a5e58a792ad7e711","first_seen":"2026-06-25T00:21:38.068135Z","last_seen":"2026-06-25T02:06:14.117165Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1075,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":798,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221964321312803.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.834Z","timestamp":1782346856834,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221964321312803.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221964321312803.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2874,"timings":{"blocked":2680,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240226/17089197165101438.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.871Z","timestamp":1782346856871,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240226/17089197165101438.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240226/17089197165101438.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1738,"timings":{"blocked":1542,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg9.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.888Z","timestamp":1782346856888,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg9.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg9.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2280,"timings":{"blocked":2110,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240123/17059818892785795.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.687Z","timestamp":1782346858687,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240123/17059818892785795.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240123/17059818892785795.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1zqyuTSlCOD4wz3afRIWwJI1mHtE3s0YPM3IXjuoN6aUJdLXgcxrGSSQcSfENI1QGjyhEvgzhXM8LmMik4sebIH5vVmIea%2FHDsjVIgSLMfLDgmi6Ew%2FbuI18LnZrJJVkUWo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fdab500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/ny2.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.050Z","timestamp":1782346859050,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/ny2.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38754\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"fbc791e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BPrZhp9Gu5Q9qquXb0qwiYetBqj75%2BFFdT0knQr7nvctkwzxwtrBLVsSZ4qPiAtn8w2etnyHrmGBB2roZWPZ6jHMHUVSvwaWhUS7p8BQ55nKDSQ7dd2mQGqCk1%2BUU9ToJb0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d1cc732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":38754,"size_decoded":39492,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x442, components 3","md5":"db81e6ac5bab2f9caeee012326b960b9","sha1":"3c437afe35134ff6a4628c4acaff90ad90fcaf0c","sha256":"9245346a651cf210faa12a0c05bfb2311c6a1b255f910909957af56dc1d98a0e","sha512":"2cc56bf19d4ef02ea3ef272e40b3747fa78edb387d1feb9865add4bc415a85ee8f240f16227c89ea897c8d9a860a346a93b43213090d003a0a6f0687c63cad02","ssdeep":"768:Y7Xuq7Q+cAy41Zt8Js94i9K8uey7wB2yRwUXBGEDnMTm+aRKI:YzuqEkxd8JsGeCfyqUXkEjkI","tlshash":"7f0302ff6803acb7f385a4bb5c56855425ce5679872bf82eb330da171237c8b280610e","first_seen":"2026-06-25T00:21:38.069904Z","last_seen":"2026-06-25T02:06:14.197502Z","times_seen":4,"resource_available":false,"data":null}},"time_used":767,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20220811/16602127089434858.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.106Z","timestamp":1782346859106,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20220811/16602127089434858.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 156160\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"38ec67e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L3Bj2SifBewazG6HPIabPQirX%2FC7bIWFENwhZnkzLRogppQ8ehEzG2w%2BYCAWPFRTjnNFBpz4sXwvT8VLGSIXzHqic%2BhfJ61dZNylw%2FJOUyzsIAsVqE76j2sDCjBxT0yDYm4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d5c32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156160,"size_decoded":156901,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:08:11 18:10:34], baseline, precision 8, 800x600, components 3","md5":"6c31302942604e57bbf2b75496a5916f","sha1":"338d1de26420f593f8e33bb27edabc57da6e1411","sha256":"e43df957a098aaaaf697fd521e35420dd176c4a3cd9692d0479adca1280195cc","sha512":"0b481cd605e1d92771f5cbea612cafeca558369660ce8af9a16fc23f444c67416bbf7156d99dee7a0b0d0ccc808756dbf54f75aa930d1bff3aad92b8a6f85c36","ssdeep":"3072:NnMETVDspU3pgHG1FVuiXtOBQYgu52K3JXYhtqvZX:NME26pMEOeju52KyhUv5","tlshash":"0de3f1566e71ef03f6e01c349311af9621047e3f27a60249f45eeb8b339259bb8af541","first_seen":"2026-06-25T00:21:38.071488Z","last_seen":"2026-06-25T02:06:14.114514Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":1057,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg38s.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.821Z","timestamp":1782346856821,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg38s.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg38s.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2507,"timings":{"blocked":2329,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221972736283293.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.829Z","timestamp":1782346856829,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221972736283293.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221972736283293.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2874,"timings":{"blocked":2665,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221976723684476.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.847Z","timestamp":1782346856847,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221976723684476.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221976723684476.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":876,"timings":{"blocked":671,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg21.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.083Z","timestamp":1782346859083,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg21.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1665\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"55784e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x394P5PrrqgICpsFjj%2Fs72JN1%2BX09iHelmZWiK%2FIOCSlNPLDWcaMXQ1REVsoeHvXRayFZHlS3xgLMD7w6%2FbnVdBJKtLJ0aXbUXiDxKFYW%2Bj7EUf6k5ToqouQStZ89qD6Oz4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d4d1132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1665,"size_decoded":2404,"mime_type":"image/png","magic":"PNG image data, 44 x 38, 8-bit/color RGBA, non-interlaced","md5":"7178ad05cce4e3737f6360d60c3a269e","sha1":"41d1980fdbe970c0ddedebb659027722e32d3ffd","sha256":"ad15854203a447c3e07a2bc925c6bde8ff35a093dc5293b9d5b4e7fd5474aca9","sha512":"bf7dbd9a8efe679c1ece7086a328217f463904c243b28a74fe8215fe3abe0bcb5e2381d15df820a55db79a0b3091ca1ee7cf0166e3fa93d505bb3cb5324bc931","ssdeep":"","tlshash":"f231868bad40fc025249e69214e79037c4210ac0cce9e674badbe86b75741f6542c1c7","first_seen":"2025-02-23T01:47:41.216616Z","last_seen":"2026-06-25T05:53:27.124555Z","times_seen":8,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":611,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20250522/17478814144233518.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.090Z","timestamp":1782346859090,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20250522/17478814144233518.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 30902\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"df7188e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a5uOfJOiuMpsSGnrUgtWLZcvp0QqjMPC12FFrFMRCZvQk1P6zYFavO4X7Fbb336fHWnH7oa5KTNSr6T5sl4vQyx7U6okEyVZR0tmzNkLTsUbpF%2FmimF6t7qMqYWiKL33QU4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d2332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30902,"size_decoded":31636,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"cac2b6637efa896d7ee33db39e5d4279","sha1":"f4667e59d3c09d707359449491885d919d12dd16","sha256":"0b36fad7de9d1826a97e912a6935220c2c680ccb2e14b69d32ef7507410ce04d","sha512":"55802679ed208c636f25654605da27c93b038269a44db1963ca5500ae0f97c28a51350c699bac59b72035e8200e6aceb1ee49ab310ab0fe135574d2d6eac7ddb","ssdeep":"768:93/WFMvUNG7+LrYeamjro1idGyeO23y42UnY2yywONvOMU:9GVG+L7QIeO4y4zlvwcDU","tlshash":"b3d2e1bdfaccb60cb5520254829e162f27f0362d5fa5617cb44931ba9368db80bc1df9","first_seen":"2026-06-25T00:21:38.074967Z","last_seen":"2026-06-25T02:06:14.123627Z","times_seen":4,"resource_available":false,"data":null}},"time_used":888,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":292,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20220915/16632366072038724.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.104Z","timestamp":1782346859104,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20220915/16632366072038724.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 112087\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"847b68e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Jn7BkLnCHljLomLgfV4i801O8A7tzxoQwU0I2VUuUlPrVuzumZNUVvuZI5EUjZ6qdyKFObVXg1zdv5gBoOdM%2FMFk%2ByLJozBuhQsluO12cKQqPg%2FTZX6prrODMHMK%2BEZ3Lw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d5332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":112087,"size_decoded":112828,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:09:15 18:09:48], baseline, precision 8, 800x600, components 3","md5":"546947547f97de6b58ec50361c2a84e2","sha1":"a244f2880344dd966d68c0a23976a259f152a189","sha256":"7059e734584eae37b85046d941681220ed04060c7c36ecb243231282d66d469f","sha512":"98bd04ff86bc13a618ebea0587179dd9b3549864909d620c45fbdd4a01134de99521a17d3a2367b8924d89c4891ba012b1687cb1f28665a7030da8c6270c6cc1","ssdeep":"3072:0RrqJW1q53chBo8Ar0MvYkbSGPI8xBuL0:0RrqQqpuAYkbSBWBuL0","tlshash":"56b3f1a52a682cd4f4f808374b51e0ac6f25ea4967532aa3be6c331877f0643657c627","first_seen":"2026-06-25T00:21:38.07728Z","last_seen":"2026-06-25T02:06:14.192262Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":824,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/tupian3.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.823Z","timestamp":1782346856823,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian3.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/tupian3.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2666,"timings":{"blocked":2478,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/tupian4s.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.826Z","timestamp":1782346856826,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian4s.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/tupian4s.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2680,"timings":{"blocked":2503,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20220510/16521776925460005.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.882Z","timestamp":1782346856882,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220510/16521776925460005.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20220510/16521776925460005.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2111,"timings":{"blocked":1922,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg10.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.886Z","timestamp":1782346856886,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg10.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg10.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2177,"timings":{"blocked":2019,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.010Z","timestamp":1782346859010,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 164200\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"d0b72fe55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d12NSQPET6K1xEyckCybNFx7MsLXF9kbLUHM%2BYvYC2TCqVW5rpmy9zP6daoG%2FfW1TcJOCycNq%2FWcTbUfDK3u1oYMEVRwerut6P%2F7l41bXWbFy9UuYrZctONy6pDMa3OfyLs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cdc4532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":164200,"size_decoded":164941,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"d2b04d28726b02968c8eac80884ad056","sha1":"75e18362c000aa6b5c14c74fdd69e6615587bf7c","sha256":"aa9f2c9a9efaffd2ac8ad7860290db81cfa4c18175372a3700c0c4a0d63278f7","sha512":"9df4dad32c7c4222084bd5c81c0fdbf06ebe7156e077f5be69b3aa96f15491a473de55993cfdf98438d9981560f6b3e84e794cc58daa770cb3afa2fad8c0fc75","ssdeep":"3072:wVaOVMCZ4adLAoIpAnFX99RBwYWhBUPHq7/D1f2mYR:oVxZ4E8oyAn9dBgnUPKp2DR","tlshash":"90f3be11c19a3b26fe953578b7909b77a250273f20aeb91c7c2d5483bbb416e750f0ca","first_seen":"2026-06-25T00:21:38.079594Z","last_seen":"2026-06-25T02:06:14.124622Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":953,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20250606/17491825812671537.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.089Z","timestamp":1782346859089,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20250606/17491825812671537.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29736\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"7e189e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AfRH209%2Fzyvk2faGkKfCCAcEU%2B5UUU6gc0fGTdERb6T6JgP1UX1mQ8TfDJX174%2F%2BTjyT9rxbfCT6akjPZ26BKxynva%2BC11dW00izEEaLJ1IQHUu80d5b3SqWQrf4Z9zDWto%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d4d2032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29736,"size_decoded":30477,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"b60c583f5c97814c2d3b0fda3a4586db","sha1":"fefb2b049b26196456c971722f29a40d531a9875","sha256":"d4e5e6332d715c97346e9177eb144c22415e2fd5a41d7556b04845d7fc36d412","sha512":"10bf04d3ebe6f05a47542bc063afafdb32c258dd3d692846d751714f61ab2a6cde7a9d9759bd9d1e1b9bfb0819e54d34bc12728692f964f5f463e3ce0b3e9e8e","ssdeep":"384:9MfVjxUg/eQJx4VczSykYG+OleypYnTlNBg2j5xwO2SfYpqgBvCMojif:9CjSKXJyVMU+djB/j5y2GrvCS","tlshash":"70d27a278d48cf472620d3e9bf534e2d67476b0d289576fe006a0ecf2f50a215eda06e","first_seen":"2026-06-25T00:21:38.081906Z","last_seen":"2026-06-25T02:06:14.125267Z","times_seen":4,"resource_available":false,"data":null}},"time_used":891,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":599,"receive":292,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240123/17059818892785795.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.096Z","timestamp":1782346859096,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240123/17059818892785795.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 169142\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"7eba80e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qHJbL8%2BmonAgr%2BB8kKeMhfB9qW2g55xxSG2FyYbCxw1YAtQZAAEVdHvoOODce%2FCfzW9slM8gWJVrORgWpfhJstnNpgAF8S1eGlt8GaGSE7521hmovAZBP4qtOgyoE6a4F%2BM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d3b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":169142,"size_decoded":169883,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:35:05], baseline, precision 8, 800x600, components 3","md5":"d58203f92b284183037815541bbad92d","sha1":"2c9affacd311889a41737e63a63e5d5fa32dcf8c","sha256":"f42a2313c80cdc356fc444ff5d149d4266e5ec0814986ec63123b15fe7442c91","sha512":"c8df6581e0e1599a2f7b5adb59d1f641dd80971fc56def69a447e4984a73ab8b4390a91967824d5ff0e79d59f26043f6244bab9767cc6a259894ea0e2b8ec421","ssdeep":"3072:ND7ybSTuc8gjFe0tOSdb6WLV8j6B++Kd3VcrUiQxS0/r17WLGbh:IijjFd+Waw983VuUiQP/roLGbh","tlshash":"62f30224a97a9b82ece168379388c911c3354ec8a30776e3fcbc62d97f5dd44847196b","first_seen":"2026-06-25T00:21:38.083986Z","last_seen":"2026-06-25T02:06:14.144937Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":764,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20250606/17491825812671537.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.866Z","timestamp":1782346856866,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20250606/17491825812671537.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20250606/17491825812671537.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1543,"timings":{"blocked":1335,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg20.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.369Z","timestamp":1782346858369,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg20.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg20.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NnqhJyn2RNUL7%2F35UN9Jr%2BDz3w3vQlqtnpZAtPz5nD%2B8Yd2yWCJd9%2Bkzg%2Fg6ToGhmqLpZcHVpUPj8tVlzZ%2FjuMcXhi2kpL43WODzhwJ842FD3oebEkuw9zehUBy7q1sU4ro%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6f1a76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":580,"timings":{"blocked":576,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20221107/16678152115753889.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.105Z","timestamp":1782346859105,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20221107/16678152115753889.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 151036\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"df4f69e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Es368xp3grCgJQeRAYs7xCoS%2Fo%2BYCYfYtWl8LECDnIRJlN5CqPhHutWxWW3Gwm4NR1glr8QHt4ic1q11l%2BoQ3KGyw7W52bmw8am7UbGeAVjaMBVaYz9NQd5R3yxgBYHUOCs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d5632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151036,"size_decoded":151775,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:11:07 17:51:50], progressive, precision 8, 800x600, components 3","md5":"265a3bc1c1bdb857dda2fab95bd90520","sha1":"dde1667e401bae1d2ba183312e770b334c74df46","sha256":"b4268e4d5fb1294165544b58bdb374886c5055d5716021473bb99b749c289d64","sha512":"c62781fb23124d03f79309aa54ef85bf0abebfc22fd10400dcd1d190ad443f203b1186cea6cc301bda62aedfd3a998510fdeecfb32ed00257f024ac4d3c613cb","ssdeep":"3072:IcWRcWi3nRSFzRD4JmlAQfq9VMh/evoT3izqOGjtt+s9AXN5+OvGQ:Ijg3R2zRDamaQfcM/eg3jttf90NQO3","tlshash":"73e312492681fd64cef0127a31aa9cc73b055ed388b39e41f86ef28fb7f2b492444594","first_seen":"2026-06-25T00:21:38.086212Z","last_seen":"2026-06-25T02:06:14.152775Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":912,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.390Z","timestamp":1782346857390,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IslB%2B7LXGEiZkXmKB%2B9SEMhfX5F8I0mh3bA1d12pnUceCLYIthBGufV01ps1ncc3%2Bc7gq5LvXGEtq%2F7BVM1Ppub8NTymuoFUBmeXcsC1ldIY1zAsImEj4kUfDbzlOnonoI8%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c2f9db500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1534,"timings":{"blocked":-1,"dns":1513,"connect":2,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221977004590299.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.587Z","timestamp":1782346857587,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221977004590299.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221977004590299.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6UzXvHv7lcstcSP0IQun%2B5kosD8kbRctbn%2BjvwGNc%2FipVvRe8rPUdvyRG74eQf1gCJIQDtKVjw%2B5Woj7Tz6rY5ENItvps4%2FLWdJtGbpPQuVQ6LH80N6kBmxvKr1t%2F%2FTTN0s%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4fadb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1347,"timings":{"blocked":1338,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221955922550824.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.839Z","timestamp":1782346856839,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221955922550824.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221955922550824.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":477,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221975925112150.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.849Z","timestamp":1782346856849,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221975925112150.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221975925112150.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":880,"timings":{"blocked":676,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221975255231077.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.393Z","timestamp":1782346857393,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221975255231077.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221975255231077.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ai4XQ6yV5Vf7N2SALAqtgg73k8FOPdoF01BvdeSAQlz049jx0A7%2BOPISgSQpLIsBkSYPnscodwv1hjPOtz9X0D0DlO6HbODMzukrBRTve%2FS0ztbFCAAvLbJQHUrNsm8A6Bo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c2f9cb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1531,"timings":{"blocked":0,"dns":1510,"connect":2,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221976723684476.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.021Z","timestamp":1782346859021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221976723684476.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32770\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"4bcc5de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T%2FeaMA%2BeSruwEkDOaTdfvA1o9iWUwYIuPnXIh2OJuZs%2B9hq96yg9lmOcX1eGKHHFkeVGhkEr6f5gJWXGfGk3%2BmhtAGL39M7NoTSlvyuPHEGckz0Y8puRxF9yvg3f5%2BqPRLM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cec6532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32770,"size_decoded":33512,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"13d21957cbaa7e9600a1692596504e9c","sha1":"1df3445dc34e94252a225d3272a068911ce52a98","sha256":"af08d7dea2335ff648b7fe09a123cc72d70d24555d16e3a22d5bb640dc73545a","sha512":"e8de69f2f13844a6036d458449c943611ecb591d276ed4b196ab6f3710ad950f3da9cf768c57d499b8bbf6df4517ce74c7328aa9c5adc3b9c310e5d89fc77226","ssdeep":"768:9IfjyZ8RTwv2y8QuJ97nDNWszXlH0RAG2:95ETwv+QuJNxh","tlshash":"32e24807ad4ccb06516502e9bc871e6d3a4b6b8c6ec2a2bf00124ecf6c75ab51cde55f","first_seen":"2026-06-25T00:21:38.088608Z","last_seen":"2026-06-25T02:06:14.160901Z","times_seen":4,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":262,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg37.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.224Z","timestamp":1782346859224,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg37.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg37.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b96a%2F367D1pjEjYt3PyJW7Pokq41CibiWGw10tkoO%2F0B7G6ERoKCxyp%2BATybYB8f3733ncsWRBkhp0kWHAQ3LQbe0RZ2jMGjpLrQCZSDfFAUvcXG2Dhj19WZePrHZECTLAk%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3e29ce76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221975255231077.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.838Z","timestamp":1782346856838,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221975255231077.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221975255231077.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":494,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221978011046796.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.998Z","timestamp":1782346857998,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221978011046796.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221978011046796.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O5UmKpjGwhxZF5bYnvHr5juTN%2BXZtlEaMHJPpKYCqSzSp2ZoMZI05Ak0TAkQYt4Mw5mAjtp40KXwhcoOlky2y%2Fblj1STEUIHCjDTmps8RXzZy%2BpLQJVWsIai%2FXIsGb0lhKE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5fbcb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":940,"timings":{"blocked":935,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg38.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.425Z","timestamp":1782346859425,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg38.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg38.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vgBDbpU%2BlhZYUuW9ZdcCGfYh9CKU8L4rlDEbjLpdLMWEgv%2BVnkgA12zpcfjq%2B8gi3KTKQiAzqRe1AAwhTpeA48m6rBaX54BIbJVQQzR7%2F6LwaDN%2F15SdUJVe3OWQzNgd3oc%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3f6a06b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.831Z","timestamp":1782346856831,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2868,"timings":{"blocked":2663,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221931596415815.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.274Z","timestamp":1782346858274,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221931596415815.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221931596415815.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OSIwm9GH3BeVapO3grF9vafE6bO4X6soblljK3PxjoRygDOLnyv9ATmaW178plCIcW%2F7sd1m%2Bc1YurPMhX07KfxexvwRn92TpQY%2F%2Fzrl9scssIhYquXTOtD3mgCmSFrICC0%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fc7b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":670,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.012Z","timestamp":1782346859012,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 170026\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"716fa1e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0PniSklf10QYIvFZXwOnX%2FGf1fOGnjf1c9YLbw5m347pqpvRV24nqfVaYl7nMwmiHkRAAGByxfCXU%2FTcEU2FA7kB2ICSN3v0lzMTUWYftRMs0bbN9IQ%2B0hMm1u1vlU%2B%2F4Q8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cdc4b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":170026,"size_decoded":170769,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"d09b2a5180ea462d8be2e6d67e34264e","sha1":"8dbed690218cbeaef3a28ac1c2e1a1cedd843778","sha256":"46e0640f4b99d2a504e2026b50ff01744e6c8d95c42864b90bf93b372a2fdde6","sha512":"667266c6480322189f9e3e87a48c95958fa3a5a97f35a4a052e953a86b6d88d6fd6ac8ca120897c913a79c32adbc85a9b35c34ae48d14cc30fb0a708d6afff32","ssdeep":"3072:jdJk/Z0jYNlzi1tRUXoacGMf+thzzxv5gI8/WukJgEINQmbrz5b:jdu/T7zi1tyXRx5xdxgdefJgEITzp","tlshash":"04f39d55d1eb7f65ff597978b354ab63a212233f62aea41c7c5d00827ba0029b50f0ce","first_seen":"2026-06-25T00:21:38.090256Z","last_seen":"2026-06-25T02:06:14.192779Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":875,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/tupian5.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.819Z","timestamp":1782346856819,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian5.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/tupian5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2479,"timings":{"blocked":2289,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221975925112150.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.777Z","timestamp":1782346857777,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221975925112150.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221975925112150.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=toISVfFuFezC4CbuSJHi%2FGzYzn8YsoViditL7vUYJEPEe9fsTqE%2B0LTEwq9dMTCGcTFhn8Nm8VVhj1C9MkdvUgCbB8wKfryylxJ%2FvVjNhd7rwlq8KpRUY8%2FuObLF05uXqps%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4ef676ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1154,"timings":{"blocked":1149,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/1A1R.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.045Z","timestamp":1782346859045,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/1A1R.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 138381\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"1f3d2ae55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HV7wjJJqRi4Ut5v0t3tk8rz8FBbMuU%2FDIa0F%2B0bOY6OBPHMyrOiQWL7rhp%2BZ2MOfE0%2BKES0Yzxj%2BQ%2BVl3kTzqiHxtYnB%2BdFK%2F3SJtQI9EiG6%2F3%2FeScbtdu8aFce11j6dFHw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d0cb432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":138381,"size_decoded":139133,"mime_type":"image/png","magic":"PNG image data, 524 x 365, 8-bit/color RGB, non-interlaced","md5":"ea4a62dab2058f4b139a076c0b4dd2b0","sha1":"b4d594d901e6a25753203efe19313f4779fc10b8","sha256":"6048bb30e529ea67fb1b8aebae3d63e21e5dda9022ff933575f72d313f99a111","sha512":"addbf01e29776464b316bb422ec4416f5df38280f140c7976ef21c7e7ab4a78abb5fca5f6a5faa0d106ec93671b015e8ac182b09c780714641ce465c3cfa33d1","ssdeep":"3072:FaXddCWXtijqIMNAtGbkUvHyFr6YgmwADHM1AuCzXwpPa1+U:A/NXtijrTQbJvH2xwADMCnXwpSn","tlshash":"c6d312c4d7200ab8d8ca0a8762d548dbdcd277dd6ceab909492cebe2bd1279ec557c04","first_seen":"2026-06-25T00:21:38.092015Z","last_seen":"2026-06-25T02:06:14.16144Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1450,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":862,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221978011046796.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.049Z","timestamp":1782346859049,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221978011046796.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38938\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"4bcc5de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vYEodVuy%2BMJt3syAod0awmek5a7LdM22NpBVaULNFtkhyo96N6oNIRLrSfVOTU8UQvC2pcFfGTYEJNAOoAsuUqmX1j29FPi0ihuakCc%2FeVcUaQ59WgNJ5N4XujNUloFWHUk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d1cc432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38938,"size_decoded":39674,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"109a3b72538b06672581da28ebc5e3ad","sha1":"b09db3a42825616d50e7cc36c873a09d12add9d0","sha256":"1269f045273707a45c1c56078c9ff1ec348d9af3011763cfc9138d75146f1e88","sha512":"412e63630660804e1de8951fe0aebe9a01ba8809fb69516fc65929b6f14193ce91a77d7cf1a3f946824986af01c00f6f3b1589c62dd3f3427d056f604f04abba","ssdeep":"768:99uhNfwVyNqW+19D1DUgCNJbVnkzQsfnHxPCQ0FZpTvpDAgFSR0:9UhNfwVZ1T8Nnn4fx6ljvpD9Fe0","tlshash":"9f032753dd2c5683a26843fdbd031ebc6e592a0dedd62aff04724ec66d20a361c5e11e","first_seen":"2026-06-25T00:21:38.093672Z","last_seen":"2026-06-25T02:06:14.1515Z","times_seen":4,"resource_available":false,"data":null}},"time_used":853,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.389Z","timestamp":1782346857389,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=759vVWDTNIjkkbU9T0dZklhXcQMzTfLJDNq1DgtrzgW7HmNeU1%2BtfUsB%2BIUtjhA6EJMym%2BeFooTmVAvNbnf%2FmvMTjR33Fp2LCmZLUXchv7EtzoNaKTTPtlEpGA%2BZhYsiW44%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c2ec676ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1530,"timings":{"blocked":-1,"dns":1514,"connect":2,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221926879367705.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.997Z","timestamp":1782346858997,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221926879367705.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29692\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"41aa49e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kgn0nAGaCAxxlkgM2bMPIF2fLwRY576AxF5ZPLWrqyMLn98Kp9Tz%2BYprWEulOMTTI%2F2WRHwxtvUvkZCNmV6Rn4o3k%2BHrark1%2BwhzjM4w0viXqYDdZuJb2iTM3opOZvOXKLE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cbc2932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29692,"size_decoded":30432,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"65de9ccde1da9ac19dbc189e9550cc08","sha1":"341dc993482ae822d055b429e3875e625a63a2bb","sha256":"4125255037f896c07488e7c9d5366daf571126b5f4c4d58bddb88c5519a0f769","sha512":"eba43f6bc6acb47dbe494655522987e00aca51692a8997b6d5c4f137d07aeab246020d5c15729385b6c56be5e55b983c8a76843067099d467ff1bff0369d5354","ssdeep":"768:9UC6YmBD7z6CoHcytIgHTPOmAviS4XhHJWXpRgbI:9U5vtmPqmqiPXhHw3cI","tlshash":"afd2e10b250afd636b147ffd864e363f0ab0ea0d17797975a30129819478c21ff79688","first_seen":"2026-06-25T00:21:38.095112Z","last_seen":"2026-06-25T02:06:14.172145Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":246,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg36.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.815Z","timestamp":1782346856815,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg36.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg36.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2343,"timings":{"blocked":2185,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg23.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.315Z","timestamp":1782346860315,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg23.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg23.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pU9JltjQqonnnIPwuqT3%2Frd0U2Sr78oGkyDVw8iDUE4kMRf2odiTDWFk1GWCTnQ5ex3YpQojqF3HFtTUrI81BGJc7%2FDvnxG32A9dQJVHaOFdgeyRjWMCjhObRVk27XrJGJE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf44fe11b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221973209868681.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.388Z","timestamp":1782346860388,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221973209868681.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"362b5ce55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y%2Be0meoVIu21D5IExrT51pEsrzw9uWcHls5pVS982tQlz1c5wk2BjflHNTCFyv%2BT6sjEfBZN%2FUqjB2707BicOQ7ZQ%2BD%2FK8GhOCwGz5TorJ%2B6TCVM1i7XIWN%2B%2BvUNamveGXc%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 30290\r\ncf-ray: a10fcf457ef356bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30290,"size_decoded":31060,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"66d2521a8b9d7964f1bf87686d88764e","sha1":"384614ad4fd59745b5240a0956c951cb9e84aeb4","sha256":"cbab1df4086b0f9740109d2cd9724d9089eeff28b691ffc68746c63b7c3a2d7a","sha512":"5fd6755e5f251df499759a40fa1ece666fdcc0d152cc39c70ca2753a28c918beb716d63cb77b6ac7389f53b7b35f525355ba7568b53584335cadbe67751d3613","ssdeep":"768:9sVaJH514nZMlHfUgk6lutOKW9INjpfJsgpq6EmNfumvgydVL7Fa:9sVgH51M0UMKW6dpKg1uCVLpa","tlshash":"89d2f14183482a001fb796facde00e274c73aa15f4f03d3e19a255783a1ae7479f570c","first_seen":"2026-06-25T00:21:38.098587Z","last_seen":"2026-06-25T02:06:14.176672Z","times_seen":4,"resource_available":false,"data":null}},"time_used":835,"timings":{"blocked":-1,"dns":6,"connect":0,"send":0,"wait":562,"receive":267,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.837Z","timestamp":1782346856837,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221962672990964.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.038Z","timestamp":1782346858038,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221962672990964.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221962672990964.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VfCeieQ1VRn%2BscSEMZg6%2Fb0cgeBKKUF57l7SgH95ZltCbT2ruGQdsmAF%2FycueWf4dfJLEYglKpqki7HPrEudop3RvLKgUhpkZCGvPTaWfp6mWwBEhGjKFkUX3tjNtLmDjQM%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5fbeb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":903,"timings":{"blocked":898,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg36.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.239Z","timestamp":1782346859239,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg36.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg36.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GtFj9SO5CSgaJKFwraEzvv3yCl1CzwJFUFpNTaPL828lVTV2crm4hrUbMS9Tghxc7FiUqFHof%2Br8Q618DSyC5tnwLERB8H7nKJn7lfSNtB9nbiJxkHYvrtkYB2NUbBd0HKw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3e38e7b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.409Z","timestamp":1782346860409,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"5d8297e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qvklD%2FBGviAUwRkgVeE57lzy0gU%2Bh76Wkdo5m%2BQ3os%2BdTh%2F0su0sTh%2FGQULB4bO89DUBE3btf4OfOYJ9iKftxCvXLqABwVL9EP7hMAEK0c5EmfbJFRq9cjVFco6EcMQ00yQ%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 170189\r\ncf-ray: a10fcf459efa56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":170189,"size_decoded":170956,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"288037c17abf708dbc61ea211bcea68e","sha1":"461b27653bf44e13664f7518575d6005a2b4000a","sha256":"46998575b6a951da0b1e3bbc01a65b2ef53b53fcbedd131818990cbb7a08dc2e","sha512":"ca9a404dd3e64767e84820787f511ce3b2a3cd34221d83f071c8bcf7089f5225944c5425023f69a4f114bd8dc1cd05ecbacab88845fe53caec57188ab875c8ff","ssdeep":"3072:Tk/Zsm/N8I3SiQtH17LJj1WXaCGq4/nRbYLQppGL1qlb:I/9/N6iKvhcZGbPRkwpGI","tlshash":"def3ae25d59a7b71fe8935bca7509b67b240233f50eea41c7c2d648277f402ab60f18e","first_seen":"2026-06-25T00:21:38.10161Z","last_seen":"2026-06-25T02:06:14.203263Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1642,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":1083,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221973209868681.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.828Z","timestamp":1782346856828,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221973209868681.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221973209868681.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2663,"timings":{"blocked":2478,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20230209/16759389714833234.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.874Z","timestamp":1782346856874,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20230209/16759389714833234.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20230209/16759389714833234.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1860,"timings":{"blocked":1697,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221977374849027.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.585Z","timestamp":1782346857585,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221977374849027.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221977374849027.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K%2F7jXpoYSWAY36pC%2FdpQTYFSiNTSRbmNVGfcmhcXHBugbYdiavRobvZKpHuRvlSuSar%2BHlHhKaSVZxlsOJdN5B4%2BdIFczRpKMUBQdVeVlWeVdMUb6KBYI8DnZsj5ZZwF%2BvE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4facb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1345,"timings":{"blocked":1339,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221961468009794.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.064Z","timestamp":1782346859064,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221961468009794.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21527\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"62a957e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=taxnaq02J4lULSufzZ5kVtXmjsNoQCHAwMJToKZK7HXdDehVwS4DN%2BPsnD5kJEsev%2BUaf9hDnh8oyu3ROIaZgQ44QvJySX3oL21Xbd8jqCreICT73B768JnzyFCkUDE14Eg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d2ce932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21527,"size_decoded":22263,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 558x375, components 3","md5":"fe96c53bcf3ee3de43a7e1e1f3b75da4","sha1":"5b5e641ec039ffa6c1beee18de2915e8e23d6bdf","sha256":"454ad594e70e01b9aef5781c52f2ba33225725f7a77292502bcfa45ea15d060f","sha512":"10f467d5448943d548147fbd53ac637fdfdf745025ae1f6f02a5fb850bbbd852025b8654b3819f9b3953abacfef9666022a24b69f6ef0da4aca53344c89a59d7","ssdeep":"384:CZgo16Palb0Mcz0N8RiCo4c8Hg2Gtthfhc68JNsXkRnw/Za0z/dDqHdKwTc5AsOq:CZQIb0MEg8R4n2GV66sKqw/kGV0dbmAi","tlshash":"80a2e1f2c3316420f9bc8b328ede41b7a708c5527cb7bc2b1cd7d791521a86955c1676","first_seen":"2026-06-25T00:21:38.103932Z","last_seen":"2026-06-25T02:06:14.126437Z","times_seen":4,"resource_available":false,"data":null}},"time_used":846,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/tupian5.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.416Z","timestamp":1782346859416,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian5.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/tupian5.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0z%2F8%2Fnyu9mxj%2BFC5dfAMBmuRByYxBtGtUnKQrjw81%2FfF4pFTdM1cnAfwnrORz3fpbLikLu2TUbqBcY45dNg7AZqBaIhE3fleGYF9k%2BnnFcCL8sEnE2WkXRzBhuP%2Fg2iElfg%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3f59fdb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.850Z","timestamp":1782346856850,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":897,"timings":{"blocked":678,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221962027604811.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.858Z","timestamp":1782346856858,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221962027604811.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221962027604811.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1278,"timings":{"blocked":1088,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221961468009794.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.860Z","timestamp":1782346856860,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221961468009794.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221961468009794.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1320,"timings":{"blocked":1106,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20250522/17478814144233518.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.867Z","timestamp":1782346856867,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20250522/17478814144233518.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20250522/17478814144233518.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1578,"timings":{"blocked":1374,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/1A1R.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.814Z","timestamp":1782346857814,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/1A1R.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/1A1R.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fTSiiS3NOb8Nao8bR7diqrRa6yzv5YQK%2BaIMjj9vGkBV%2Brul89Xm1KNe6OskwebpS3vX8XvaW9i7znl2K6ih5lQo1bi93Ce5ydhuZZvGlg8CVkF22WmzgXHh8MMmcltk%2BQE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5fb8b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1123,"timings":{"blocked":1115,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/ny2.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.002Z","timestamp":1782346858002,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/ny2.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/ny2.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sFz0uX0TR7CbhAorb3gbv9R1Oyds7aYDldtTRbVr8cMlghf7tFv1sLFDdOPup0%2FR5po%2BNpnm2vueqBw1UIMX%2BGH9piXIU%2F6ERnQ2QLMf8fJDK6J2ysS%2B7bbtHgtiMWh%2FXrs%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5f0b76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":938,"timings":{"blocked":934,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.047Z","timestamp":1782346859047,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E5%88%87%E5%89%B2%E7%89%87.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32919\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"b35b93e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=USe0F6KaYbAAPidD4clV7xkbu7%2Fyf%2FP6EEwfUgoOC8yjLGb6rlnQ%2BbfP1LaEYAfTOyr2YnjR8en74UzqMxSVR3Vq2mcIiorQOl3vlF8u21GQzbdFppfnW8z5o6Al%2B7kNiG8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d0cbe32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32919,"size_decoded":33659,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x400, components 3","md5":"41068d8489e54298f47eb1f4268ba6ba","sha1":"b0bf45a7206372ca04ae0c55b71e50a04e990e93","sha256":"7177dd56fe74061248ecb238c59de6862cf4d9767ea675981346568de7c6e4fe","sha512":"adfa2f664a2ee2e104af5624e06cbb6be735e0f0f9df3ef0e8bf02df7b827045380d3eadd6e2192e5fce8f6fc727fccb0db3e85f5f15ab0df44652e98256f8f2","ssdeep":"768:rwvWh9uuC03neFIlQFoO8tVroXaWEL+pvxsn37NpxZ:rwy9ueXeFIl0kiaDL93xZ","tlshash":"45e2d060fccc62872364656eac2eee7254cf98fd8152d8167b8d5cd2cbc11cb52a0ab5","first_seen":"2026-06-25T00:21:38.105474Z","last_seen":"2026-06-25T02:06:14.203829Z","times_seen":4,"resource_available":false,"data":null}},"time_used":834,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.837Z","timestamp":1782346856837,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/CBN/1A1-CBN%E7%A0%82%E8%BD%AE%E4%BE%A7.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":478,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221977374849027.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.845Z","timestamp":1782346856845,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221977374849027.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221977374849027.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":486,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221977004590299.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.846Z","timestamp":1782346856846,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221977004590299.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221977004590299.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":686,"timings":{"blocked":494,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/1A1R.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.851Z","timestamp":1782346856851,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/1A1R.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/1A1R.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":915,"timings":{"blocked":685,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20230107/16730854759655958.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.875Z","timestamp":1782346856875,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20230107/16730854759655958.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20230107/16730854759655958.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1922,"timings":{"blocked":1737,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20220811/16602127089434858.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.880Z","timestamp":1782346856880,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220811/16602127089434858.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20220811/16602127089434858.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2019,"timings":{"blocked":1860,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/ny1.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.052Z","timestamp":1782346858052,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/ny1.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/ny1.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=23hXeL1jPRj40o1BXItCVNIhoe2Ik6fG9rlm2fSYp%2BF39grxM3bpafDJCAdTNb%2FEe1e3dgBzp95mSdOxhigLcibjUx%2Fjs2mnRaNkFtqQHNh%2BobtXyiiwDQiZh2Xx6EDg9y0%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fc1b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":891,"timings":{"blocked":886,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20250522/17478814144233518.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.477Z","timestamp":1782346858477,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20250522/17478814144233518.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20250522/17478814144233518.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3g%2Fq%2FtKdbzjbqSir4mpQI9SbgFcVRhIOD8OCTlLHNR8TI2Y9l5oHkSrLq3gu9QvssqRLg%2BLzKpgAeQvRUblMFVmnouN3H0xM5ZRKRC7CtjQ28VVBS2CQT8pUx8jOp2bBteA%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fd2b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":478,"timings":{"blocked":472,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20221011/16654833266095014.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.844Z","timestamp":1782346858844,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20221011/16654833266095014.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20221011/16654833266095014.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DdvQICQl82S4poOiDoJRkaz3MSP5ZyzNe2MnVm%2BFv3sNXgBvXBv9uz2tEIZsd7SR3J%2FoBQE8elbXY9vrddqnjqV%2FOegOEHaZHUshLAFPXxSox6k3Zn2bJgZ66CmUQeMmEws%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7f4176ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221931596415815.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.072Z","timestamp":1782346859072,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221931596415815.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23623\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"18a24de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bsV5aS3gMO82LJ10dbsxnyKPOkfMInQx3Zj6zO4vnaEl2aBc3HcvOHndXmmagYiITJvwCtKTGkwNW3cMCywNfT%2Bql4o%2Bwg8G5Ov1gLQS5k4FbZGiFOQcW4nScS7xhGm01rM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d3cf832fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":23623,"size_decoded":24359,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"09d609c99295cae2445ef885257b89be","sha1":"8261640fe787313993c5a7de9acb6481cb4cf4d8","sha256":"e07a0497b25884921f4de1532c049926247dcfb20c37d2bbe309019bf3d9a9c8","sha512":"ce60500d5a038b1e7a8ddeecf829e1728b4bc865c6e1fa49fa151d5222d065145f2be173502f24750e2401b15da9a18a3e116cfb152b01f1aff409967b1a6f2c","ssdeep":"384:9RdFQsGwq547kfmF9289ONF7kQmFvbIKKcQ0npMNifZBmwjeaDvG:9RsLKkfmbX9qklyKKc/iNifZBNKaDvG","tlshash":"e2b2164b9c09df0b9600c3d9bf432da96b07970dad963afc40691ccf9f64a605cc90ae","first_seen":"2026-06-25T00:21:38.106966Z","last_seen":"2026-06-25T02:06:14.133371Z","times_seen":4,"resource_available":false,"data":null}},"time_used":873,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":285,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20230107/16730854759655958.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.100Z","timestamp":1782346859100,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20230107/16730854759655958.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 149431\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"8d96ae55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FZA4cTGDOlj5PbzltiEIUblNwYydcXmmwxdRcqOwJ6G9AGqAKzZxPoa8y%2FqXJ95txIijrs5gv0cOslfYl0%2FDa5iQPa5wwCdithpxENTOP1yHbMMjZSYV8n20mdEZPX6s1gM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d4932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":149431,"size_decoded":150169,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2023:01:07 16:15:11], progressive, precision 8, 800x600, components 3","md5":"0eb86f2cc668fd6f7b6b2fda59f2f9f5","sha1":"7870d755945cf41fd7d35be4c6bbc089631c650e","sha256":"acd2065f30d8d7f7276c627e377b62cd5a95e7aa303ae68fbf3efcd15c9517d3","sha512":"311ba7ab214f1b682e6d3a09cb70aae6bf1f6798b4558832af7467f7854bfee109823fa170dfcd6940c2bf4ee680fdd41cb99cd4ad1e813b81158bca4dcd67a2","ssdeep":"3072:VLJLLZCUrrP7yywgmU+p1fV0tzwR8QhAwaxJ+PZzcQ4pbSglSLvJ:VLJLLnXwgUTeDxkBMSl1","tlshash":"ebe31259e3c09d96ecda9a3b8cc27ad7ed86ea35551322e73c4c40017b6bcba188d351","first_seen":"2026-06-25T00:21:38.10876Z","last_seen":"2026-06-25T02:06:14.153353Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":757,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg21.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.865Z","timestamp":1782346856865,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg21.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg21.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1536,"timings":{"blocked":1319,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240304/17095394956259123.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.870Z","timestamp":1782346856870,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240304/17095394956259123.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240304/17095394956259123.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1738,"timings":{"blocked":1535,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/ny3.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.053Z","timestamp":1782346859053,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/ny3.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32084\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"e9f391e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=131cCj9Mt3hhDbw5MDLpPTUCyQKbsZBvX3fXGJ83WCUET31SYUnYXJN%2B%2FWej%2FZ1A5H%2FaMxlNtMjJQzCCG8VgPXN2%2BuGlPzNYNtJaXPMnnwYIfvpzH5KDyK%2BpKArYXb0P%2Fsk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d1cd032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32084,"size_decoded":32830,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 598x444, components 3","md5":"f42019455c31eb8f23dbbc3523cfeccf","sha1":"402bd5b37dc75b004fec802f55e4f0c2356ef8e0","sha256":"0df3954db661d37b551b6cb22d30f6174fb175e7924e073a59ece79c43ded725","sha512":"d5d9f329ba1bf56130dc29dce6ff4ab0c350d14009907d355fe119056fb6200f81afb3c7e1c16738aa4682c77382f052bcd4f763a95747afb544b0f315bb2393","ssdeep":"768:gPGnt5wKU6eNrMmxnO+HOB6noJOsGto80MpaQwWvSU7A:gPGn3FUn9HOSOMoJ8o80MIv","tlshash":"57e2f16ab7d7c880d838fcb73985443eb3c22225bf5451bd8857b81686c039957797f2","first_seen":"2026-06-25T00:21:38.11055Z","last_seen":"2026-06-25T02:06:14.122582Z","times_seen":4,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":278,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg20.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.073Z","timestamp":1782346859073,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg20.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1896\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"32704e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eIwUq8tC%2BB4pHRAkZnYMxwMsNQQbvbQ7qpkYojjIThUdTGHxrT86pW0S8K4MWQ2ojyKQUIzlwA7D2PQnFWB8hvSJ6PGKUN2JUbsUJEXNYf3ypO%2BNqg9l2EhRvGF66fzQpSk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d3cfc32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1896,"size_decoded":2629,"mime_type":"image/png","magic":"PNG image data, 50 x 38, 8-bit/color RGBA, non-interlaced","md5":"c4ec33e6ea22ac220d5c0a7b054c185c","sha1":"d21f2a268ebaca742a2519d31c2294a81971462f","sha256":"d478610d1ac04d66eb46b19dca251c1020a8667d91034c2f9f50b8e32d4ff72c","sha512":"a75879bbfedfea1bb7f57036a360438e1835b9c2c7a744566fd5d0739b6fe227a3d3dd433874807503075a247d86d341931d7174f8f2156092b5bf964744cb5e","ssdeep":"","tlshash":"fc41a6ceafc15060e4dde1a524e2412ad9231cd56ce8b294b9ced8095f331f49d0dac6","first_seen":"2025-02-23T01:47:41.215849Z","last_seen":"2026-06-25T05:53:26.941451Z","times_seen":9,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240226/17089197165101438.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.093Z","timestamp":1782346859093,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240226/17089197165101438.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 162461\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"fb881e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VImyBfDkNIjX7DLrD9mVFvf4axMmNt3PVlqRBUGixbs1puPXazXmiUNpGj1vwluWkUFDjOD8bLpOxgGi7y1W196vLaZ%2B3vTtOMoc%2BZfGMYHaYVleyF0O2tgYfnjxSe%2B9p1E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d5d3132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":162461,"size_decoded":163199,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:35:34], baseline, precision 8, 800x600, components 3","md5":"31dbac50ffb7beab8086023798261a52","sha1":"ff57c1e86fbeb9f2036e6703ba3a70c6b89ca039","sha256":"5c3efd6c861855f3bef92db99d3a6a8aa1af903849af11305a87f6a318daac69","sha512":"b27b62eb8f0e15477e311ba1660adc6bcb8c6c1efef222156714d05ba02425bc1aa239c13ba73aa8e6d8418cc2e78edfe3465467854fa8f40eb240884a9d14b7","ssdeep":"3072:+Zm5HLaZaipZb4ljbr0A9+fbb6B9E33+5H7r6QAO7BvSiZl3LpCB+:+Z4Aai/8XoJfmE3OFh5/VpCY","tlshash":"88f302a566961ba3ebf6f47a11c5c0c56324eba0837323453caeb2853b39d815e34377","first_seen":"2026-06-25T00:21:38.113624Z","last_seen":"2026-06-25T02:06:14.191256Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1653,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":1092,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20230209/16759389714833234.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.101Z","timestamp":1782346859101,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20230209/16759389714833234.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 120208\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"2e7e6ae55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LmEctE6y1VMx2QS4b%2BcmQaPyXABg7M2J%2FelFfO%2Foguw8Qd0eQ5vggd%2FLfe34X3EPyxOJy1knnjiSLyYyLcvz1U%2BJtIYNr1xHTop0%2F6uQGZ37oOoBoEBKVVLFp18ltpssTIE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d5032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120208,"size_decoded":120953,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2023:02:09 18:34:47], progressive, precision 8, 800x600, components 3","md5":"3ed75cb9fab475942c4377dd2c5f555d","sha1":"a474a4abd6ad2fa49e40fc3121d6e068e8f14df6","sha256":"8d0fbf6f1ad40fd7d4c8dccd1b79e9c733b20ea353160fbedb45c0fd553cc5e3","sha512":"08d70e7c8bca604102fe3d0c08a5d9b7767738617095131007bc5f9782e413dd8da49cdc4c6d030149488cb736ce0a3ee06763639e079e8c824c4b9590fbc6b7","ssdeep":"3072:Dwk1wkfudgmzP1KbhBjnsk9tJU3iv4erDfv3:dHwr1gjnl9LU3wlv3","tlshash":"c0c30233eb58fc43f6d27870a864cf5ad6207a3056236a66b91e13067f716d4ba1cf42","first_seen":"2026-06-25T00:21:38.115174Z","last_seen":"2026-06-25T02:06:14.172749Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":835,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/email.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.182Z","timestamp":1782346859182,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/email.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/email.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7yPdCeW3NQTEqBrbKvBco266GGJoLTzptNsH1o2yFGiPJrT00WKAFmX%2FsQeG9YH7kM%2BRszmV%2FLFT6RBmF8ZcehaQ56fXHiGSheP0FGGG4fOfonkOeLhTyWiB8fYOe%2FqLqIo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3de94776ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/tupian3s.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.390Z","timestamp":1782346860390,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/tupian3s.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"d5210e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:01 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kHJEQ0ykKo%2FenVkLo42JjO5%2FDy%2FqEydzq4oRgOTTicdm%2BUFrJGNgRCwQ7LcIPlt6GnANXfF2dm41hu7%2Bbuy8sDHyAjSG3T71wPetA%2BuFcxSbq%2F46xH7sSJkdKFmqk%2B86N74%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 1771\r\ncf-ray: a10fcf457ef456bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1771,"size_decoded":2539,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 39x39, components 3","md5":"8bdba94d1301ffdc8898884eeab96c2b","sha1":"4656351c0114b1176b689d5c479528bcbe5020bd","sha256":"561c418d32c8a6d90b8e781d642daf1af15296bea52eaf92aa7e803e2b8a8274","sha512":"032815bde7bb8f145877d3ca112e2c09761651d17abac13c6cd679c0d555c7fa1b95d2515ce8da44be44540fb3cc25605577fe2cc299ce20d932a8f9587537ca","ssdeep":"","tlshash":"54316648ae635c90eb0cdd7500f6d00b79019fc8f583e4267896c8a6d9b55e2152c5eb","first_seen":"2025-02-23T01:47:41.239469Z","last_seen":"2026-06-25T02:06:14.190053Z","times_seen":8,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":651,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg37.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.237Z","timestamp":1782346859237,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg37.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 989\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"20ab6e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E5gEOLbwQl2OxOzOb8IEuvI2aD0fRJnyT7OlxmfFaZACaVshfLU5s%2F0S2hLQytb14%2F%2BN1Knh7Y6d6PzGuaTg5oUbKjXq9kHQyubpWQ8O485C8LSGY7kMUuEED%2BT36dkVNU8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3e5ea132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":989,"size_decoded":1725,"mime_type":"image/png","magic":"PNG image data, 39 x 31, 8-bit/color RGBA, non-interlaced","md5":"dd694467ef4d6a4b2f1d6ab620f6dcff","sha1":"5840dd023c6e7012d3caf9030fc7d435d3693a42","sha256":"61e870e9742de4baef6987ea2b6359db9f18e216f2fee9f8c079a9c8df2521da","sha512":"7c105ce0d8f42d97f663ee2fe70672f43555c7ac4f92d8dc8d6956d7a9747ca1a80c981620a3610d6df87b30039820e332dbb345c378bd86ae8453a8886534b7","ssdeep":"","tlshash":"d1113e8ef982ec419288e68235e38027da2a8840c6d8f46775cbc8462c724f6446dcea","first_seen":"2025-02-23T01:47:41.230901Z","last_seen":"2026-06-25T05:53:26.939023Z","times_seen":10,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-25T00:20:56.157Z","timestamp":1782346856157,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:56 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:1.8.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49277,"size_decoded":11494,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (841)","md5":"647620ce76f3bf8ee0182a34dd754016","sha1":"3f62bbdece8cfc78ba00657a7769ba4034ba0af3","sha256":"f0cf6035f61eca2bc25a31f506d7be240cd1f759c992567330c6e6b523e0a99a","sha512":"b6d373868c56aef28275c6fbafa61247dcb91113e4722b407def02e9ba9a730853c0bffe4b2b6cab450e094bde693ecc25499bfc6c2100ae563a3d5446daa3d9","ssdeep":"768:d1gjrUCw3YracZhPK4MF3ZzE+aea5Jlcd:d1gjrUC+ce3ZzE+aea5Jlcd","tlshash":"4423122184a1a1b72a2300d4b1f75f3ff0d1da2aee63590673f997ee87d0dd5c922861","first_seen":"2026-06-25T00:21:38.11976Z","last_seen":"2026-06-25T02:06:14.144232Z","times_seen":4,"resource_available":true,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":4,"connect":144,"send":0,"wait":301,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.830Z","timestamp":1782346856830,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2873,"timings":{"blocked":2663,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20221011/16654833266095014.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.878Z","timestamp":1782346856878,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20221011/16654833266095014.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20221011/16654833266095014.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1945,"timings":{"blocked":1785,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20230107/16730854759655958.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.822Z","timestamp":1782346858822,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20230107/16730854759655958.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20230107/16730854759655958.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cuDk36GcHWvvCodthlLQdolU4wzWmXJaCaSfzQsKwwe5r2lizRfplnxUCCqeG6GNCUO4xwvFU0arh88bzKbu5WCNaJDyPzv5V3Nru8n%2FSfT2btWUMUSiwqkITueYqF2uq%2F4%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fddb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":134,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221977004590299.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.035Z","timestamp":1782346859035,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221977004590299.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 31198\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"4bcc5de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CES8yMssDUGJJKJc0R97VIoz2MySB4TpYPRdeg64yal5B61g5Rad4pcWIpRKvaiE0sgdeQuvXUiHt6KS7J4TOiUlxCaxbfhLQXS3k%2FrVeThJmOq02GE3dCBt0amHU7PsUD4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cfc9332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":31198,"size_decoded":31932,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"7e3c23402c2dc199f875d531f82a955c","sha1":"f23947e45cb52de28e0c2175de4cac5443d55b7f","sha256":"e12eb1aa14808aa17b39ab9fedfc90cd6bd844b55c4ab1ab8571efd6bf183e36","sha512":"ad020799f6496d42703758bb80c5ee11b61da98478e33cdf92c47b2ed8337e2609049ed05348b4676dd6d0dee146f6461841c9fb773031c559217e7fe2525c91","ssdeep":"768:9wcYGQr59RldO9k9rJ5GOmGYhOOOOOOOqS7IwhnqsgiQQQQE6QQQQC:9Slr59zQASlOOOOOOOq0dqsnQQQQE6Qp","tlshash":"e1e26c47a8498f83e257d3d83f535c4dab0abb4c79a275fc05532ee72e10a29dc9841d","first_seen":"2026-06-25T00:21:38.121342Z","last_seen":"2026-06-25T02:06:14.202751Z","times_seen":4,"resource_available":false,"data":null}},"time_used":898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":293,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20220610/16548558762688154.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.133Z","timestamp":1782346859133,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20220610/16548558762688154.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 125006\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"43da66e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g83SQ76hILzF7aBNzCQhixtMc6n759nfJn33Q6hxTPMJKcOl9l7HdVMu5nIumh2HMvCFEVhJr0SPT%2BDVjk5ADMbB0dThjBLtvwh5x3crYiMj3k57UdZwU4LoTVkfIB3oR7E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d9d9b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":125006,"size_decoded":125741,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:06:10 18:10:31], baseline, precision 8, 800x600, components 3","md5":"e28af2af9c521ca221a4c9a853c67b8a","sha1":"7aa7431927a2eacb6e955f10251e558d6bcbb184","sha256":"0226828fccdf556f3b37824ae25a73ed63fd4005c1d62ff415b23207682b892d","sha512":"86a43369181a9d1ab78ac3638f16648ede304f8a92ada54e8fec1cb54bc2ee4a8ba8f925cbffa8c2a7e3b02edd0351fe637319545c2705688bbf67108e00d2c9","ssdeep":"3072:Cmo7u3LaI2or5ArVNvVYBIedVLu8Ie5auadCvTrP8H:8UQoarvVYB59u8Ie5kAbrkH","tlshash":"4cc3121927888eb0e5c25e36a24de251fa7164c431f38759b51c30da7f7bb9b1e183a3","first_seen":"2026-06-25T00:21:38.122742Z","last_seen":"2026-06-25T02:06:14.155279Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":776,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.899Z","timestamp":1782346856899,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1234,"size_decoded":910,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1233)","md5":"9e6ec940287c12e7413293df41cead2c","sha1":"3c89e53d757abe85eed143dbf9b51648e6be82ba","sha256":"c8c626beb3c798ce107301f6014538b25c828c2f7b695f4e3a150b6f40af39a8","sha512":"204476beabd44cc589faf9eac7d8c861d4b44fedaf7130a1594db62dfd87a9282a404e4928f796fca0933537f2e09a20a7a83302128c3ea079152d3c5fd7ff35","ssdeep":"","tlshash":"e321d5743a18107e22660133e56f66cee1f13715fd17e450408ad89566e4fe5063fedd","first_seen":"2023-10-26T05:29:55Z","last_seen":"2026-06-25T02:06:14.157844Z","times_seen":17,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240321/17109955861655713.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.568Z","timestamp":1782346858568,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240321/17109955861655713.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240321/17109955861655713.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zE3FLVqOSFJfmwFVGVmhgFv%2F1tUIODvCiQgjaHrz7ama0YCk2X1TbgPkibrhxfCnSx5m4BFoj%2FwYtkn7zhE%2BzcSOCLc3oGrhfZ5vroDAFVxvBlrm4woC5QT3ZyN4Kz2sERM%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7f2876ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":381,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221955922550824.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.928Z","timestamp":1782346858928,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221955922550824.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"ea3756e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:06 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5mYXjZbCBXoYdgZYshkynqM5aIwKLQ5J3pcQRSOYKbse%2FXkqisDr6Wl7H%2BdeR10Xg5t%2FFtIPECszrPm0fPXFqikZL0pegDPD3wA2XV6oCfd3kz9nRnzWdPC87rLdMKTJuMU%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 32002\r\ncf-ray: a10fcf64ffe456bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":32002,"size_decoded":32762,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"7ea0c6134aa042abd38267f8f9743624","sha1":"3865184a7100da96581bdcedc86bdb7b61ca09d2","sha256":"86e75d342ab385d0b1df10d66a95367ff5b47de3c6da0ee53402bbdef3317a08","sha512":"1706e47b13d083d0e8dfef2e9a90bbd8c523ea2b7f514af03de089ead44be5acf3a59bf2fe2aff505e4f15fb819cd33f2d9f475d0737056afaa9f66cb0579ee7","ssdeep":"768:9rjP3xAHy9UBjylj+KY0qqEj0YpCfLk+Wh8MjdEf1aiOLIY6NKnm:9rjPhASuB5KYDjWf5ul6f1aiWlm","tlshash":"14e2e08dd5c3d5e647f6afe0e21cc2891b02bcf29037b1b42de599284946d345eecd8a","first_seen":"2026-06-25T00:21:38.125689Z","last_seen":"2026-06-25T02:06:14.19531Z","times_seen":4,"resource_available":false,"data":null}},"time_used":7378,"timings":{"blocked":-1,"dns":0,"connect":3,"send":0,"wait":591,"receive":280,"ssl":6504},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20220416/16501062528954619.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.117Z","timestamp":1782346859117,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220416/16501062528954619.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20220416/16501062528954619.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rU9GaqjmNF3FkFjYgtWthTD3uVoW5VZhKiok8qdLXgnOwsS3zAutspd5PJ5nscXlPWD6HlN7%2BWUsPJmspVXd0vbA%2BgH3nre7ui3cP8XXqF4akui0kR62XU4SSoHf%2BYs0MSk%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3d784db500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221973209868681.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.301Z","timestamp":1782346860301,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221973209868681.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221973209868681.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cz3ZifLKP9xIOsSjNMJDu%2Bw5x3SKnUxkqaQEfaa8nOom%2BjYoeOgvd21wTRVK0PQR2YChcrN0do1G6tHhkgT4gbuEAOhhtBb8d33EGkOiltiQ9%2BLFdZz8WwLKSRjQsqmb%2Bxo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf44ec5f76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg21.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.433Z","timestamp":1782346858433,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg21.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg21.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aw38z2NmNfGCLY1Lbxw36CyKESMm%2BiyxZIgtD2MLu9gIRuDIO9bCHEZBhqCo2a7UZ6ea3BOreDb%2BUYFSNGSFVtWhlCrpwny%2Br9UkX3R3e5N0lSJXesO1vtUXj25Llq5e3qs%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fcbb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":513,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20221203/16700624678486601.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.101Z","timestamp":1782346859101,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20221203/16700624678486601.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 117262\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"37ab69e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PAPA8p%2F5J9nsiYiREFK0mviiHCPCea4TTFAWFv5Hn2uBbiMHy2M9H4trLfbRBhWKu%2FRawpSLeiT5vsIQp4j9hK4BVxnG78oyGN36lu0TCLpdCYlJeE6sj%2BLcl6keqYFGCo8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d6d4b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117262,"size_decoded":118001,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:12:03 18:13:15], progressive, precision 8, 800x600, components 3","md5":"d69036135884226d540ec32dc54fe6f4","sha1":"36ea5bfd1360d071aab85efca4c3ce5d6b76718c","sha256":"1bbcfd0c273ae498d9d382ed9fc8f7f82d0228d981239e8e21ea243a2dfcf07b","sha512":"15c01dee016a83b0678c1a3109a095cea77cfe05976364458eaf79e6287eafd618a4084d9e1a4a21cdde0ed2a6010a59cde1fcbc34d68f36c18db8852dc5bea0","ssdeep":"1536:Vy+IN5EWvTJqrG295H2OB1tsEa3IL0w2ADMR1nyfENiT5YZqw3lYOoLKsvagUZKP:Vy56W7Jk514D3IoTAigEYG0oIeaUsP","tlshash":"bdb30232a657cda1efd396722c4ad2e7b1d15eee0443269dfa4c6491b3f42f08c22953","first_seen":"2026-06-25T00:21:38.127067Z","last_seen":"2026-06-25T02:06:14.193342Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1448,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":860,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg22.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.076Z","timestamp":1782346859076,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg22.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1641\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"beaa4e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jW%2FlmlNDdduAgtHCkp0H43MP2wSvKFIYE3%2FKXMQzkh1ayQ3Q1HFoLweJKVUcFY%2FpvVWvkqVhWulVrpCG%2FPy%2B9GxVgZ8rY1b%2FRb72HKuOkqNX7%2F1BQ9Hpf8q%2F4fO1KeuU9q8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d3d0132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1641,"size_decoded":2386,"mime_type":"image/png","magic":"PNG image data, 52 x 38, 8-bit/color RGBA, non-interlaced","md5":"655e56b9c3019e4e349a9e8cb2eb11f4","sha1":"a72b5dab8f523a1fcc0f843d58868cce8c077cb0","sha256":"7b82a1fa690f4d66639879f81a3ae9f3f3631e533c7a9e9dd285356b6d83268d","sha512":"4c23181ffe2c1ee495472726fda54278b26f159c707c7768bb30ddc57d8c058c170a7c2497b772d3b0681a7a0f68422704d67170785c687da43f6bf137b2ff30","ssdeep":"","tlshash":"e631c8a8fea19c41a58ad41320e9142f9a330880ade0fa7bf9dec45625f61f6405d3d7","first_seen":"2025-02-23T01:47:41.217263Z","last_seen":"2026-06-25T05:53:26.857987Z","times_seen":9,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/ny3.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.854Z","timestamp":1782346856854,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/ny3.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/ny3.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1106,"timings":{"blocked":897,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221962672990964.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.857Z","timestamp":1782346856857,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221962672990964.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221962672990964.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1142,"timings":{"blocked":916,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/email.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.887Z","timestamp":1782346856887,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/email.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/email.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2278,"timings":{"blocked":2109,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221962027604811.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.175Z","timestamp":1782346858175,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221962027604811.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221962027604811.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yZ61k%2BMboGLrEe0pTiZXXbE68THAWcae0W6GszC4DVWRAfeiC0kuOMcYL5OlwNwYZuBJudkryfS7Nzy%2F3bBxaUZm15MP6ziyXV%2BDrNhkVJIUC3IYZL8EvGWlN3%2FLEkMpCuA%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fc3b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":764,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/tupian5.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.457Z","timestamp":1782346859457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/tupian5.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68225\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"9cb910e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2BXVYJ8SLLwL6xPujAkg1PWeY6DoqvaowvxxxIu%2F1SQYkMNLXd8rJ%2FDP3ReYpuN%2BMog0GB72sbOxDgJbcKEB7sF7Kcm8L7h%2BFdQM%2FiMnV9qOgqJdQ%2FAOiURTwggPB%2FpqgSM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3fc8a432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68225,"size_decoded":68973,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2019:10:19 18:08:08], progressive, precision 8, 460x307, components 3","md5":"44709fd3bb5726c211ddc621153ff2c2","sha1":"f792edee8f06319bb5cfe8a3dd4be1e484a741ab","sha256":"db045b4c1bf0be39c6fb3659d93334a4d1b85e53664d6bd7d8e9f6036d054882","sha512":"31f385520863e285b3165ef96b29de185b53927053633dbe16c3ee8f023369834133d87075e0a9fc9e16432760dc45b788b3538e30acc4bbf1a7f56418882f49","ssdeep":"1536:r4RHo76nhRHo76n/+yOnDD1DvEmQbHI1m7K4o2clxYlDm1H:cRHo76nhRHo76nyamXItCYA1H","tlshash":"d263e16a7b588e40f1dba131cce6f68983165ebea6936727bd8c6100ff311251c0d366","first_seen":"2026-06-25T00:21:38.129845Z","last_seen":"2026-06-25T02:06:14.173368Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":551,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/tupian3.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.307Z","timestamp":1782346860307,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian3.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/tupian3.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SDxYXs6elMGFA8FdbzNbBBH0ckvCu%2BI%2F2AQUQt99B4etriTDIBRvH%2B%2B5Im5ew%2BQuCrFDr6RJgCoYSmeES0xiCjG5ZlSfqT0w3R6qJVfhx5ls1SsCvp2vL2jYjJn8tUwmvjA%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf44ee0bb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/tupian3.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.392Z","timestamp":1782346860392,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/tupian3.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"9c1e10e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fo1Z9oXOX0AcX0tM2M%2B25dYSgC%2B2iJlQLT5yZLiRZK8Q%2FWUjy7rbhWnAkEKfqOwkKFWk652M2N8Tthwk6Ax2sZYQs9M5v6Gz60o9RffOW4BfrCEfYEiE9qe1ODEUodqtYTE%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 1401\r\ncf-ray: a10fcf457ef556bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1401,"size_decoded":2160,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 39x39, components 3","md5":"dea93b3e31352ed4cc24d6de7d42bd46","sha1":"3735f399b81723744da5a158cb99656d5fef49d8","sha256":"5bf4f947cdc00b051dfb8dc82e12b85171fd968fce9c5216da386a82f6ba79a8","sha512":"6681981527d943c205c8a71733d31fed83caa0c760057c1ed8adb217c107609c1e66962dfd83d914cbf82cf7d38263a046c50013cb1764e4785b2a9d69335a2e","ssdeep":"","tlshash":"5f219569ef63a840d588dc3018f340274f560b84d8cba226b9e9c81ac4621fa5a09ece","first_seen":"2025-02-23T01:47:41.234097Z","last_seen":"2026-06-25T05:53:26.834063Z","times_seen":10,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/font-awesome.min.css","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.738Z","timestamp":1782346856738,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/font-awesome.min.css HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:56 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":27164,"size_decoded":6377,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"7bb27db7abd4e3c367b2dc333f895076","sha1":"d191f30d4053972765442829c8407053d0d8eed7","sha256":"62d6ef8d1e5b84f6f56666ee04a6285745653312b1d57b74a675e061d641966b","sha512":"3a7d17dc387bbfb317fa5b9991b8c3d398fba04bf744d374cc76926126c311d00e1af677aa4076ccd7656774645620c2661760b571ccec182b4bd9a20665a17e","ssdeep":"384:+mtR8mCTrTWJOIAGrOkTGI+6xPGNtAx5eyz:BtR1WSJOIAGSkTp5wtM5Fz","tlshash":"0bc20caced4f39d247d1e4857f84aba0673ab73d9d904c9de102392ce2d26b912c43d9","first_seen":"2026-06-25T00:21:38.132784Z","last_seen":"2026-06-25T02:06:14.175594Z","times_seen":4,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":168,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg19.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.079Z","timestamp":1782346859079,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg19.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1360\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"7ef4e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xY%2Frww6%2BbzZHSBypJgiHtETsPHnU%2FJFk6KB2jToywhjVPMu6EYz%2B01HiwE0EavuUEDxduiDkV3P9rI0fScepv4O5gU2hOWku1lRM8GTMihksGXeEQGOER3qBXJOODQjS6KU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d4d0e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1360,"size_decoded":2096,"mime_type":"image/png","magic":"PNG image data, 33 x 38, 8-bit/color RGBA, non-interlaced","md5":"1a5cc3cdba9c500c953a1d1cded468d5","sha1":"1b62aa51dd971f73389808140b563ba252807d9b","sha256":"5d88686604aa1a08de8b1df17a295a8465c0c3fa64f2c317f5f0d4109c85a72d","sha512":"3dc8c1b53a506d82eb6cdf0c30c3ff269051bd12e561eac4546c810f3a1be3e4673fb9588569648885d79512c65afe2bc9a0d87ce3adb2b8a672fd725cc9b31e","ssdeep":"","tlshash":"422186dffa40a4017549d88204f2d9279a227880d5e5a819bcced9065ff40f2081e2db","first_seen":"2025-02-23T01:47:41.214357Z","last_seen":"2026-06-25T05:53:26.836488Z","times_seen":9,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20220510/16521776925460005.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.116Z","timestamp":1782346859116,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220510/16521776925460005.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20220510/16521776925460005.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QDks3OYt4KmyKyAFbwAy0tPP92dZW2v5ysCNu8CXscLDfmz3nUb07ZQ3aO0nKaR5GlMtYDfmm9%2F%2FX1FqnI6625IVdZB2utY7dWIccHb9y5dUF0nlI%2BSivvCcqxURvfUgtsY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3d78a076ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/hmh.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.843Z","timestamp":1782346856843,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/hmh.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/hmh.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":671,"timings":{"blocked":478,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/hmh.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.567Z","timestamp":1782346857567,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/hmh.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/hmh.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Elsum%2F3MVR4Xy7dIeW%2Bipb4dZJHzhVykXRuaO332qYw4yv9WskHTQn1vF7MlA2e%2F25NUAkzKH%2Bv3zQ9s1T%2ByPY62VBFJwh0oCdqj1C07v7cuYGpqk43RQg83LXDJWZ4PKng%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4eec76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1355,"timings":{"blocked":1350,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg22.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.390Z","timestamp":1782346858390,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg22.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg22.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vQtVqlFJFsEvtva660iluFhMFUXxLJdRH3WsYCF8fQbuTCkN%2B3wx2sFVD8EJlgd2cn%2BZEQZa7vBOkDyT3beElXlzlnI10NM%2B8H5Brv0izMnuxYSAKxM5UV6AaQ6EWWm%2Bimc%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6f1c76ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":555,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.842Z","timestamp":1782346856842,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":477,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg20.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.864Z","timestamp":1782346856864,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg20.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg20.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1472,"timings":{"blocked":1278,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20220416/16501062528954619.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.135Z","timestamp":1782346859135,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20220416/16501062528954619.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 125704\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"37e66e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zlpr5JFrHJV6j2t6DM9NveLqcXjoMXgR74Ydu4tCelC6TGMGkj1eD997B7oh%2FAUrAb%2F7WC0BDNIpUQe5W5BMI74RgG35EFI4CSn5L5rprPrnbcYtb%2FZ%2Bu2f8glqz9qR3yik%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d9d9f32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":125704,"size_decoded":126444,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:04:16 18:50:33], baseline, precision 8, 800x600, components 3","md5":"9f33a92df1c0783d763aad9bebc3d143","sha1":"f2b832b9edc149233adec65438564d8a0b7136ad","sha256":"e97faae58e0f2b7c6ee92c6095d766ba0d340064a58c89f09115c29bcdc0d7b4","sha512":"b24d272d6e9f800778ee7131bf611e9847d6c1816b35197fa22f32a47456e088723f1e476766be4ef915d3cc4a172f557f758d956210763237f6509feb7a1d91","ssdeep":"3072:BjAtBvKxRSM6x7D+LnBsFr1BzuZ4UJXKMkNsmZE:BDSdH+LBI1BzuZ4UJXdkNRE","tlshash":"92c31271a3d63e01e2d752b85bd2c8decbb0b055c8636342fb8d127a3ba11662b1d246","first_seen":"2026-06-25T00:21:38.135287Z","last_seen":"2026-06-25T02:06:14.131124Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":742,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg40.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.419Z","timestamp":1782346859419,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg40.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg40.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mGpJirLv2%2B2pKBYK3ZOqVZtZC8LOEX9MzZUL2QUPnryZzrIHuLmjR77wPNoDo4xlKr1%2FIrJOWoFtLaYzsqcmVYDHBkb6rstml7HuQI6WH%2Finad94F0ty4GvilvzCjHdtN4w%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3f6a00b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20220915/16632366072038724.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.879Z","timestamp":1782346856879,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220915/16632366072038724.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20220915/16632366072038724.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1996,"timings":{"blocked":1832,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221961104625318.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.233Z","timestamp":1782346858233,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221961104625318.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221961104625318.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hhgjtxwq3wBkugFgUfTg8PDRX2FiosfVz%2F23oCix%2BcTE9llIbCjvRdN35GUnrOU4s6vnrXqJL6p0kQjssatPjIs5KL8z0ZSD%2BuqftYrkQgKSF%2BjCjBwmIJIsx6b8jnEADLU%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fc5b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":714,"timings":{"blocked":708,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20220510/16521776925460005.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.130Z","timestamp":1782346859130,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20220510/16521776925460005.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 128104\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"1a7e66e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TnPehsn%2F7%2Bq5plrc7jglnZNJfDmh9Oh97Sxi78WmcxK9Sziy5mpVFC9akQigSV%2F%2Fnb%2B%2Fv8uDQ29gKn2ksuKlMud%2Bg%2Fb%2BSXfFJlEKbLQqfHsHzAPp3GMIaDlfBlJX%2ByUggdI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d9d9532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128104,"size_decoded":128857,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:05:10 18:14:13], progressive, precision 8, 800x600, components 3","md5":"60d1232a7753b0d9b63ff9cdfb15d398","sha1":"cb6fbcf5bff65d05ae003eb523b8beabc5233210","sha256":"b31186a34eb8fe114f4501eddad74bc0dfb155415ca730330f894f26b57dae69","sha512":"65a94878d40a1f787428d6b7096ddca1601e16d86ffd4d409e530a3a5d3c95ca0aa69b3f9a60f20c8c6193486aade0b1f29f59136a0bed6f61bf761d825ae886","ssdeep":"3072:s1RzejEGZ9GMqJsUgkr1zj7Q3m4+YedQjAgb3qZ:s1Rzejz9GLNzSx6QjAgWZ","tlshash":"fec31221a70b5e51f6e82e398265c7889517c9e09cb35d82fc9c20cfb7ffa458e0d856","first_seen":"2026-06-25T00:21:38.136582Z","last_seen":"2026-06-25T02:06:14.15592Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":711,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/jquery.min.js","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.721Z","timestamp":1782346856721,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 686\r\nLast-Modified: Sat, 14 Jun 2025 05:06:28 GMT\r\nConnection: keep-alive\r\nETag: \"684d0354-2ae\"\r\nExpires: Thu, 25 Jun 2026 01:20:56 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":686,"size_decoded":999,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (685)","md5":"9c2bd3932347b979088dbf6dae4d88ba","sha1":"f4f172ec0213bd6009fb99de8fd3e6348587321d","sha256":"7e6f89c96ec9e8c1613749f5e12ad565a9b20319442deb3c6fa8044dced6ff58","sha512":"afbfa8694d01caed6ac7811215fb4b9a4059c747b2f513eb57fc6598b6c8dfe40805316c3abf16ed9fe7eb6ded4e10b5df8177d022e4d6eedb63039a7dcebb35","ssdeep":"","tlshash":"210181d8d7c4d88b7ecc2c53e909decb25b2823b96d53283832cfe8c049a151d49c048","first_seen":"2023-03-10T19:50:01Z","last_seen":"2026-06-26T01:06:18.863295Z","times_seen":251,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":150,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/qq.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.901Z","timestamp":1782346856901,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/qq.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/qq.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2283,"timings":{"blocked":2114,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.816Z","timestamp":1782346857816,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZrnTOdfrU3X%2B2etJuKb4vnNpyX%2BeMS1jFuDeEUTWBAQnRCKMeM3Ly8XgxTL22vpsd%2BycsUQN%2FmCV2TbGKvqOMdPQlpe5v4AzK8Dwo6GPZC2BEb73mrg%2Bhd8hhUpDlwmsZp4%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5f0276ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1120,"timings":{"blocked":1115,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240312/17102186405872129.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.597Z","timestamp":1782346858597,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240312/17102186405872129.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240312/17102186405872129.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2F8Pc59tbleTI5aGYqEvS3gItmVqhmeWyaVCT2TcrIp5wFI24%2Bf22uzczhU6qny%2B%2FCPIQfObreLlzB2Hs7hRBjsGn5FZfm%2BJWbU%2F53gcJ20FjBiRqI3OZb5GpH1Pf9SnH4I%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fd5b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":360,"timings":{"blocked":355,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221960139209501.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.338Z","timestamp":1782346860338,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221960139209501.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221960139209501.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9DrQzX6effxUs9h%2BoAhZ%2F88qSXvjPgh53txd8RMdtW2uxoL9KM%2FOwK3LO%2FB37lgf3SRMP5xZvqNFA2V%2Feox%2FuZswkrkvgtiDJjKXquRRnriUfoAjfHmjOrwTBD5mbTz4knE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf451cb076ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221960139209501.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.407Z","timestamp":1782346860407,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221960139209501.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"34c156e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5WopKWv860bdZ%2BwAn72gqX98XAeoYwwYj%2BlrUuZwY3fDGia3dD%2B70NfufOCk3g0Y0Sc8KcdzKTpvLLl9iSW1Z5WbHE7s7616%2FMRgvdruFbu5Yz7KPDF6sRAnd4q2qcuE%2B4s%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 30668\r\ncf-ray: a10fcf458ef956bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":30668,"size_decoded":31432,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"131e21c5c30e10a4fee8d644adf9e166","sha1":"eb8c2fb2419abe6da0e8bcf32cd61c43ff1b6fb9","sha256":"8cdb3c515afa338e59b1420faec45c61de93feeb0981c6e65b713db105f4b70b","sha512":"4ab4435fbd4eaaf9e87433d7301f88973575bf3060d9acbf0d84831427c0b46a7a8f9b19e6c82ce996ef013b8c331828ee0234be07b7b2f72ced19cb40f735b7","ssdeep":"768:9ATqDl5quQlX6DD8RSCIk/f9Wjco2xGCNxdeCJmC:9AT2/n8I8R+wWINjNGC8C","tlshash":"46d2e18617c1e0435d80e23bf1954087ea225e0dfeb054bc271b96d71869cb4eecebe6","first_seen":"2026-06-25T00:21:38.138488Z","last_seen":"2026-06-25T02:06:14.158549Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":249,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg9.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.185Z","timestamp":1782346859185,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg9.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg9.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YTx%2BUJKaeGohHMLyYgyIdRBgtf8mWNVPMztLEVcl6uBcmx1lkX9DdR55vYjK4BJaLpXiGF0LE4YzV1SRwF5Y4rPXE5GQDt30rbntEqIxfSs48U2If6gPtRYEFLk1PUelPUE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3de896b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/qq.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.190Z","timestamp":1782346859190,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/qq.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/qq.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hFhwTMvM%2FDaTPAoEMNEExbbVt3fSitEN%2FizTfXLmvnNQcmTm5oU39ZwFXgVh64BHuNKP8XMRJpvhPz%2BXT14JKfHUbt24LZtPogviCLzsKD1RPmJrWllY6hIGnhCUPXv42Tw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3df89cb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/6A2.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.349Z","timestamp":1782346860349,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/6A2.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/6A2.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dXOY50sNOey%2FdtqRUkKkjiz1IminBb4jFgpEzO2MdsxGVaQ%2BrGM8ZhGhwSxJ2HgdVUCRBvkhKZHbguchN7pjLAHxHCVL0EcLPRvNc69WCcYQ5uj%2FJaDywhHCt%2FGcchPs5as%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf452cc876ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/tupian4s.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.396Z","timestamp":1782346860396,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/tupian4s.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"7c8610e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fqE5CHHkFUp2NhkxttGA6aj7GrBrh7FqRwl4tIdyEfH1MMAwIs85bUerrJp759VqxrnlvO443r%2FqB%2B4VNSkwOq5nmpK5iW0LJ41V%2FL9ucwcn2qTFzmbDbqr0Zqf4ONKFr1E%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 1646\r\ncf-ray: a10fcf457ef756bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1646,"size_decoded":2405,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 39x39, components 3","md5":"7bfa20fd57c0478b0bd1d7e6f1208d25","sha1":"3efaa5fb5aabc1ba84bbbbf48ba17da9564dd68c","sha256":"2b6c05807919b5e324b2890c04c62f3e1146aa146541c6ef7c3b8a7f081007e7","sha512":"e19be5b2603a002a7d5563472992524397036c65357f3565662f611145919ddbb45f653544c439a07793d0b888c09cd7c9f5af47d890f5676515691f2e375acd","ssdeep":"","tlshash":"fc31952dfc0374e1d594a93002fb12639e125be8e8c3d62970dcc507eca10fe4519bea","first_seen":"2025-02-23T01:47:41.234953Z","last_seen":"2026-06-25T02:06:14.142846Z","times_seen":9,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20220610/16548558762688154.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.881Z","timestamp":1782346856881,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220610/16548558762688154.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20220610/16548558762688154.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2110,"timings":{"blocked":1921,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg8.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.884Z","timestamp":1782346856884,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg8.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg8.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2137,"timings":{"blocked":1958,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240304/17095394956259123.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.638Z","timestamp":1782346858638,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240304/17095394956259123.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240304/17095394956259123.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mJa1rmeY7CqkhMjVzzTbqNAii3urJCaYcfNG%2BTXf9%2BTC9goWYyYLf4dJSX2Qk6HY%2FurYVyqqyjIo3y497SbBn7%2F83rSGv4SGmMdmHpluYIXFqu0t%2FdYc2zQtZg03mLEbE%2BI%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fd6b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":313,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221977374849027.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.034Z","timestamp":1782346859034,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221977374849027.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25207\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"4bcc5de55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mHVyAxalo%2FryfytQDgvjAjY1HY%2FcL%2FXgu1p53ctdgY55f4rO9Kui%2FDFGEYdo2ep9Heqb3dLirg7x9NNRM%2B1zJx5QwX8zDQPq7h7U%2BHh5jFQNY5oiGajCFdCp%2BDmgXdc5tag%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cfc8d32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25207,"size_decoded":25953,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x539, components 3","md5":"4f0453504a1a326f7b586bcce1d6cddd","sha1":"c03edf082066d85392fa491825eaf8c08ae49be2","sha256":"8a040a5e47aa9688dc209b55f5fce40a0f02df1b5de91720c20642e6ef2fb74c","sha512":"a93b9fd76f74aa241c2833a51c3b15fe7b3a5788b8c949748e3160ee3de55cdb5f3e09cc4edd5c94cbeb8452a7675d8437b096611ed92683c44962e60d2f2cf3","ssdeep":"768:5vY2aaaaaavc777777777777855FeBZZZZZZHuDL0bnC:5g6JJ8ZZZZZZEd","tlshash":"65b24b0754169bf15eaec7f8bec3e8e05f05a704b0c23dfe44121aaab5d0e77289b465","first_seen":"2026-06-25T00:21:38.141021Z","last_seen":"2026-06-25T02:06:14.119197Z","times_seen":4,"resource_available":false,"data":null}},"time_used":823,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":268,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.850Z","timestamp":1782346856850,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":917,"timings":{"blocked":682,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.411Z","timestamp":1782346860411,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E7%A3%A8%E7%9B%981.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"5d8297e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OxHPDFVLIeR68GUYSLRah2432f58O5kt6R2eNceTEUgHVG0vpBB5MeJpZ%2FQD3BOYqKJ8qncBL7cFXYyHeM8NS5cNO3zxYu9oVUn0yZ2dw9sB8HZGZnsQZ8ZSlwLCR%2FR2pZc%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 174900\r\ncf-ray: a10fcf459efb56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":174900,"size_decoded":175659,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"bb3fa4695e120a3498275463a1744efa","sha1":"b49cf3a2b7616b98860a5b02e5caa539e58c8812","sha256":"252ddf0cb1d09599596d2286e01e864de74735d738ce43db22af7e8f2913e772","sha512":"1e44f806ab6c4d24842bba3dc911dfb097304fcab14267b945b2c9940067d9615962e9b2fa37c452a8a4722ab02f9f1c94567d5d140e29f5ba1688a4a09b7051","ssdeep":"3072:fk/Zsm/NLGztzaJYpUEubaKoAOKDd5E241o9xysvSRMEk7c1qlb:s/9/NLGp2JwuloAOGFSLRMEkZ","tlshash":"6204ae14d1aa7b65ff993ab8f35497536252273b61dea81c7c2d54827bf003ab10f0ca","first_seen":"2026-06-25T00:21:38.142208Z","last_seen":"2026-06-25T02:06:14.196901Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1603,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":1058,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221978011046796.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.853Z","timestamp":1782346856853,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221978011046796.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221978011046796.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1088,"timings":{"blocked":879,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221962351197858.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.857Z","timestamp":1782346856857,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221962351197858.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221962351197858.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1251,"timings":{"blocked":1075,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg11.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.885Z","timestamp":1782346856885,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg11.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg11.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2156,"timings":{"blocked":1996,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221961774369337.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.060Z","timestamp":1782346859060,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221961774369337.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 22014\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"6dd857e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j6%2BABIW2v1%2BB1D0aXPZwL2xWGK3Gh4dxt%2F134X8ESMcdz6QfFWZYQKGDzRAym8nauapGsZGepO30WEft5y2cETVTAl%2FNpL1VCT0vSh3UGRa6ubgmL0NizuLJ45jO74zQwQM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d2ce132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22014,"size_decoded":22754,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"bcb3f9b4315e7825ce8ff0bb2a26b5aa","sha1":"1dac1634119ce427335fc1b79c19483ee2c55649","sha256":"6314d0272196b7d175d346d8d0c5602e13f09b461d39683b866f4f7886435bfc","sha512":"80d78c6d0d7125cbb50e812bf8f7b9bebab58b9050af8185c3565ace21cbe7821cfca82d607ab94114a85abc5104f270cda19a4715fc7a37ca4bf91461e4219f","ssdeep":"192:WSlnQhmv4rUo85Vq1SfN1DQqXHCA1P+vLbyWbSbbQN1/5mPihM3Mp76FR2dhpWgo:9ln2NYWijXiwgvy5QDomPhpfWZ","tlshash":"5ca292079905cb86a62d52e9bd530ed91f4b6b1ce5862eff51220e9f3d20a334cde42d","first_seen":"2026-06-25T00:21:38.14347Z","last_seen":"2026-06-25T02:06:14.113379Z","times_seen":4,"resource_available":false,"data":null}},"time_used":893,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":600,"receive":293,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg11.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.140Z","timestamp":1782346859140,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg11.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1098\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"6a3b3e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R4pFF%2FFdDIvdOb3bZEi6QyyfOYWxInpXL%2B%2Bbc5EA4%2Bjsop2ZQasjlAEPMia12ZUT9WuaC%2FTTOq0cHFA%2FvnMA2qOZ%2BYUXNZQeDuKchQlXx9unRDs4PrhBRQlWOylFl9wH7cs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3dada832fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1098,"size_decoded":1841,"mime_type":"image/png","magic":"PNG image data, 13 x 11, 8-bit/color RGBA, non-interlaced","md5":"09947b36cc8cff4cfb1a2fb85835fd63","sha1":"b04cda519bd73271fabafd5c8baddc70e10f8150","sha256":"7a36cd896f5920dde7e140b775b348c54cae31412f666020011c8cf35d25d641","sha512":"258a3ca969a524edfc742eb72688ea1e6c289193863780674d35978ec3ef3a8f411b0e930c84790035049d9de0189fef0e8a16019b3b99ed7f9021d0679e96f8","ssdeep":"","tlshash":"39117947fdc26d81e24cf8a210ee90175e2648509ed4f4d579cbed159d703f4505d9cb","first_seen":"2025-02-23T01:47:41.220352Z","last_seen":"2026-06-25T05:53:26.879825Z","times_seen":7,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221972736283293.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.417Z","timestamp":1782346860417,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221972736283293.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"c28f5ae55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C2By3pT4avv6iNVUIMHQ341AkyW7XkYTDndN4Hp9XlTnSJwbPiDX%2FDZIUNdiDR%2FZViF6oJrXQwtp7a9Z1z6He%2B3EXARk0nwhYPj61%2BKcYuKMY9l%2FVUQFjCyHxbW1izMSUQI%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 25419\r\ncf-ray: a10fcf459efd56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25419,"size_decoded":26183,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"49ae9a28c39532fd4319c76f66a660a2","sha1":"67517268597ed36a0c58b7f9332fc919774dbb61","sha256":"6799b2e140f7881d88627bb3f4d30173fcb8363b4c187064b5e3881831dec0b3","sha512":"47b2de00ffdc46534e115b758fb6f53c880aae2e443785c2bfae90ec08b8fccbd824d7ed66e10a62ae2a488e78d4d6c51479c95b7682d4a09afe725f1e2d1def","ssdeep":"384:9gW7QvXWfY7YUMVNldVRhp7pJTVlQzNpjF2Mb4gHMDAVGSFA8VBUXQfexT0AM:9PZtlVNldj7pJTHQ3FRTVFAxgfep0AM","tlshash":"06b2d0375e4c94026f3a17502fdc199f99b13a147bb632b8626329679b28d70ce413f5","first_seen":"2026-06-25T00:21:38.145727Z","last_seen":"2026-06-25T02:06:14.2022Z","times_seen":4,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":266,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221976723684476.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.772Z","timestamp":1782346857772,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221976723684476.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221976723684476.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DZmMWi6U4pCmFt17PvdlG2IK9GxpdfkIzHFVTC%2BJmxh%2BiT3H41E25eSNIA7DKfUkNAEPh2%2BVBZX8oiyhCfD%2FgK5zjdxxtVzPp2j7eTsvD027YoeFjTniZ%2BJgLN1ugxbKcr0%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4ef576ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1157,"timings":{"blocked":1152,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/tupian3s.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.824Z","timestamp":1782346856824,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian3s.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/tupian3s.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2664,"timings":{"blocked":2471,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg23.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.827Z","timestamp":1782346856827,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg23.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg23.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2677,"timings":{"blocked":2493,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/qq.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.200Z","timestamp":1782346859200,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/qq.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1311\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"e854fe55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xYc0ntcaeMJLGRnqAJZtUMmGmd1dhuVsUGcRXIHqF8sTmx3AvBmVj%2FH%2FzdhDsze5OTOidzVuocOh9dTpWZJCO2P3P5zOOP1KTAuSsGrpaIlh2hLS%2FCd6bvQ7tPAbBbL9qXc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3e2e5b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1311,"size_decoded":2047,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 46x55, components 3","md5":"48b5e1686e0b1d7336a9eb1bc18f7c76","sha1":"86576f912a92ef4f834b6bb0017bcdbef4137df3","sha256":"4f4c2ce675b58cd8083607b1e2df5b062d0bae288db4e34306f23365b6674197","sha512":"b13e1717f3ff54565cc25271e801c65cb46e954cf33b5009925c4c9297a1c726a9f450a590d5034f912864defb27e608dcfe7441980e96a8e59302f5516606d3","ssdeep":"","tlshash":"6921b77e8a265a11a22586bb575e03dfa09eabc77e502e1d6d74d372d9308cdc1c8b0c","first_seen":"2026-01-08T22:02:10.703192Z","last_seen":"2026-06-25T02:06:14.156496Z","times_seen":5,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg35.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.221Z","timestamp":1782346859221,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg35.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg35.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lojK6%2BWlcj0p5A%2Bo%2Fxs8wdiW37ZiNa65g9aSE88rg33CaH76IRBV%2F5BA6lcPATLPWGHqeAhR8F%2FoIjPkcuHtyZOJ5PDj3HBbTfgO9X6DuSXMHzY69DOWo8ze0dEy5J2C5Q4%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3e28bab500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/tupian4.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.825Z","timestamp":1782346856825,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian4.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/tupian4.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2503,"timings":{"blocked":2342,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/6A2.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.833Z","timestamp":1782346856833,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/6A2.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/6A2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":3029,"timings":{"blocked":2866,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20230209/16759389714833234.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.760Z","timestamp":1782346858760,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20230209/16759389714833234.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20230209/16759389714833234.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bof6E0xX%2F1NmKq%2FSIyAorRyPUFIvbUAtM3TlgjKH58JtMIoKQLZWN7v6k2BuxsuhqVM%2Frtb5vx5Qk7FldbkPthlHbwCVJ5mVia%2Fj%2FVphtdTc0YsHF1Bt3bpXmAYSAxbSSWQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7fdcb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":197,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20221203/16700624678486601.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.823Z","timestamp":1782346858823,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20221203/16700624678486601.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20221203/16700624678486601.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GFrj%2BZT1xSxHqeQHeLrcZfjILpW2QxUkbrUphLZoSC0iRZ3Wo7ZE4CO4UwV1WUoUKil70p0CcWQGkm28Z6xxWkBs8%2BqOyc5IEMQfmZe8ht%2FmXWiKP49A8JxnVvIeQFu4uhM%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7f4076ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":135,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.040Z","timestamp":1782346859040,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 197733\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"635296e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DlM4WCBBQcmeCIL56vKYJQO7tIeVNxgLU%2BeQEKCSyFr0HWuvrGeuK2D1%2BIA%2BbHKvxs0IJy7e8kYHsqm5%2FnqJW8ZYeaxMeWkIR%2FvwqZ3G657pNDJvH2lvMNBwB4%2FT6uks1XQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d0ca132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":197733,"size_decoded":198478,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"33c3843cea53af51d8a13349a95e0268","sha1":"1c955098c65a75d6ff28f9d5d558df191b8b804b","sha256":"5acca2609d1cf41f50fdbe8ff169245d0480796a738bee187246ed45ac335a46","sha512":"749ce388341bccbf98778ba246a2fb7b19b3aa81be39341fef8f784650a0f7ffcd2fd827ee5066277462e76f5f8962654baa24d7240c21c28e066ae1a934fb6d","ssdeep":"3072:Fk/ZsOs8P+i8kQ9T2do7j4ddxMA7/w7y62FAjGCkiLycwll5N13U8Wtb:y/YI+zkQE2vs/Gn1ycAl5Fw","tlshash":"4d14be10d1e73b64ff9979bce79497676252133f62ae690c7c2d54827bb0029b60f0ca","first_seen":"2026-06-25T00:21:38.148628Z","last_seen":"2026-06-25T02:06:14.157218Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1331,"receive":1044,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.041Z","timestamp":1782346859041,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%87.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 150831\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"88c595e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OTUPUndh6bNOq3U7vZOETS0WRzLC8LzX3NbA9gq4MTVWgJCVbSoiMV89Td3f90FsY%2FRJLmqDYR%2B44yQHjWdgrscoO7DNTMpzy4c0U8AciClPq1xCOumWsc2%2Fln0UrnEHEFE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d0ca332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":150831,"size_decoded":151570,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"ccc5b2af4e94f4bdbda3b64a09011d24","sha1":"46a208b5265cae473497b082caaf572a75b6cf2e","sha256":"320f02fd90c0c5454de057734938e3a805fb09d4c6b7c6f2d49462f40a64e497","sha512":"0b4adfcd2f4c3309991621ff76b233d480ae0a2f7194125d5ef45e97e15e0c404eeb9c041a0904135bb7441f2ac18749e8d5fe27f9a371e7488849ba13790154","ssdeep":"3072:vhek/Z1Vh1ds16SNFLYuhjmsmjGOI5+dvoMajJouhxKBxXGM+b:vhz/n1dslzMuUsmqOq+6jJouiXXGX","tlshash":"dee37b11d1aa6b75ff9930b8b75497ab6141233f61eea91c7c2d50827bf002db60f18e","first_seen":"2026-06-25T00:21:38.149956Z","last_seen":"2026-06-25T02:06:14.17835Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":646,"receive":942,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221962351197858.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.059Z","timestamp":1782346859059,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221962351197858.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 31156\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"7b7e58e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8FGsWWaAFNmUVDptARwNSwPJ9KXVDLPyROrvKBQqIZWm2SmWNZUzJ1kXdvxGEAphP2NtTdGPfkIEGF%2FvH9Ks38l5lRHnOgRt1CmFwmSV%2B7oUoPG%2FQHGatZMpO4sWJBjsIsY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d2cdd32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31156,"size_decoded":31894,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"6b83885a744f075e76e58e6e0e004b9e","sha1":"8ffbac05cf36a484340e471cb839188fe2884d93","sha256":"1e6c70a43e1f3c2495b4961787711240702e732128390eef888072c02bd92519","sha512":"dd728e30b2e3d1b6259816013468b0f5fbeab8b6ae4ef529e791c79b2efe23224d8ae8011b5fceb23845ea51cef40a4fd7f63bf0d9e98168cd366efffa418d1a","ssdeep":"768:9xsnE5Qi/ScEN3vtVZkVhsMxS0uQm/09YrJJ:9SnqQaScWlUVhI0i09A","tlshash":"04e27b438904c382e51946e5be074ea95f4b2b0df9d22afe08674e9f6d14b724cde12e","first_seen":"2026-06-25T00:21:38.159878Z","last_seen":"2026-06-25T02:06:14.131727Z","times_seen":4,"resource_available":false,"data":null}},"time_used":797,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":261,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dev.biymu.com/","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-25T00:20:55.990Z","timestamp":1782346855990,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/css.css","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.740Z","timestamp":1782346856740,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/css.css HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4120,"size_decoded":1510,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"0c78caa9bc46327e8247351d97232330","sha1":"b25114d44a4c73d841993b5d07765910d8ba864e","sha256":"b1fe74dd077c546c926fcc85658c0f07be9f79c12aaa6616f1bd145fbf8ed5b5","sha512":"04b8716e6cc3547593214233b6770b70317c5e18538ac80143cd51ad07bfc92712dbce1ba630a401526f11a9771df2a9fdbc99812dfaf00f25253a2762a31c2b","ssdeep":"96:al7PljJKdMNLF8jcPHSvUKgakPsAuWA9uaNenFK:OQaLJfUk/PsAuWcuaNenFK","tlshash":"6181fe9b96303dc0941694dc2be9870c171e901a6f0fad6efc62be5dc3cc2d891b3685","first_seen":"2026-06-25T00:21:38.162502Z","last_seen":"2026-06-25T02:06:14.116111Z","times_seen":4,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":148,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg22.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.865Z","timestamp":1782346856865,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg22.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg22.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1493,"timings":{"blocked":1292,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.583Z","timestamp":1782346857583,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eqn2GjTJJcZYZWBie87oHku41RwCD4zHPT171DxzwhWZN3qBZ5jMINnvsnzY2gl3hzb0Lc29FJi90j31rfN%2Bc5ALwQAXWCQXLEOeKDmt3zAVQkyzoQhqg0B%2BLHq4SqnpjRs%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4fabb500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1346,"timings":{"blocked":1340,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20220811/16602127089434858.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.919Z","timestamp":1782346858919,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20220811/16602127089434858.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20220811/16602127089434858.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nN4o6cflLLgziGw5Xsp83Ty4eyUbRLnvhwvWw%2FSOFaW2tRmpOkJfKJhnnGAsOqpUFygRguQPDcFKMY6L%2BvH3ii2d%2F9RK7PMu7XRfcVt9NzBXZZi87QUbMthT%2FY%2Fsz7uNcIQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c8f4676ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221975925112150.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.030Z","timestamp":1782346859030,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221975925112150.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 37435\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"dbca5ce55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wJnTv2cb%2FyOAaXT8aBZ%2BzHw8TkEMOv805PhNPktoJIVKtqtrH%2BfwZp42e%2BcRnWd6licj%2BxNvYSsHvUfMumwGopa3Jv6o%2BdhGthuY7bO3GVXLwcRTR3v4A1f48ElP9N2awVE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3cfc8532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37435,"size_decoded":38179,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"4e61f5c59146698035dbb542f5dae2f6","sha1":"8bc8a3eb3763b5ca6659523b7c4e2d9027778e9e","sha256":"f58c6bb32ef746aacfae918f0803f6b74b3a9dd50af37c055ddeb05bbb967f3e","sha512":"33a2f2fc1d04f98c730815744e40507da71dfd7678556921913dc23a90bc70dc23664ed7875c525258fb34fb4c64d7fc3bd07e39ddcae47f8f44f338681299df","ssdeep":"768:9TEp/3utXXVjEHRrhXUPVHy3I/AsMOEB78AXFCTi5R0R:9Tg/etXXVgHRrxZIYsMBFUi5Ro","tlshash":"b4f2f15a0240ed156d0c3fc38e925b2a0d81368358b268ff53e670f8c68ddb6d8acd76","first_seen":"2026-06-25T00:21:38.164826Z","last_seen":"2026-06-25T02:06:14.134024Z","times_seen":4,"resource_available":false,"data":null}},"time_used":881,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":288,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg38s.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.469Z","timestamp":1782346859469,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg38s.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 1258\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"33e06e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pusa1%2Fsto%2F%2FamPKd24ylG2nra7Y94hl2FaCjgoRquyU%2F8e7BfKrNEiCmDPmqnVWgpzbv5j3ByJyq8zZS5DPd8SXqXUc%2FtVXxBpxieM1bM8nkSnVHiVycosZkB3gIaa9fwhw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3fc8a932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1258,"size_decoded":1997,"mime_type":"image/png","magic":"PNG image data, 33 x 40, 8-bit/color RGBA, non-interlaced","md5":"f60a2f1baa9c63a6333c06262041cf54","sha1":"ea0ddb2864a1d10710dbaed3aa5c788966e0129d","sha256":"ea4016ff0ea71732c2fefb5fd94d5b70e335757839f04c19a45148deb0fcb120","sha512":"c4c6bd118770d2d7d3543ad282abb665ab8b0e8de36890099fbcef64bd5f0458e2efdd39ff8d99e0c67ea4210c47e51ec6ab3508768e8814ca36f08937733829","ssdeep":"","tlshash":"67218744f6c1b440d248e48630e550e3f5228841c4d9e467aecfe54218391fa8eae2eb","first_seen":"2025-02-23T01:47:41.230155Z","last_seen":"2026-06-25T05:53:27.184003Z","times_seen":7,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240123/17059818892785795.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.873Z","timestamp":1782346856873,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240123/17059818892785795.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240123/17059818892785795.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1785,"timings":{"blocked":1610,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg8.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.119Z","timestamp":1782346859119,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg8.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg8.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h0gT2GrY0wVkutZ3NsaTJWUdizmiSF3SZh5%2BoCWgWPad%2BhO5ieRobxWLFEpLtQOy8i5DHLMSC6bm25%2BkNkt1T9kvwXVi4pwumbJQx1A5PFvyNOCJZpYh9CiEKuWBa3JkdbQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3d8851b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg10.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.122Z","timestamp":1782346859122,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg10.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg10.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OXASQw%2BcERL62lBsKKd5zHJowAM7z%2F5EDuPN27PgsSmlYsMBDpl5u38CUnWXW1UpHbfnPm0Ls262LpTgYFpEDDoH1xYn%2Fzowh6tW%2BbBG2nyAxWQtGYc0%2B%2FvwNURc8Ch1Q44%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3d88b576ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg35.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.235Z","timestamp":1782346859235,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg35.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 28500\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"e0456e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BB3HXllYaHJf9iv%2FAbT0qriDoHCGh%2Fc3KDwFVx8x%2Fp%2FpQMG%2Fmw%2FOrKR5OQJ6yUA%2B8OsmD9vWE%2B%2FTw%2BA7iQWg8wK21p4hn1ZzVs4sg3oRrr8SHqhd7klW3rKDkcz6weH%2Bb%2Bc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3e5ea032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28500,"size_decoded":29256,"mime_type":"image/png","magic":"PNG image data, 272 x 55, 8-bit/color RGBA, non-interlaced","md5":"47c0aee05f93d583dd0b8077eee27693","sha1":"1be570ad5286986cf14ef2276eae233198ea1a6e","sha256":"e4e1e3d5b61dc226f3a3d5c336579ebd6813532c0b5fb734275644acb2d2237e","sha512":"116a7157c9677ef40801b83bacbef99efb105d1fc49dad19796ea65bf03015ce1f708ee6f795c10bf4de828842cc756b7b7bae82385848bc0dad3069c72c91c1","ssdeep":"384:s3sJ5BIjsnln7K3OserPpXbXalJLozaYEcMYzcntSx/hnt8Yz:4soyOiaSMscyJn9","tlshash":"add29f38fdf7ba998416923769f224c11db78f83d6512c8479dd48af3f21b598c87860","first_seen":"2026-06-25T00:21:38.169265Z","last_seen":"2026-06-25T02:06:14.16037Z","times_seen":4,"resource_available":false,"data":null}},"time_used":947,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":639,"receive":308,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.318Z","timestamp":1782346860318,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5C0SP0BPuNFz14uaIC7BRsa4Nc4pi83yv7JLaiVt%2Bvyu9WFrlKWflMHKbmKGY1fveKbs9CTAVqaMR6B0HgAblH6uaD57i839Ym%2FuoIwymBrVkzGw3p%2FFhn5Pw5g65qqdI4s%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf44fe12b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.796Z","timestamp":1782346857796,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E5%88%87%E5%89%B2%E7%89%871.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E3I9rFuULzmJKE9mckjmYPuBlrFt5aUdaPMNwhuL3s35pOJLpzFfT%2Be7%2FUGHa9v9E3sBk9FYbOxA1kMORRKeCETytbHksYQjYCHfmStH99ptxh2bylSuP6gMwKlq9j7rJbI%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c5f0076ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1139,"timings":{"blocked":1134,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221976362063169.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.043Z","timestamp":1782346859043,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221976362063169.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21961\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"dbca5ce55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yS62PfhMgjNPr6QfIciuMxwdGaIZmCvFd1LZwn1NFLEFAWRNcg6JmNZK6CwrlAt6YkZm8%2BsJZEkyyf8BGifZoslB6rwUl3idx5dKTlHo58EOXgaYKU68kJzqNS5nn6wXhNI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d0cac32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21961,"size_decoded":22695,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3","md5":"7d48b4eb9c2244f7b295bafb33a46210","sha1":"d2ee3dbef99bf307bb5b742c59c832872fd2f865","sha256":"b4e184d0a5c452ffa58bf46d05b2bd967786af40c0140e73d828ac0ab0e2a491","sha512":"f4d966a8422b9a17a1f949a26ffaea0ada596d50173eef37e6c019c6d7dda31e1a4cb48d849a4d94a8438bdd52c5a8ca6971b3e8a40d5075478457816ab4c401","ssdeep":"384:gvSICsx+/gm+RhjeHpSlRaR0koGypCg7u97XlLrSLcNtJVbN7ao:ga5Mn32LRDdUCCI2c3bNd","tlshash":"27a27c13dd58d782a72016f6ac135e3d1f4b6b5ea89567fe50230ecbac60a714c8f82d","first_seen":"2026-06-25T00:21:38.171134Z","last_seen":"2026-06-25T02:06:14.173933Z","times_seen":4,"resource_available":false,"data":null}},"time_used":802,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":262,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg39.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.460Z","timestamp":1782346859460,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg39.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 1037\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"e8107e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N84fFxYv7fpE%2FpaDcmOR6g6UBMtLvqypfONIOEKYsErIgs6CrYcrfFj1acAzZMSNXRJkgcJz2fz4%2FCybiWH4T223VQ6VgBGZyeTb%2FCLqvOaG%2BP2p%2Bg6WGuM7H8pNwL9QS94%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3fc8a632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1037,"size_decoded":1776,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"d3a19046a01d6843a7b2886edcdbe34f","sha1":"0bdf5b1aae61b4d128976b6d4dd60dc3d2a85463","sha256":"a52e62657dd0eae2e0fe4505acb3a8ea203acf23d176db8329edcda3f989c296","sha512":"74c172cec3b99cde93ab2a96e11bbd99228baef7091324d2f0acf15a9ef30020fb523e30743bcd2449186c23b342506ed1ff9904d1844336f3553b5bf500702f","ssdeep":"","tlshash":"ed11024cfad26d44a5ace9c620f75033bd268a40c6ccf52579ded41618312b5495c9ef","first_seen":"2025-02-23T01:47:41.213709Z","last_seen":"2026-06-25T05:53:26.997281Z","times_seen":10,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":618,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.339Z","timestamp":1782346860339,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE1.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w81VQTHTqgdQpAwizX6wP%2BB9xmRO9nXWrDei0lB8V%2Bw50%2F0PQ8ZTbUfH235UVo6%2FHGtM7F6%2BW8ivhhtlNuh27FJkd%2FUXL6o0u3B8JhX3%2FuIbY7xTNY%2BeUT7A9aYJWd6qWQE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf451e21b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.402Z","timestamp":1782346860402,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E6%A0%91%E8%84%82/%E6%A0%91%E8%84%82%E6%88%90%E5%9E%8B%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"de4f97e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aXboXe%2FQXFQlRq19hmxKaBH1G9U8L5Gcu8yJp60Q6t6XoVJ%2B0FW6cb5RPSPbMUgCfJsvrRgBaoU7EoCHOWnldWPQ3X%2BsYpBRObojkE8k7BHPmwgA9wAju%2B4%2BJ4c2vnEp2mE%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 178656\r\ncf-ray: a10fcf458ef856bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":178656,"size_decoded":179421,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3000, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4000], baseline, precision 8, 800x600, components 3","md5":"0197c3c5641f703ac9a62c55be70cfac","sha1":"45d10299597e6a80ae127f08e3d65c0fc12bb5f6","sha256":"35b1de5686a29bdb87dca25039ea52bf126bfb48df13247309946d3b48d92020","sha512":"552bfd2ff0854331d26b11fed87efd245e96ac39e33624bb1c616e55a8fecdc8d260745016b794cba0d90c3ead72393a37eeaf8082ff24c3aa8195abb0744e68","ssdeep":"3072:aEk/ZjEDoT+nWuNlxD4bw+E6DFny1fkJ++Ho9Jq2RTiiEelAU57A+vb:i/CDoT+nWuNnMbTpy5c+So9JZRiur7AW","tlshash":"9704cf24d1a77ba5fe8975b8b7549b6b6141233f51ee680c7c2c20827bf4169b60f0ce","first_seen":"2026-06-25T00:21:38.173983Z","last_seen":"2026-06-25T02:06:14.132288Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1460,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":1155,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221977617947309.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.844Z","timestamp":1782346856844,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221977617947309.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221977617947309.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":485,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240219/17083171168191893.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.683Z","timestamp":1782346858683,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240219/17083171168191893.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240219/17083171168191893.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c6ifXTKfQn87%2FxM717d%2BfT2K4tV%2B9O0qqPKXAk8K1M0kVOdH%2Bj%2FOVMV6cjxGFxZCnh5InN4wZKUhVAkQOBkyRkWWmR5ruiM4UZHdF4G0jhvdNas%2BsCjgnLky%2BzqFY7U4FYY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7f3476ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":270,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20221107/16678152115753889.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.858Z","timestamp":1782346858858,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20221107/16678152115753889.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20221107/16678152115753889.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FhZsGJPBzYDbewmo6fpn03HU%2F3wojqDDOyinoEjg6%2FXnFmZIgh%2FPAFM8iE5CHGaSQHLsdbyExapTDoAvECPnyidHHJt5GSBvb1grlreQLXer6Xsgfeb6T1SM0e7Zsux2sJ0%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c8fe0b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":101,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20240328/17116010987454710.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.086Z","timestamp":1782346859086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20240328/17116010987454710.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 137611\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"53af83e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=haZEwuoIACwFhNTjH6rRqupWbbuA6CN1qmjsYXXxCYA1TPegKdfszCBaEyQNc0RM7TYF%2FaiwA%2Fs%2FwWa8Z%2FU3ed0pH%2B7uqwdcQ0uppj%2FSLl09SAPCABJDuRLXWadu11aVOTk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d4d1a32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137611,"size_decoded":138356,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:11:07 15:36:29], baseline, precision 8, 800x600, components 3","md5":"9a00eb2ff3ed50765c2b1b29c516b8ce","sha1":"64092aa398b91abee2dd2618000949fc8a48acfa","sha256":"5dc2e254032d785089d022bdefdf726a52664ab234bef2577d17c091018ab2b3","sha512":"b1f3cebf1d2a5808be8af2672ea9f7f04592675faf44ce3237d0cf5a9d9e864df9319601a57317ba25128c46811abc49f2aa2a9af8c38ed39189f970db8336c9","ssdeep":"3072:QTfTEIXFQPEzVw+iGjqQSl8/EXGiGF85JhF:27EIV/zVw+//SVXGiGC5J/","tlshash":"09d3e1348f6a5ac0ecc62a374250ceb193385e8513236be7f96d7a0db77de6144b412b","first_seen":"2026-06-25T00:21:38.175141Z","last_seen":"2026-06-25T02:06:14.137668Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":609,"receive":916,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/tupian4.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.451Z","timestamp":1782346859451,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian4.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/tupian4.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AicVgODpiuBJ%2FOwwifZWu9UMYYrh8m%2F2b4Uhq1gaP0n60DwhkuMvaLf32ZV9krHLW2idBNQKLFtb0RtiJnl7sAsIK8HA5Bw2hGu8UKYTP0DboRnwue6bGOpcunUehDFnnpQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3f9c6676ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221965251478009.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.419Z","timestamp":1782346860419,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221965251478009.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"39c359e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3LhOHbHB1xASBfx%2B2fpJrjr8xTFEOUadnAjnv5EWGJlwuaPnTw69JA%2Fmjk1MTgU5g23F%2BKU6g7kSwtISohMxviJAId5v0wh10CnDLyXENaabv6vR57NYnUywCugw%2FTF%2BucY%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 26939\r\ncf-ray: a10fcf45aefe56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26939,"size_decoded":27703,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"9269bdaa4295c7a6818cc58ca4217e7b","sha1":"c3a656ff6791a1c065f5bbe09c757ad50cdda967","sha256":"3a429d00ff53dbc40969b1ae19fe04d88fb5486d298c4510d38dbbdd31bb7a8c","sha512":"3c23d47505b4b2c7e5cf8cf9343fd9f756b2b090bcb8588aeb957091da5084fdae9cf6a3eeddf796493916acf25f99bff801342e7fc3ba46cfd87f82cf2606d2","ssdeep":"384:9ufagdzHJwR9Mx5/xqU0h3ZwDrhXRwDHyhRuO0rCz9VCtnR4K5n3S0e9WL3YyIE2:9ufagcAy5ZihXR6DCzOtn55nLhm6tvi","tlshash":"46c2d10bee069804a19817ddc72f17af366f920ae5a1b5792de09b77cb048905ddce70","first_seen":"2026-06-25T00:21:38.176074Z","last_seen":"2026-06-25T02:06:14.115089Z","times_seen":4,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":234,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bootstrap.min.css","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.734Z","timestamp":1782346856734,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bootstrap.min.css HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:56 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":122153,"size_decoded":24027,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ac010e3bb54be37c091714b2c7d74948","sha1":"81d6f1b3defe8f55a341f0c85aeb5dbe742bebdb","sha256":"82e6871a329403b1a04478c857b238072d84e1179db3f42b83696e214aba3c23","sha512":"cd76e237ff1fd5805b25b72b8f3ee89de0d9fe2a24ffbb1b5a31e4a3a7e71ac246a9de7f638e5cab088e8e29f94bfe034e4550169524227ada847b2517050d24","ssdeep":"768:+8Gxw/jc/QWlJxtQZIuiHlncmzI4I8OAduFKbv2ctm2Bm8JP+eckOvS1Fs:kw/o1wIuiHlncm28lDbzzPux","tlshash":"e1c3d7a0f11031ea7323c55a71d0ed872259a153e56a4fb7f22f25d88f886ca1773f1a","first_seen":"2026-06-25T00:21:38.177113Z","last_seen":"2026-06-25T02:06:14.13638Z","times_seen":4,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":-1,"dns":0,"connect":149,"send":0,"wait":189,"receive":146,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg40.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.818Z","timestamp":1782346856818,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg40.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg40.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2479,"timings":{"blocked":2297,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221976362063169.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.847Z","timestamp":1782346856847,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221976362063169.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221976362063169.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":897,"timings":{"blocked":673,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221961774369337.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.859Z","timestamp":1782346856859,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221961774369337.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221961774369337.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1293,"timings":{"blocked":1097,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20210528/16221961104625318.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.861Z","timestamp":1782346856861,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221961104625318.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20210528/16221961104625318.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1335,"timings":{"blocked":1141,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221955922550824.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.376Z","timestamp":1782346857376,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221955922550824.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221955922550824.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WFiauEiPaQ9D03KWZWz3GANIx7tNlt5zGXYOtox14fcIvem41O0TNywMwxMnWtesaN%2B2SOKHCUOtNXJRyhU%2BYHLKbtYX1fFMRyU3yJ048FzMyVe5IGyYGG5aSvuYrRrKPEE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c2ec576ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1544,"timings":{"blocked":-1,"dns":1527,"connect":2,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221964321312803.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.416Z","timestamp":1782346860416,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221964321312803.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"e23459e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H9a7ZuuOP%2FQsqGcmR3fgxpbZsPGf22yzg7XfkM5VQ3AjPc9NqCZxrxpof5IZ8povoCvWxOdYRe%2BOrGO8L04O9h8wpbNrU8yZATrdPTbOO8SdhoQjD0FZDqd2FNtYAZFnl9g%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-length: 29903\r\ncf-ray: a10fcf459efc56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29903,"size_decoded":30661,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x750, components 3","md5":"61818830062dd7db60e5752ae7eaf2eb","sha1":"3fc7387c7ccba7af1e8c2ac6ab042e9207350ec6","sha256":"779485283c8fe4339d24b77d4c7f0ee63172f3c6b748feb42b7ffabd4a48cd9d","sha512":"1d59636d371527df76ce0fe3079632b2c2d4eecedec7cf8b1522c3265d3486a9caf6d48011d7c25f72f56849bba1d90a538dc6386950b8f84b88e5ab2bb6c364","ssdeep":"768:9ME5Bk8MnqGkCY5b5LIrxBQOLTj9n97UqFX4Ga:9MqK8okCY5FErBLTj9niI4Ga","tlshash":"bad214578c1adf839145dbe87f170da92f0b134c989139fe01364e9faf10a668cca52e","first_seen":"2026-06-25T00:21:38.178135Z","last_seen":"2026-06-25T02:06:14.177196Z","times_seen":4,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg37.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.814Z","timestamp":1782346856814,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg37.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg37.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2332,"timings":{"blocked":2164,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.841Z","timestamp":1782346856841,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E9%99%B6%E7%93%B7%E7%A0%82%E8%BD%AE2.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":679,"timings":{"blocked":477,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221977617947309.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:57.581Z","timestamp":1782346857581,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221977617947309.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221977617947309.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GO9Ic1oD47sBXNFvjzHfipTqTLZIbDxP57edMpKCUrUHEYzX4rwK7otPpWHYGY1OQoVhhbB2EKOLpiJGj14oIqkZ%2F8p6RnF1OGBmyi7AgAQbEbf2e35AcsBeFW3JvkefGPo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c4fa9b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1348,"timings":{"blocked":1343,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221961468009794.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.216Z","timestamp":1782346858216,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221961468009794.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221961468009794.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xiGUUFFdRJWF2TM4%2BspX0sqdtv4favAQ%2FxBZLYMunG84gvVeV5bxqQg3KcagwkvSIhktNIx8ErCoQQo%2FrTHrl%2Bq44iVOoD4%2Fi3UAEWT69Za4Yq%2BuiPTIbZNnHkrVDpwlotY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6f1276ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":728,"timings":{"blocked":724,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/bg19.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.342Z","timestamp":1782346858342,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg19.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/bg19.png\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nhnaDU9W47rOdaV0k2%2BbMqltJpuG3ut6hT2x8bF9EFTXlt65UXiDhG23BViFRdlZ7xbXizlf9lWzXhyAJLPqADpynMAglbv03QjVLxOJbtMIguF7457WeVCyQ9SeZri58vY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fc8b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":602,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/bg9.png","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.197Z","timestamp":1782346859197,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/bg9.png HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 15641\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"10b57e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A7NyVRch%2FziLhxXcLDSQkZiIN5%2B6%2BKjN%2Bvq6uMy91L7G9w8%2BS7QZuwS7jSnXBJR45OrSopVWhQiY5kjLqMjNVMfWeF%2BDpKtNECotyh%2FdzltIH6z3kDj7YJ%2F2S%2B9FNE6WT1w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3e2e5932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15641,"size_decoded":16389,"mime_type":"image/png","magic":"PNG image data, 11 x 17, 8-bit/color RGBA, non-interlaced","md5":"8e12c9ecaa8d053914ad3cad8717c876","sha1":"3573ec9a333f63c7d75abc93d2a62d509a8666b5","sha256":"a1b9907485698bc914a4797d61b8e7f7629c1eeb0826f29d1beff1bda8a862de","sha512":"1105b8f8e57fff7ba2b60a204f718eb359c8a73f7f8bb84070bd5c77d05816c5a8ea11a519966c59cfc0236bb9a2086f54de287ccc46f083f1e2895532cb230a","ssdeep":"48:e/6OMh8k29WJsEvL3P3ITrDlbKub1BLEpLgTMR3nxN+Y97sc5zJ7FPCE2dtbEv:eSt8kEWmgvRnxNX7sc5RpmdxEv","tlshash":"58625364fdf176a9944ee6362cd1240d5c330683c9c1ac45bacd8c2b6f17bea8c5f286","first_seen":"2026-06-25T00:21:38.179115Z","last_seen":"2026-06-25T02:06:14.15972Z","times_seen":4,"resource_available":false,"data":null}},"time_used":855,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.926Z","timestamp":1782346858926,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/%E9%99%B6%E7%93%B7/%E5%8E%8B%E7%BC%A9%E6%9C%BA%E4%B8%93%E7%94%A8%E7%A0%82%E8%BD%AE.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 265749\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"26ffa0e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UXQPOFdSs9bEfZZJw0xjRkr1gyMc1oeQQ674%2FJrnE82QNr6qN838x7P2Jy8lkJ9IwwrPx859v3W12yhMPyrC%2BVIOZ%2FyzHBurkhayxEc3la2yixQ61qXkKaUFWaMbyE%2FPzh8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3c6b9432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":265749,"size_decoded":266490,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 800x598, components 3","md5":"56ea2b243303386c94db741c6e766132","sha1":"f141ce49e61df0756abd1fbd98394da17f274380","sha256":"4dbeef883624a81bc58d848a9020686367d11be3e8e332bc640b901d73a8b43f","sha512":"2efe1499a2062fe8411d1623ecc8b32de007b5bf55c89442ac8fa2bfa68ea9e0c5a6fd2ae09785a29adf6cd95f87e336b3ceebdec9410065b7f0c5e098133d2e","ssdeep":"6144:6CquHSAwKWZTMcfbVYKaJAvHuQbGzCG8/1:66HSJnZTrfbPaJAvHu7C9","tlshash":"9d4423c94b35de1dfeae053c65e16107002788d63a58a5a83eee3467f77dd29b001a3e","first_seen":"2026-06-25T00:21:38.18012Z","last_seen":"2026-06-25T02:06:14.14212Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2241,"timings":{"blocked":-1,"dns":0,"connect":2,"send":0,"wait":656,"receive":1567,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg39.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.817Z","timestamp":1782346856817,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg39.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg39.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2471,"timings":{"blocked":2287,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/images/20210528/16221975255231077.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.005Z","timestamp":1782346859005,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/images/20210528/16221975255231077.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28480\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"dbca5ce55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2TlqxUC9bNTE25bjz%2BBQ9sFau4IuBTo27%2BdAzCpmb%2FaSbN6LGc0bYPsx74zm3dPgaY9c9k702h6uJuUEuFCiq4tmGvoO1fF%2Bx6Mh8R4D368D4BTp5JchlR73%2B5tswQgMsqs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3ccc3b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28480,"size_decoded":29222,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x602, components 3","md5":"0d58e73f6ab67abc8692a7139c9c347a","sha1":"970e3fab8b5c104e610eace3240f323dca0d3d1d","sha256":"7c1312dc8f01cc5e321546ef054f35a2343e3937e2a2c23ad28ed13ebfc6d5f3","sha512":"001924df8ea75150614adade6e7df1130f75e47b44e2f6f8706c1e1e4a990998ba1913238fddc9c26b1f338ce6d6fdaa1a21fe1a8495b616d2676ab5eab9df88","ssdeep":"768:cPqi/4Y3fGRlvxrVVDEW4C+UMBstd9gX1K:cYYPGRlvLJpoxI9gX1K","tlshash":"ead2e1043997e2415a5cebf1cbc48e71a911d07a1af92a74714f4fea3e65c359c0ebe0","first_seen":"2026-06-25T00:21:38.181573Z","last_seen":"2026-06-25T02:06:14.124169Z","times_seen":4,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/template/images/tupian4.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.468Z","timestamp":1782346859468,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /template/images/tupian4.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:21:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1345\r\nlast-modified: Sun, 14 Sep 2025 08:59:35 GMT\r\naccept-ranges: bytes\r\netag: \"d5210e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Qs89uMUZtHmptEwRr05nb3OylaSIOkXsMjsA7%2FidcLjvxpxE2QULQsONAZ0g8oW5xrispkUWabCDX1fOVxTAamrZwgOxV9%2FXh22Q2DVTpxZOAnGTbVRCJ02Qf3XwBo5aTI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3fc8a832fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1345,"size_decoded":2079,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 39x39, components 3","md5":"5d91dee8c8846a7a7d542ac0180e176f","sha1":"57abb08da2da422f58318e59bf708ccf093c7955","sha256":"1bfc45aa59e61ad1abee8a03c03df8df17e1595c28adac6811a6e47d7331d151","sha512":"14dcb272d91272d00691ea361bce2c12a401a1c1226082b59174ff2abbe380b984648526ffe90b5f64ab651fe9bb756030c165f18aa397d251a6781b4d31fd9c","ssdeep":"","tlshash":"0a213209fd432841d874b8b124f7015759259fc895c3f66b68c9c026d4621fb963e2cb","first_seen":"2025-02-23T01:47:41.235733Z","last_seen":"2026-06-25T05:53:27.154095Z","times_seen":9,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":582,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20240328/17116010987454710.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.509Z","timestamp":1782346858509,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240328/17116010987454710.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20240328/17116010987454710.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0qnnJhIjxZO9HYpXCbP2kw%2FMo21vksgOmE6%2BUZLkq8vviyfgTKSts3irKaLupWqsfy12ywttA%2B26cIuztTXRdF4bNkLNGrnOfAKyaGlI3rPT47Om6XBHBo2FaegAJoJnENQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c7f2976ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":446,"timings":{"blocked":441,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/template/images/tupian4s.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.317Z","timestamp":1782346860317,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/tupian4s.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/template/images/tupian4s.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zLaMx9lR6PY99JPd65jimsSjy9n%2BqGv7ND5DCTz4b3u7GxVxAoSJ508%2Bq0vZoyj514fO8jucE8azZV41bYndJCF%2Bkh%2F13%2F3xxHVEgS4hQ4iRjBYtTpzyY2tmpjoQeRNLQGo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf44fc8476ef-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221965251478009.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:21:00.347Z","timestamp":1782346860347,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221965251478009.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:21:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221965251478009.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EBU7yKRWUSbiT%2B5x1K6TVxVwW4iAvMHuspj9lgZu0VWt7YmzJWYj3746tp1qbZpDmQK0uFYI8nn0RDlZNFLch%2BJC5drVE%2Fb0oj5bkmcl0%2BLrOVqp%2FsR2CTsGhXekUZKxJ4E%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf452e26b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/ny1.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.856Z","timestamp":1782346856856,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/ny1.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/ny1.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1157,"timings":{"blocked":916,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240312/17102186405872129.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.870Z","timestamp":1782346856870,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240312/17102186405872129.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240312/17102186405872129.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1698,"timings":{"blocked":1492,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20221107/16678152115753889.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.877Z","timestamp":1782346856877,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20221107/16678152115753889.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20221107/16678152115753889.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1959,"timings":{"blocked":1781,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.huayudo.com/up_files/ny1.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:59.057Z","timestamp":1782346859057,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.huayudo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 30 Apr 2026 03:00:51 GMT","end":"Wed, 29 Jul 2026 04:00:46 GMT"},"fingerprint":{"sha1":"C5:CD:3D:A1:6D:FE:D2:7F:B7:B8:B2:84:50:28:B6:52:69:00:A5:AC","sha256":"7A:5A:C4:8C:57:48:B0:B5:9E:69:D5:A7:98:07:B9:E3:1B:13:86:91:11:98:A7:E7:56:81:77:78:C8:DF:B3:EC"}}},"request":{"raw":"GET /up_files/ny1.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 25 Jun 2026 00:20:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 30711\r\nlast-modified: Sun, 14 Sep 2025 08:59:36 GMT\r\naccept-ranges: bytes\r\netag: \"9b9a91e55525dc1:0\"\r\nserver: cloudflare\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wmS0%2BhSSrEEmdPWH5D5eSE9hnWDxW1kaovPszB3d46HTjXXbEGkKCS8tkyj3rpXlcc3lS1ZWNiSxv7wM6i1sjfdvSQIi9dyNIUz7GYFR04IxwwrbQGfEz%2FF6LOc0LOrhzhI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a10fcf3d1cd932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30711,"size_decoded":31447,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x437, components 3","md5":"6b8d08d28ff7dde62d805cae2640632c","sha1":"57b31cfb8d220f518d76a6892096f7691deaf808","sha256":"f543014ac766aa890c047e6ac39fd998eedf88fe906a5f93404fe2b5e5762532","sha512":"18a2224ecae08f85a0f3217e5d2b7cae561b952b8689fb93461cde041d401ecac8ffd47d1bb049bf34eed093dc487e423ed9a2d247f398b0363634608decdd19","ssdeep":"768:nfvihDJ/36AprsbW1YQEK5o/8KG2URcIvQMEu:nfvihDJ/36W8oFWeXPV","tlshash":"69d2f1963c809680f071d07b7900b212f3dfae31976da66e3db91fc5c969809636d1bc","first_seen":"2026-06-25T00:21:38.183642Z","last_seen":"2026-06-25T02:06:14.168108Z","times_seen":4,"resource_available":false,"data":null}},"time_used":831,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/template/images/bg38.png","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.820Z","timestamp":1782346856820,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/bg38.png HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/template/images/bg38.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":2494,"timings":{"blocked":2332,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dev.biymu.com/up_files/images/20240219/17083171168191893.jpg","fqdn":"dev.biymu.com","domain":"biymu.com","tld":"com"},"ip":{"addr":"104.206.23.4","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:56.872Z","timestamp":1782346856872,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20240219/17083171168191893.jpg HTTP/1.1\r\nHost: dev.biymu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dev.biymu.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.huayudo.com/up_files/images/20240219/17083171168191893.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":1782,"timings":{"blocked":1578,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"dev.biymu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.huayudo.com/up_files/images/20210528/16221962351197858.jpg","fqdn":"www.huayudo.com","domain":"huayudo.com","tld":"com"},"ip":{"addr":"104.21.19.232","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dev.biymu.com/","date":"2026-06-25T00:20:58.148Z","timestamp":1782346858148,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /up_files/images/20210528/16221962351197858.jpg HTTP/1.1\r\nHost: www.huayudo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dev.biymu.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 25 Jun 2026 00:20:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.huayudo.com/up_files/images/20210528/16221962351197858.jpg\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WQePM2rdJZd8or%2BDE7L1Sd9ZD7SPUok%2BRdp4iWeKlgZ9YXJqOrsmt7ZZYPsn67dHowDSwDHuXx0xKYRCJjkEESWWsy7Eu8YtB5izG3YtlHELqNbQP%2BRbHTKX%2FGgL%2FvHX2sM%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a10fcf3c6fc0b500-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T03:34:35.400809Z","times_seen":16750458,"resource_available":true,"data":null}},"time_used":796,"timings":{"blocked":791,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}