302 Found 0 B URL User Request GET HTTP/2 IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - SMBC
GET / HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 28 Nov 2023 04:30:31 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53; path=/
location: auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
content-length: 0
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
200 OK 4.3 kB URL User Request GET HTTP/2 ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7db271b571c98adf3c0fe1b16fed32f2
3bcbc81289fa135a5b99f6364f28129a3995c210
cbdfa3c10646e35dad9baa7d51729fec894e8cadcf0539aaa214f43a8a0ce5d7
GET /auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:32 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 4271
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
200 OK 17 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65317)
Hash 8ef777107c4620d4ddd4f8c4bb14a36c
0ae47fa834fb55de7b50c79021aeabecfae50c9c
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
GET /ajax/libs/font-awesome/6.1.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:33 GMT
content-type: text/css; charset=utf-8
content-length: 17188
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62deef96-4324"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 332786
expires: Sun, 17 Nov 2024 04:30:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4nIBn50AsQqhRc4F2nLgXK1RzM9BVx1%2FXQ%2Bakv3hmzf8ug%2BwoG%2BVXBOA%2FSJmVhqQ%2BaKgF%2BpMwWmiD9nF75D91WPc3ARmeeMdgSRz5cvCUz88KwzCYf%2Fg%2BkbZiH6jPoGZvo%2BxWTC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82cfe050b9ef5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ytrdikg.xyz/admin/im/site-jquery.min.js
200 OK 33 kB URL GET HTTP/2 ytrdikg.xyz/admin/im/site-jquery.min.js
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type ASCII text, with very long lines (32056), with CRLF line terminators
Hash ec0038e66fccbe388685ec3cc98ccf80
371a235a8e735bbdc3ba0207fb1af7fcd6b809d4
5994332aadd364a7350ad226ef61c1c75dc97372f739e01682e190be3abaf672
GET /admin/im/site-jquery.min.js HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:33 GMT
server: Apache
last-modified: Sun, 03 Apr 2022 09:44:22 GMT
etag: "16b60-5dbbcdb3b8980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32817
content-type: application/javascript
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/img/client/sportal.svg
200 OK 38 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/img/client/sportal.svg
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (37795), with no line terminators
Hash 8372445ad7e789812fecda88da65a89f
8a6be162d5edef9cabc23a90c2e756f69b40529c
78194da74b169b466c79454b7e6ad7751b5392f9989872b709126abd549978f3
GET /auth/resources/img/client/sportal.svg HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: 5397b127635c463a98daf10dc48890f6
last-modified: Fri, 21 Oct 2022 09:26:54 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 37801
x-cnection: close
content-type: image/svg+xml;charset=UTF-8
x-incap-sess-cookie-hdr: DAq9JigETAIgDS7dZo3UA+psZWUAAAAAVxJk813XEc+bnFJ1DhqJvA==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=BBfzACkh7gggDS7dZo3UA+psZWUAAAAAUhRaBYkAnPyhZbd8fnwREg==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170422 NNNN CT(257 526 0) RT(1701145833027 28) q(0 0 8 0) r(11 11) U24
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/img/client/google.png
200 OK 41 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/img/client/google.png
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
File type PNG image data, 646 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash a0a26a416e06531b0bd1c9e4e882fbe4
798efdd02f49310e760aa424d0a8239a48372ffc
2b1b4ff5b79346bcfc5a78e760e781a5161202adb9884c58f142b457b4bc0a9c
GET /auth/resources/img/client/google.png HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: 3f7e06e684bf4d2baf73e7128ede3227
last-modified: Mon, 11 Sep 2023 01:49:14 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 40674
x-cnection: close
content-type: image/png;charset=UTF-8
x-incap-sess-cookie-hdr: kmD8GCXZDl4gDS7dZo3UA+psZWUAAAAAn+Ak6zD0QHtcROjF9QWSyA==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=ILiER0oHYk4gDS7dZo3UA+psZWUAAAAAFnFhxjBTcjbRCRbTNY1GTA==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170425 NNNN CT(263 535 0) RT(1701145833027 30) q(0 0 8 0) r(11 11) U24
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/img/footer/logo_f.svg
200 OK 4.4 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/img/footer/logo_f.svg
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4408), with no line terminators
Hash b8eca41bfb6a248edf281aea8e84ee56
5276bfc016d3f1ac7ace80739c9e7727260c7427
ddd6300d42d57985e6b3449494bff182a7fa3f4b29a5d0e69c7ed3829bf98bd6
GET /auth/resources/img/footer/logo_f.svg HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: a0ed96ce09a64b2fba196515c5db5ceb
last-modified: Fri, 21 Oct 2022 09:26:54 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4408
x-cnection: close
content-type: image/svg+xml;charset=UTF-8
x-incap-sess-cookie-hdr: HLcEerN3QHcgDS7dZo3UA+psZWUAAAAAIz+0cHr5+WrlPTL2k01AKg==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=tXuWfqILyR4gDS7dZo3UA+psZWUAAAAA13q403e/ZVuOSl6T8j679Q==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170419 NNNN CT(257 525 0) RT(1701145833027 24) q(0 0 8 1) r(10 10) U24
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/css/client/na.css
200 OK 5.1 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/css/client/na.css
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
Hash 1ec6d41c6545aafeafa0ac9214ba9f95
dc5e2b0ab1db69e54b16922909b507349b637d2c
0bc49396cc03f5619f2eea2e441b629353f1e9c39df8c56b3fb20010600baf93
GET /auth/resources/css/client/na.css HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: d070c1755a82438f8c36d8e78a23df44
last-modified: Mon, 11 Sep 2023 01:49:14 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5057
x-cnection: close
content-type: text/css;charset=UTF-8
x-incap-sess-cookie-hdr: KUQwa7QM4RAgDS7dZo3UA+psZWUAAAAAvFTsqS4RwIZx+1HpjJn6Lg==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=HOmJIV1/3isgDS7dZo3UA+psZWUAAAAA5rfjnLDzGjU6j2xgBH61qQ==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170414 NNNN CT(259 528 0) RT(1701145833027 19) q(0 0 8 0) r(10 10) U24
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/css/client/common.css
200 OK 14 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/css/client/common.css
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
Hash 89c3d133a482358034dd8bd608a18ef2
9ffc05fc2624df48ed24e8567fd61289096c7198
4293a505ac0dbf6351dd21d54f092862832f760f740f0b70b5f1ef4ecdf63c1b
GET /auth/resources/css/client/common.css HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: ea54342b672d45adb1420b65f2497527
last-modified: Mon, 11 Sep 2023 01:49:14 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13511
x-cnection: close
content-type: text/css;charset=UTF-8
x-incap-sess-cookie-hdr: ca49M89jGEogDS7dZo3UA+psZWUAAAAAM+1SdnF8r/9z6AkfLXialw==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=EA13QTxq5EwgDS7dZo3UA+psZWUAAAAApTRxmhpmoJ/kAR9lQH1o1A==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170422 PNNN RT(1701145833027 31) q(0 11 11 1) r(13 13) U24
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/img/logo/icon_saison_03.svg
200 OK 4.4 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/img/logo/icon_saison_03.svg
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (4413), with no line terminators
Hash b450d16497af441a9fa4abb1457469af
2f519d66845432720c9c08a9bddd25837efb852f
2a9a2a00a40c8a424a136215aeab6dda1af941afe3b68da802b3dda239a85af7
GET /auth/resources/img/logo/icon_saison_03.svg HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: ed4da32dee614d67bd2736281b75d3e3
last-modified: Fri, 21 Oct 2022 09:26:54 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4427
x-cnection: close
content-type: image/svg+xml;charset=UTF-8
x-incap-sess-cookie-hdr: 728fWso2C0kgDS7dZo3UA+psZWUAAAAA2rLJ8xrAYWE+KGsX1woM0Q==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=KVg0PEm9XmwgDS7dZo3UA+psZWUAAAAAbWpCn/S0KWKD4rflPDRVMw==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170416 NNNN CT(262 535 0) RT(1701145833027 21) q(0 0 8 0) r(11 11) U24
X-Firefox-Spdy: h2
api.saisoncard.co.jp/auth/resources/img/key_ani.gif
200 OK 182 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/img/key_ani.gif
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
File type GIF image data, version 89a, 500 x 357\012- data
Size 182 kB (181478 bytes)
Hash 81a691ace17090f09a472e2e833f4a72
79e9cbcb100fdbe00493bf8fd3a6400ded150302
8fca1ac0be84adf4e4c152bd6db10305f9af5f7761a41a90cd1d55a18b892221
GET /auth/resources/img/key_ani.gif HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: ffdc31fa899f41e5b66bd5c16f9d31dd
last-modified: Fri, 01 Dec 2017 00:57:24 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 181478
x-cnection: close
content-type: image/gif;charset=UTF-8
x-incap-sess-cookie-hdr: n0hiYtUPqSYgDS7dZo3UA+psZWUAAAAA1JCXcH/+1/2R6yaEdUaruA==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=2n8Hb7u3wkIgDS7dZo3UA+psZWUAAAAAeGQIWXIJUSl2M+JP7Sgc+A==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170420 NNNN CT(256 522 0) RT(1701145833027 24) q(0 0 8 1) r(10 10) U24
X-Firefox-Spdy: h2
ytrdikg.xyz/if.html
200 OK 689 B IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with CRLF line terminators
Hash 53e3da20937f610b6cfa67f1d59dc380
8529f3e015a7c83ab3575b1b26c7127d6d03e88d
e98a65d6cba78bae13f9d25f87578c3e4640f8dedc057943c5bfef7bbb1bc4af
GET /if.html HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
last-modified: Thu, 23 Feb 2023 12:14:58 GMT
etag: "563-5f55cf6163480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 689
content-type: text/html
X-Firefox-Spdy: h2
ytrdikg.xyz/admin/im/css/modules/laydate/default/laydate.css?v=5.3.1
404 Not Found 258 B URL GET HTTP/2 ytrdikg.xyz/admin/im/css/modules/laydate/default/laydate.css?v=5.3.1
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a9100ea0dda8128699b0c837ae5269
0923194aed29ae5b2d066b364bf0b037e05a2808
1af88d02cd01c2434dbe20465f6e5adf193cefa053b08b77e131af98c06ccdc1
GET /admin/im/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
content-length: 258
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ytrdikg.xyz/admin/im/css/modules/layer/default/layer.css?v=3.5.1
404 Not Found 258 B URL GET HTTP/2 ytrdikg.xyz/admin/im/css/modules/layer/default/layer.css?v=3.5.1
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a9100ea0dda8128699b0c837ae5269
0923194aed29ae5b2d066b364bf0b037e05a2808
1af88d02cd01c2434dbe20465f6e5adf193cefa053b08b77e131af98c06ccdc1
GET /admin/im/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
content-length: 258
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ytrdikg.xyz/admin/im/css/modules/code.css?v=2
404 Not Found 258 B URL GET HTTP/2 ytrdikg.xyz/admin/im/css/modules/code.css?v=2
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a9100ea0dda8128699b0c837ae5269
0923194aed29ae5b2d066b364bf0b037e05a2808
1af88d02cd01c2434dbe20465f6e5adf193cefa053b08b77e131af98c06ccdc1
GET /admin/im/css/modules/code.css?v=2 HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
content-length: 258
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
200 OK 17 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65317)
Hash 8ef777107c4620d4ddd4f8c4bb14a36c
0ae47fa834fb55de7b50c79021aeabecfae50c9c
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
GET /ajax/libs/font-awesome/6.1.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
content-type: text/css; charset=utf-8
content-length: 17188
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62deef96-4324"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 332787
expires: Sun, 17 Nov 2024 04:30:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJdgijrDa9GF5wChMtu2wN9Uua%2FSsSnluq9rIto7z3XTqGfdJhS692U3yQd7i319JmKEBaTPZr53flSU0SwNOsFaeb1LgynRrnNSbz9XlOfaIBUYFhBfzjpbACbfxeEw2w%2Fw2ncT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82cfe05b3fe556ca-OSL
alt-svc: h3=":443"; ma=86400
api.saisoncard.co.jp/auth/resources/img/client/apple.svg
200 OK 9.9 kB URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/img/client/apple.svg
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1353)
Hash 57272347647449ab686d88248fc9dc9e
bd473ec07c2e71187434882c7bbe3f5b0aa55759
988fe0a48015c5a56dac88172487a1f5cda96340b34d80fd94312d02e9f67865
GET /auth/resources/img/client/apple.svg HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
x-track: eeb31e4dacc94f059293a54adee4668d
last-modified: Fri, 21 Oct 2022 09:26:54 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 9880
x-cnection: close
content-type: image/svg+xml;charset=UTF-8
x-incap-sess-cookie-hdr: ItFhJSXpmjUgDS7dZo3UA+psZWUAAAAAhUeeD3MQR+m3M3bk/54CFA==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=QWJhW+utLDwgDS7dZo3UA+psZWUAAAAAgSsR6tklvb7hKo9iipPl2g==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170425 PNNN RT(1701145833027 30) q(0 11 11 2) r(13 13) U24
X-Firefox-Spdy: h2
use.typekit.net/dkv4rfm.js
200 OK 193 kB URL GET HTTP/2 use.typekit.net/dkv4rfm.js
IP
ASN #20940 Akamai International B.V.
Requested by https://ytrdikg.xyz/if.html
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (26584)
Size 193 kB (192736 bytes)
Hash da625af196ea886175dacd18c6453786
36f9962dfe2bf616c467eb69b668ef2b0bc6d8a6
b0c5ab2a35dab3f47671e65ba529431f18f1661242076f5ea264c469937df658
GET /dkv4rfm.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 192736
date: Tue, 28 Nov 2023 04:30:34 GMT
X-Firefox-Spdy: h2
ytrdikg.xyz/css/iframe.css
404 Not Found 258 B URL GET HTTP/2 ytrdikg.xyz/css/iframe.css
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/if.html
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a9100ea0dda8128699b0c837ae5269
0923194aed29ae5b2d066b364bf0b037e05a2808
1af88d02cd01c2434dbe20465f6e5adf193cefa053b08b77e131af98c06ccdc1
GET /css/iframe.css HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/if.html
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
content-length: 258
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ytrdikg.xyz/js/jquery-3.6.0.min.js
404 Not Found 258 B URL GET HTTP/2 ytrdikg.xyz/js/jquery-3.6.0.min.js
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/if.html
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a9100ea0dda8128699b0c837ae5269
0923194aed29ae5b2d066b364bf0b037e05a2808
1af88d02cd01c2434dbe20465f6e5adf193cefa053b08b77e131af98c06ccdc1
GET /js/jquery-3.6.0.min.js HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/if.html
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
content-length: 258
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ytrdikg.xyz/js/iframe.js
404 Not Found 258 B IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/if.html
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a9100ea0dda8128699b0c837ae5269
0923194aed29ae5b2d066b364bf0b037e05a2808
1af88d02cd01c2434dbe20465f6e5adf193cefa053b08b77e131af98c06ccdc1
GET /js/iframe.js HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/if.html
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:34 GMT
server: Apache
content-length: 258
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=dkv4rfm&ht=tk&h=ytrdikg.xyz&f=43111.43113&a=69442108&js=1.10.1&app=typekit&e=js&_=1701145838793
200 OK 35 B URL GET HTTP/2 p.typekit.net/p.gif?s=1&k=dkv4rfm&ht=tk&h=ytrdikg.xyz&f=43111.43113&a=69442108&js=1.10.1&app=typekit&e=js&_=1701145838793
IP
ASN #20940 Akamai International B.V.
Requested by https://ytrdikg.xyz/if.html
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=dkv4rfm&ht=tk&h=ytrdikg.xyz&f=43111.43113&a=69442108&js=1.10.1&app=typekit&e=js&_=1701145838793 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytrdikg.xyz
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 35
last-modified: Sun, 15 Oct 2023 12:43:11 GMT
etag: "652bde5f-23"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Tue, 28 Nov 2023 04:30:35 GMT
X-Firefox-Spdy: h2
jp.api.capy.me/puzzle/get_js/?k=PUZZLE_MWkj63o1fRQpwgxEZNCgjsS49dxnH4
200 OK 104 kB URL GET HTTP/1.1 jp.api.capy.me/puzzle/get_js/?k=PUZZLE_MWkj63o1fRQpwgxEZNCgjsS49dxnH4
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerDigiCert Inc
Subjectjp.api.capy.me
FingerprintB8:E2:65:AE:A5:4A:29:92:17:B3:10:4E:99:AA:F0:8E:88:2D:24:9C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 104 kB (104127 bytes)
Hash a803029fd1801d9c3e94fa489a2e38b7
442db0415a0c3ca33c5634eda10556d90473a6cc
83aaae71385e3888ed5957ec72ba75119eaca4ca200f181f6aa383be3ab7a4ae
GET /puzzle/get_js/?k=PUZZLE_MWkj63o1fRQpwgxEZNCgjsS49dxnH4 HTTP/1.1
Host: jp.api.capy.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 04:30:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Language
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Content-Language: en
X-CAPY-AP: prd-api7025
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/fa-regular-400.woff2
200 OK 24 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/fa-regular-400.woff2
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 24028, version 769.1280\012- data
Hash e42bcafcb7cc5002daa805140064bf40
f7a09bcbd996fd634045d4e79b6504c945730686
52ec4d833cfa502f109fcc197b417736165f53d3d0b4e73a2801c8d50b641805
GET /ajax/libs/font-awesome/6.1.2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ytrdikg.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 04:30:35 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24028
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "62deef96-5ddc"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 440649
expires: Sun, 17 Nov 2024 04:30:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFfigmyc9BIs9u7foN00Jl91Rj3TWCx7%2Bt5wlDdejnltJ7YPxQK8FNgl9xsGR1UkQYLLyjkB0IuZgwaWss2Q2aelR9XMY%2B2Xy0vleeU5ddhqNb%2FaGt%2F4QEUUNxwRYfxen8PTmGcG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82cfe060698f56ca-OSL
alt-svc: h3=":443"; ma=86400
ytrdikg.xyz/api.php?act=ip_save&_r=0.47256716041579216
200 OK 33 B URL GET HTTP/2 ytrdikg.xyz/api.php?act=ip_save&_r=0.47256716041579216
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 260ec0449e9aadb554fe22aab48d45c4
b669577e8b1daa292bbf5286825c7a0560b1d094
aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794
GET /api.php?act=ip_save&_r=0.47256716041579216 HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:35 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 33
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
jp.api.capy.me/puzzle/get_image/?captcha_key=PUZZLE_k3bptfYPPa9tdhipwhaAnPaYAbKCcg&challenge_key=pjZZ0wvPBjK9dvVgnni91GQx4fFanmz5&screen_width=463&screen_height=889&utc_offset=-480
200 OK 101 kB URL GET HTTP/1.1 jp.api.capy.me/puzzle/get_image/?captcha_key=PUZZLE_k3bptfYPPa9tdhipwhaAnPaYAbKCcg&challenge_key=pjZZ0wvPBjK9dvVgnni91GQx4fFanmz5&screen_width=463&screen_height=889&utc_offset=-480
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerDigiCert Inc
Subjectjp.api.capy.me
FingerprintB8:E2:65:AE:A5:4A:29:92:17:B3:10:4E:99:AA:F0:8E:88:2D:24:9C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type PNG image data, 720 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101156 bytes)
Hash aa29c810ffb94d6a18ae8804775261f8
122fa14e35e39425eb5188c70f4d16d21c5211bf
756a8ecdbbef4eee87c145cfeecc833b3fea6a820b8486e631cb0a0201eadb56
GET /puzzle/get_image/?captcha_key=PUZZLE_k3bptfYPPa9tdhipwhaAnPaYAbKCcg&challenge_key=pjZZ0wvPBjK9dvVgnni91GQx4fFanmz5&screen_width=463&screen_height=889&utc_offset=-480 HTTP/1.1
Host: jp.api.capy.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 04:30:35 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en
Vary: Accept-Language
Cache-Control: no-transform,public,max-age=300,s-maxage=900
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-CAPY-AP: prd-api7025
capy.storage.googleapis.com/static/img/loading.gif
200 OK 404 B URL GET HTTP/2 capy.storage.googleapis.com/static/img/loading.gif
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerGoogle Trust Services LLC
Subject*.storage.googleapis.com
FingerprintEA:09:70:B9:79:C0:45:E5:71:FD:D9:C1:1D:7F:C4:BF:2D:76:85:A5
ValidityMon, 23 Oct 2023 11:23:27 GMT - Mon, 15 Jan 2024 11:23:26 GMT
File type GIF image data, version 89a, 43 x 11\012- data
Hash 5243dea18965998ada5477a2117e2ead
d5f3b09999556ecb5da33466f4233d1d31b885d0
217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d
Analyzer Verdict Alert urlquery phishing Phishing - SMBC
GET /static/img/loading.gif HTTP/1.1
Host: capy.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPofcaT-CyczimAkwn448rzEXRii5jCRqsPTctDZROlIsBVvOAq7kH11XB_FkGUSQ7lz-Po
x-goog-generation: 1459135699606000
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 404
x-goog-hash: crc32c=FxgJYQ==, md5=UkPeoYllmYraVHeiEX4urQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 404
server: UploadServer
date: Tue, 28 Nov 2023 04:19:37 GMT
expires: Tue, 28 Nov 2023 05:19:37 GMT
cache-control: public, max-age=3600
age: 659
last-modified: Mon, 28 Mar 2016 03:28:19 GMT
etag: "5243dea18965998ada5477a2117e2ead"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
capy.storage.googleapis.com/static/img/update.png
200 OK 705 B URL GET HTTP/2 capy.storage.googleapis.com/static/img/update.png
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerGoogle Trust Services LLC
Subject*.storage.googleapis.com
FingerprintEA:09:70:B9:79:C0:45:E5:71:FD:D9:C1:1D:7F:C4:BF:2D:76:85:A5
ValidityMon, 23 Oct 2023 11:23:27 GMT - Mon, 15 Jan 2024 11:23:26 GMT
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 29b2b74982b14715b2d47eca4be1a072
1f1844e00f922ab1e5b4d66a3d139583c76f08b4
01c58e9fde4e043d29deb9b9f5a09930f7c8300de8fa91f1f08dbcdc56eb8682
Analyzer Verdict Alert urlquery phishing Phishing - SMBC
GET /static/img/update.png HTTP/1.1
Host: capy.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoiihH2Sg5VktcGpGohHCodrDxxU-IVF8nX0Ijp5cNkWStb5TJPry_4tzkrVJNBCEAalLbWtaNCmw
x-goog-generation: 1459135735369000
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 705
x-goog-hash: crc32c=xcRSSQ==, md5=KbK3SYKxRxWy1H7KS+Ggcg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 705
server: UploadServer
date: Tue, 28 Nov 2023 04:19:37 GMT
expires: Tue, 28 Nov 2023 05:19:37 GMT
cache-control: public, max-age=3600
age: 659
last-modified: Mon, 28 Mar 2016 03:28:55 GMT
etag: "29b2b74982b14715b2d47eca4be1a072"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
capy.storage.googleapis.com/static/img/guide.png
200 OK 2.3 kB URL GET HTTP/2 capy.storage.googleapis.com/static/img/guide.png
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerGoogle Trust Services LLC
Subject*.storage.googleapis.com
FingerprintEA:09:70:B9:79:C0:45:E5:71:FD:D9:C1:1D:7F:C4:BF:2D:76:85:A5
ValidityMon, 23 Oct 2023 11:23:27 GMT - Mon, 15 Jan 2024 11:23:26 GMT
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash cb7b3aa7090e284aefaa52d11ff77e71
071689194ab4dbcfce5876b0fcba9afda4a928a6
a41d45143e94023697405baabba914184fee4de441c3880da7628e08e7fe2632
Analyzer Verdict Alert urlquery phishing Phishing - SMBC
GET /static/img/guide.png HTTP/1.1
Host: capy.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrCznM0uMUG5sc9Dkg0ppsf1XvqxyXuKWX6SNajC6vo8OtiwMpAgh45i5I1Y54yPHbnEN2wcpSwxA
x-goog-generation: 1459135712103000
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2307
x-goog-hash: crc32c=cvV9Ag==, md5=y3s6pwkOKErvqlLRH/d+cQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2307
server: UploadServer
date: Tue, 28 Nov 2023 04:19:37 GMT
expires: Tue, 28 Nov 2023 05:19:37 GMT
cache-control: public, max-age=3600
age: 659
last-modified: Mon, 28 Mar 2016 03:28:32 GMT
etag: "cb7b3aa7090e284aefaa52d11ff77e71"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
capy.storage.googleapis.com/static/img/new_make_captcha_easy.png
200 OK 1.9 kB URL GET HTTP/2 capy.storage.googleapis.com/static/img/new_make_captcha_easy.png
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerGoogle Trust Services LLC
Subject*.storage.googleapis.com
FingerprintEA:09:70:B9:79:C0:45:E5:71:FD:D9:C1:1D:7F:C4:BF:2D:76:85:A5
ValidityMon, 23 Oct 2023 11:23:27 GMT - Mon, 15 Jan 2024 11:23:26 GMT
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash ac201b24979a96e3b78c1ea46a0d3e7d
dd97a1f1cf2dfed6ab2f29a9ffe183d7e6aa1b4b
6527ce1d64e5deae0babf6d43438ea74a8f39d1eda142c92c4a6ada34f4a32f6
Analyzer Verdict Alert urlquery phishing Phishing - SMBC
GET /static/img/new_make_captcha_easy.png HTTP/1.1
Host: capy.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPqsOrdEW7X-9MVQIMHDm70YexZ9vLvmHqc5R7meIjJdxLx80nAyPMY5swAxGlE5Q8kB4iM
x-goog-generation: 1489466079326106
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1885
x-goog-hash: crc32c=y49LaQ==, md5=rCAbJJealuO3jB6kag0+fQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1885
server: UploadServer
date: Tue, 28 Nov 2023 04:19:37 GMT
expires: Tue, 28 Nov 2023 05:19:37 GMT
cache-control: public, max-age=3600
age: 659
last-modified: Tue, 14 Mar 2017 04:34:39 GMT
etag: "ac201b24979a96e3b78c1ea46a0d3e7d"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jp.api.capy.me/puzzle/get_image/?captcha_key=PUZZLE_k3bptfYPPa9tdhipwhaAnPaYAbKCcg&challenge_key=W3o05atVnYljMLwRjkZTYe0ecP6TPc3I&screen_width=1280&screen_height=1024&utc_offset=0
200 OK 77 kB URL GET HTTP/1.1 jp.api.capy.me/puzzle/get_image/?captcha_key=PUZZLE_k3bptfYPPa9tdhipwhaAnPaYAbKCcg&challenge_key=W3o05atVnYljMLwRjkZTYe0ecP6TPc3I&screen_width=1280&screen_height=1024&utc_offset=0
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerDigiCert Inc
Subjectjp.api.capy.me
FingerprintB8:E2:65:AE:A5:4A:29:92:17:B3:10:4E:99:AA:F0:8E:88:2D:24:9C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type PNG image data, 720 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 963a504b7389df44128b4c8bba8d01e9
2a08a5c4ddfd6ff30aad73993b2dbaf808c97673
68977ac173a21c12d604ab164334cd0bce89d75b217487fc131d146f2a77b451
GET /puzzle/get_image/?captcha_key=PUZZLE_k3bptfYPPa9tdhipwhaAnPaYAbKCcg&challenge_key=W3o05atVnYljMLwRjkZTYe0ecP6TPc3I&screen_width=1280&screen_height=1024&utc_offset=0 HTTP/1.1
Host: jp.api.capy.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 04:30:35 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en
Vary: Accept-Language
Cache-Control: no-transform,public,max-age=300,s-maxage=900
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-CAPY-AP: prd-api7014
api.saisoncard.co.jp/auth/resources/favicon/client/na_favicon.ico
404 Not Found 0 B URL GET HTTP/2 api.saisoncard.co.jp/auth/resources/favicon/client/na_favicon.ico
IP
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectapi.saisoncard.co.jp
FingerprintD9:95:0B:07:7D:94:54:26:F4:D5:18:03:DC:02:26:B0:CF:CE:8D:A0
ValidityMon, 05 Dec 2022 02:05:05 GMT - Sun, 31 Dec 2023 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - SMBC
GET /auth/resources/favicon/client/na_favicon.ico HTTP/1.1
Host: api.saisoncard.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 28 Nov 2023 04:30:36 GMT
server: Apache
x-track: e53c6f1712d241c891a2cdc571d8f400
x-cnection: close
content-type: text/html;charset=UTF-8
x-incap-sess-cookie-hdr: fcMsLdVKBgwgDS7dZo3UA+xsZWUAAAAArtTy3uI8ArzLDxdztd4RJw==
set-cookie: visid_incap_2844377=HFbboyxDRG2IPSS6q2NtNOlsZWUAAAAAQUIPAAAAAAClDcVdKByghjKKMsFoUp91; expires=Tue, 26 Nov 2024 23:59:44 GMT; HttpOnly; path=/; Domain=.saisoncard.co.jp
incap_ses_276_2844377=EJASfGt7KD4gDS7dZo3UA+xsZWUAAAAAz44aGeOmkU3gqCcv9ieJqw==; path=/; Domain=.saisoncard.co.jp
x-cdn: Imperva
x-iinfo: 12-43170411-43170425 PNNN RT(1701145833027 2939) q(0 0 0 0) r(3 3) U24
X-Firefox-Spdy: h2
cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/layer.min.css
200 OK 14 kB URL GET HTTP/2 cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/layer.min.css
IP
ASN #134766 CHINANET Yunnan province IDC2 network
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerSectigo Limited
Subject*.bootcdn.net
FingerprintC7:C7:B8:2B:FF:EE:95:2D:DD:79:F2:7E:05:E7:4A:A7:6C:27:90:17
ValidityThu, 17 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (13770), with no line terminators
Hash cc95560d6c0b155a346306a4d57a711d
ede90187e1bb80fd038d42a6bc3d94f4d5224947
f99199228144a11b7adda7dad83f11c366ecb6f530ba8a352fb155bc0e58fc0e
GET /ajax/libs/layer/3.5.1/theme/default/layer.min.css HTTP/1.1
Host: cdn.bootcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 04:34:02 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.19
expires: Tue, 28 Nov 2023 04:27:39 GMT
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
access-control-allow-origin: *
content-encoding: gzip
age: 0
x-nws-log-uuid: 5420070196833545490
x-cache-lookup: Cache Miss, Cache Miss
strict-transport-security: max-age=63072000;
cache-control: max-age=31536000
X-Firefox-Spdy: h2
ytrdikg.xyz/admin/im/layui.js
200 OK 291 kB URL GET HTTP/2 ytrdikg.xyz/admin/im/layui.js
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Certificate IssuerLet's Encrypt
Subjectytrdyhs.xyz
Fingerprint3B:77:A4:3D:AA:9A:B9:04:A2:28:D1:15:B0:0B:C1:05:A9:F7:37:F5
ValidityMon, 27 Nov 2023 13:41:13 GMT - Sun, 25 Feb 2024 13:41:12 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 291 kB (291290 bytes)
Hash 283f389e9b4f41b323ca7cf7bdd8b46a
b6e72add2fa95aa177e6fe807b875c9a7f22bc5c
bbfe1536a99000acceb61f549aa59354cc596efc9f10d3843aab6b273f5adb1e
GET /admin/im/layui.js HTTP/1.1
Host: ytrdikg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ytrdikg.xyz/auth.php?screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid&_gl=1*1li7pmi*_ga*MTc0NjIwMTE2Ni4xNjY5MzY5MDg0*_ga_BKKP87CX6T*MTY3NzE1NDEyNC4xLjAuMTY3NzE1NDEyNi41OC4wLjA
Cookie: PHPSESSID=2dtm9s0pgukrisjnktdc35oi53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 04:30:33 GMT
server: Apache
last-modified: Sun, 03 Apr 2022 09:44:22 GMT
etag: "471da-5dbbcdb3b8980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
43.153.185.146
104.155.229.138
142.250.74.59
182.242.217.69
104.17.24.14
23.36.76.122