r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a4074549843769a3da3f055bcb5a78ff
f99062d34cf71bda6a9c64061fb9e61008f94021
895e3801806f031611a25bec5652cc1a46dfa76ea6784f5064d859c1a5b9ddf7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "895E3801806F031611A25BEC5652CC1A46DFA76EA6784F5064D859C1A5B9DDF7"
Last-Modified: Tue, 04 Apr 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13650
Expires: Tue, 04 Apr 2023 17:04:37 GMT
Date: Tue, 04 Apr 2023 13:17:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e50dac5108a698d61ca49516033d1a20
53d243b89fc00deb9bfae07351bbe36ddb7c1df3
e9e0ad98c485b56fe65ea0a8bc4974fff3f804fcf2d8f6266ada9acd27c7b7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E0AD98C485B56FE65EA0A8BC4974FFF3F804FCF2D8F6266ADA9ACD27C7B7CC"
Last-Modified: Tue, 04 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8268
Expires: Tue, 04 Apr 2023 15:34:55 GMT
Date: Tue, 04 Apr 2023 13:17:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17179
Expires: Tue, 04 Apr 2023 18:03:26 GMT
Date: Tue, 04 Apr 2023 13:17:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jBPlEc6/HFtcMMhLQOFtGBD+I9FbdBPI/xGoZuqeh3755hZXfUtfeJEq9hGvieecDOW03Spy//c=
x-amz-request-id: GAB7GB64GE3TC15D
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 12:53:13 GMT
age: 1434
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 12:28:44 GMT
content-type: application/json
age: 2903
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 13:17:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
yadangyule.com/company-2.html.html
160.124.44.226301 Moved Permanently 162 B URL HTTP/1.1 yadangyule.com/company-2.html.html
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /company-2.html.html HTTP/1.1
Host: yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Apr 2023 13:17:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.yadangyule.com/company-2.html.html
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 27326a64990c6f698a83600491674790
a6bdb4743ace6be80673f6899605bf9177a75b69
e4a8d3c3016130e47580098183bcea5ae369697b7907eafd65ac3450dc2eb265
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4A8D3C3016130E47580098183BCEA5AE369697B7907EAFD65AC3450DC2EB265"
Last-Modified: Mon, 03 Apr 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16773
Expires: Tue, 04 Apr 2023 17:56:40 GMT
Date: Tue, 04 Apr 2023 13:17:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, ETag, Cache-Control, Expires, Backoff, Last-Modified, Pragma, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 13:14:45 GMT
age: 142
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: juxZb4M+aC1djd7Tm6yzqg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 55lQ09Yl4LbeTY61hgA4q6t5G/g=
Date: Tue, 04 Apr 2023 13:17:07 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.yadangyule.com/company-2.html.html
160.124.44.226200 OK 8.0 kB URL HTTP/1.1 www.yadangyule.com/company-2.html.html
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (2406), with CRLF, LF line terminators
Hash dfcf1041ecbc62b8ad5e32a8572dc503
744bfa71c4695a65f40be0432467c8f800d69171
8fe954a3072c567c0ca91f6bcc30e676ad1687a10136319f2b78085eb7ee0c1a
Analyzer Verdict Alert fortinet Phishing
GET /company-2.html.html HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 13:17:07 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.yadangyule.com/tiaozhuan.js
160.124.44.226200 OK 816 B URL HTTP/1.1 www.yadangyule.com/tiaozhuan.js
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type ASCII text, with CRLF line terminators
Hash 378edc372fe23bda61767c3a12da15dd
4d2ab96f6573f04f1c08e8a661e5b9bb43d5d710
2863b48dd26e191f863462b49450f9650e827dba2437e6b20581a66debfcc356
Analyzer Verdict Alert fortinet Phishing
GET /tiaozhuan.js HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 09:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63147070-5be"
Expires: Wed, 05 Apr 2023 01:17:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.yadangyule.com/css-site.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css
160.124.44.226200 OK 1.0 kB URL HTTP/1.1 www.yadangyule.com/css-site.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type ASCII text, with very long lines (5438), with no line terminators
Hash 66d8c5824aaa6712b952577f50032ede
6a81c6298595ecce6aecb2e6960f5a038485a94e
a1f4724642587081e4ec32c37c681308578c46ac237084b903a4d59f9ef6cbae
GET /css-site.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.yadangyule.com/npublic-libs-core-ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.js
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/npublic-libs-core-ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.js
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npublic-libs-core-ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.js HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper
www.yadangyule.com/css-company_61e3b23510d9a821fa7b74db6fb1a3e70b268568.min.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css
160.124.44.226200 OK 4.7 kB URL HTTP/1.1 www.yadangyule.com/css-company_61e3b23510d9a821fa7b74db6fb1a3e70b268568.min.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type ASCII text, with very long lines (25856)
Hash d891166839c7149c1ed8ad15f691f348
f4639a68162ade2545f2d6db08ce31c7d10a54a6
272429c269bb8564af748f1e8e93656eef31e6cea0f2b315b8c568987c750fc1
GET /css-company_61e3b23510d9a821fa7b74db6fb1a3e70b268568.min.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.yadangyule.com/tongji.js
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/tongji.js
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /tongji.js HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.yadangyule.com/404.html
www.yadangyule.com/npublic-commonjs-common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.js
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/npublic-commonjs-common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.js
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npublic-commonjs-common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.js HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/npublic/commonjs/common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper
www.yadangyule.com/npublic-libs-css-ceccbootstrap.min.css,global.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css
160.124.44.226200 OK 38 kB URL HTTP/1.1 www.yadangyule.com/npublic-libs-css-ceccbootstrap.min.css,global.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type ASCII text, with very long lines (65536), with no line terminators
Hash ae8915b4b032a707feb1b758a19b814f
38b2db6b1e7dfa4770a3a002d8d089035a7e11b5
9e3cbc9dab109d37d5b2d14cf346404c9281c77e195a0f774bef06e47d627968
GET /npublic-libs-css-ceccbootstrap.min.css,global.css?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper.css HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.yadangyule.com/404.html
160.124.44.226200 OK 786 B URL HTTP/1.1 www.yadangyule.com/404.html
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CR line terminators
Hash 39c51381fcc7558affb7b2a309482878
0adf3b39daba6b34fe35645c8925989c25756d05
ec9ce3b6f12a03e6f8b3bc51f9186baf98996f007c85806f4d6e84c980ef99d1
Analyzer Verdict Alert fortinet Phishing
GET /404.html HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/company-2.html.html
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/html
Last-Modified: Mon, 25 Jul 2022 12:48:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62de912c-806"
Content-Encoding: gzip
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/46ee0828-4cdd-441a-a856-72dacda5c55f.jpg
143.204.55.76200 OK 20 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/46ee0828-4cdd-441a-a856-72dacda5c55f.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash 99a10132bfe43327858d1cfc462729d0
d688f9f3d81a78f1f92429ea59e7a2bdfbdc1438
59a59cf7687b9bafbc6624386fd819b5f88993765b580a1f93c173f43032707e
GET /portal-saas/new2022081515103939349/cms/image/46ee0828-4cdd-441a-a856-72dacda5c55f.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 19593
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f-On3qg61HXKprrfMkCGbFwhwqYDwY7gL5BKRCOJS9uvSyfqfSTA9w==
X-Firefox-Spdy: h2
www.yadangyule.com/jquery.la.min.js
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/jquery.la.min.js
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /jquery.la.min.js HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:08 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.yadangyule.com/404.html
www.zydpyb.cn/npublic/commonjs/common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper
54.230.111.45200 OK 819 B URL HTTP/1.1 www.zydpyb.cn/npublic/commonjs/common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper
IP 54.230.111.45:0
File type ASCII text, with very long lines (1769), with no line terminators
Hash f36d55955efa5f4701b944774708217a
7f541f0cbae3ca8a4ba13ae15e85a128b0ef949d
718f12ea72aa1b1ab7a21f2b965521d0b21c4794a662c0c5c0c2727509682de7
GET /npublic/commonjs/common.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:08 GMT
Last-Modified: Tue, 04 Apr 2023 02:31:20 GMT
ETag: W/"642b8bf8-6e9"
Cache-Control: no-store
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zuGRD6DhTGogW-NDzSChd5zSzCxR9X_MYRko30DDQNp7duk_nk_T6g==
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/2563c3d4-37aa-4092-8e7e-8ef235fbc495.jpg
143.204.55.76200 OK 56 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/2563c3d4-37aa-4092-8e7e-8ef235fbc495.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash a4b908cc0f9bd261ca29b1c65cbf2882
46e462083554d2802dfa5cb96c22fd4ca31bb9ce
cc9e062be4c0124c2e00fb5043f5d789f76e16d5a8a20c1e5ddcee38823810dc
GET /portal-saas/new2022081515103939349/cms/image/2563c3d4-37aa-4092-8e7e-8ef235fbc495.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 55928
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: onRGzBqI6nQIIY7Tc50oVSLeRe4MPEMS1j9gv8Ez2gXiQwOGLw6AzA==
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/d7fbe529-9ef7-4054-8941-fbdfd2ccc4d1.jpg
143.204.55.76200 OK 42 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/d7fbe529-9ef7-4054-8941-fbdfd2ccc4d1.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash 6440af060f03a45bfda145d9eb726714
246cec6a6ead0a101198065abef0be3ed4112c11
b55dfc88380c0dae7c72246903394e88b8714fa8d69708e9b039d6868f4fe363
GET /portal-saas/new2022081515103939349/cms/image/d7fbe529-9ef7-4054-8941-fbdfd2ccc4d1.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 41918
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vAHDFKWbfAg-1lS_QTcQqV2lNFgUlFwFcgyVEwMLKHi4h3f3ff2lPw==
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/67526561-5cc1-4b06-b906-a3cc496ca1e4.jpg
143.204.55.76200 OK 35 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/67526561-5cc1-4b06-b906-a3cc496ca1e4.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash f6244b279b72f9a88024da183ea61263
4ef87ad1bed8b58abf68d48c2d274c9fb1a69846
7db7eed60cd1493919e2f4d66bbc1b2bf2d2686604a076ce46e593420723b575
GET /portal-saas/new2022081515103939349/cms/image/67526561-5cc1-4b06-b906-a3cc496ca1e4.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 34988
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WswT-Mnyz54C89m1D3zS6n0pVKjY1K9CaTXUwMDa6rp4zRgkL7Xyxw==
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/d8dfb9ef-d680-409b-99e1-d9f5beea02eb.jpg
143.204.55.76200 OK 51 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/d8dfb9ef-d680-409b-99e1-d9f5beea02eb.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash 6a021c090275eaf4fe97884fdf36e3ba
b2442dfcf328ac10a7fa00c39f734066a494587b
d66c6f42e1d2a8f29c70fd1a264854f9233790aaf8c3c506c998fc926715d0e8
GET /portal-saas/new2022081515103939349/cms/image/d8dfb9ef-d680-409b-99e1-d9f5beea02eb.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 50812
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IPUMH3D_M7VftkMB5fMpHJLpCn2OEiNAh_Pbuqw-x5Mq1-NEAJs0fQ==
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/a7c02c71-d2c6-4416-9886-cc11170cec4c.jpg
143.204.55.76200 OK 61 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/a7c02c71-d2c6-4416-9886-cc11170cec4c.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash 241ea493720e5c3db6fd206e471cdc22
81f5751256485ea9bda8d61d81c23c3c796c058a
dc2ad861e3fb975b17a178227c9c09d517614b025713d024568805886e0cc73e
GET /portal-saas/new2022081515103939349/cms/image/a7c02c71-d2c6-4416-9886-cc11170cec4c.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 61297
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wQcJH9L2OEVuu31wRkNnTs7POhQeOd8uzzVb2uFVx7wpQ2RP7H8g7Q==
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/0cb5998f-d284-4449-8e2b-21bb214417dd.jpg
143.204.55.76200 OK 35 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/0cb5998f-d284-4449-8e2b-21bb214417dd.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash 7278e14929fe71eb16a08d9966c7a038
e8bdd1c67b98d6b72708f692ea605af19c33cbd8
2e868f65a7235874e7e5220c0045612478a168654350faf2cf8a838dc615338f
GET /portal-saas/new2022081515103939349/cms/image/0cb5998f-d284-4449-8e2b-21bb214417dd.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 34828
server: openresty
date: Tue, 04 Apr 2023 13:17:09 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:09 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hjfK0tHG3Eum_ij4m6RTdPTv_FOM8H1MJ78vmbiODFAuuH2YH5uZxA==
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/8b0af944-bd21-40d3-a9db-edca36a276d5.jpg
143.204.55.76200 OK 22 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/8b0af944-bd21-40d3-a9db-edca36a276d5.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=80, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], progressive, precision 8, 300x80, components 3\012- data
Hash abc94b03f0638ab596c962de56ca6ad9
e78224676d29553e63e2d0663fe26ad2625b8809
fb92d87f4b5c7155f2667657a7446789de15d45f7396581922c3bf390e5eca3e
GET /portal-saas/new2022081515103939349/cms/image/8b0af944-bd21-40d3-a9db-edca36a276d5.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 21566
server: openresty
date: Tue, 04 Apr 2023 13:17:09 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:09 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SOlsmJZ6mC-6lqVharpR7YVPWI5syfYoP_X0qnWDCD8ItOqP2d1yIw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Tue, 04 Apr 2023 14:26:24 GMT
Date: Tue, 04 Apr 2023 13:17:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Tue, 04 Apr 2023 14:26:24 GMT
Date: Tue, 04 Apr 2023 13:17:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Tue, 04 Apr 2023 14:26:24 GMT
Date: Tue, 04 Apr 2023 13:17:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 790b71fc2b1faa08db8b4334c9c3f9e3
e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4
eed429169c9d3feb115463d8ead934fa348cdca60aabf0c88d4553ed23575c9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10535
x-amzn-requestid: 8efe600f-9818-4c23-afd3-41c5a4dece2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbFHSoAMF8HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-65e8e6fd575fdc91668d6676;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: NhzzKWFDbSlLrixhTlz5sZSW4x_TPkwj7Kzt6M2m1FmXR7ZdBCCq0w==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 22:01:36 GMT
age: 54933
etag: "e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Tue, 04 Apr 2023 14:26:24 GMT
Date: Tue, 04 Apr 2023 13:17:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d1360ec3cb182322e0a0c445f57e5b7
9f71e3cd002ca8116d917c3b7fb57291099269d1
e3d216e879d771bf2507928ba1b26465c87a4202a4cdc03483f002c2826a81b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6912
x-amzn-requestid: 53fcdc8a-e064-4e81-b5ac-5d0ae4bcfdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpuEZ-IAMFxaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-3b7b43f30dd66fae5dc9ea6a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: I29hcOKFN0L3ivDpD5pWg-Kg22Z10td_Vll6SRScTslvd__JZnJyTg==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:12 GMT
age: 55497
etag: "9f71e3cd002ca8116d917c3b7fb57291099269d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/0be32002-18e3-46ac-a519-d372655b94c1.png
143.204.55.76200 OK 19 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/0be32002-18e3-46ac-a519-d372655b94c1.png
IP 143.204.55.76:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash d0289dc0a46fc5b15b3363ffa78cf6c7
29c400bc3b89f6085766dac4e0330ded5cb73d52
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
GET /portal-saas/new2022081515103939349/cms/image/0be32002-18e3-46ac-a519-d372655b94c1.png HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 19256
server: openresty
date: Tue, 04 Apr 2023 13:17:09 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:09 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VpSuwwBHuwd7PhjiXMfsrIesXXzwkcsTbGBAzxoDHB4hOQkaz2EnHA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fde7605b95c3ac6b8de339dbd12e17b1
b44d521b31be7b3fe378a0e070c49379a6eab26e
5496cf7c705ccc67dd13f86a07d9a352424d58591aa67afe1e1361c640f8d510
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6803
x-amzn-requestid: 6c78179f-0d11-4a23-8e86-e4f05d7c7f90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fq3HrioAMF7ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4645-758850e07ef9b1512b684c35;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fYzW2B9Nf5JLhQdDSzDsT7h-auY41wg3PSAaSI6U68BNGvtHI99W7A==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:51:49 GMT
age: 55520
etag: "b44d521b31be7b3fe378a0e070c49379a6eab26e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80fcfbf9081b3ede0bbbb18635a9cbf4
037891066a15726bb272a8d74f96abb1520b4fe3
5cf70d8254f20aea5ca12439a4558f459d6bbf162f5e1a0f9b62e79de29d4b29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6898
x-amzn-requestid: a56b192d-c797-4521-9af4-e3baaa8e6205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbGsRoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-5aeb60706595f7762c545067;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FntrW1uzEjetZkzVLvN-VUeVu4uWI0ceRV5-OY12YFGq5LQKFfS2mg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:14 GMT
age: 55495
etag: "037891066a15726bb272a8d74f96abb1520b4fe3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad137bebd56918d96431d867ae123332
8572417b762ea2b1dccc3d4236336456be6be1cf
92a575b8055174a83ac1066e2ff931525760c9b96f3e588077ce0ce24a0a7b46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 36fb7671-bd9a-43fc-8920-c5948711d560
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNkNGjHIAMFsBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429294d-5e753ae346a583ac5cbb42f4;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:05:49 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UPNt2yE-_295UTjOFpgSxhrl1XjSOSgQVJoEf__wc0y5btcJ9dIT1w==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 07:23:35 GMT
age: 21214
etag: "8572417b762ea2b1dccc3d4236336456be6be1cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6805e8e-5358-4dee-aa50-02f7eef09448.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6805e8e-5358-4dee-aa50-02f7eef09448.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b740af6dc5565a7ab0e826b9e16c1207
22a5aceeaf4ff6d632ba04d13c19f17b96c0a443
7ecb2a89fb4d4549633d3dfaea1eeea5a3b30581377aa8acd77528c9a2abc7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6805e8e-5358-4dee-aa50-02f7eef09448.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7363
x-amzn-requestid: 8a4a3870-b0f6-4f2d-a09b-5251cabaa9b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CyQy4FiTIAMFd6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a61ab-4d0697674945720206c883f4;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 05:18:35 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: POgTraCRTPliGyxTClWeeGNIz_qwqGs1LDW9uwlIg27xK74lS4vFaA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 04:19:39 GMT
age: 32250
etag: "22a5aceeaf4ff6d632ba04d13c19f17b96c0a443"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14f8da2839a0df97b43616d0102fc8f
4a73f2b1f6c067051a0357e970b50f865c239646
ed9934948f628a62cfdaf2bb3f0ea41740a30e283ab7c5e125618e66a5b95c1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED9934948F628A62CFDAF2BB3F0EA41740A30E283AB7C5E125618E66A5B95C1E"
Last-Modified: Mon, 03 Apr 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21521
Expires: Tue, 04 Apr 2023 19:15:50 GMT
Date: Tue, 04 Apr 2023 13:17:09 GMT
Connection: keep-alive
www.zydpyb.cn/npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper
54.230.111.45200 OK 51 kB URL HTTP/1.1 www.zydpyb.cn/npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper
IP 54.230.111.45:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b6d5178b63f580dbd701cb8c81265232
9b76df7309d93e15f836b0a7d7ed6727e6e3665e
3daf4850fabd09c18bad7fe192e8649fc0f05df0176ff98d48e0b7499c49548d
GET /npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2022081515103939349&viewType=p&v=1679907912000&siteType=oper HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:08 GMT
Last-Modified: Mon, 27 Mar 2023 09:05:50 GMT
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Content-Type-Options: nosniff
Expires: Tue, 18 Apr 2023 13:17:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QandVO3g1NXWg99MBOBERbsc5N7_zisvw6U_fLzUfh8l0KA4Qbxglw==
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/74b849d8-5b80-4aac-b9b8-bfcfdb073e9c.jpg
143.204.55.76200 OK 69 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/74b849d8-5b80-4aac-b9b8-bfcfdb073e9c.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 400x571, components 3\012- data
Hash d5bf2d2d23fb923d2b4492f63c4cf3c0
9d4c1dddbda77cd6d43dc7c6a2982acce18a84ae
781e4529f0e68f89592fcd35ac3dce4fca4a32bca3c7796702430c3ee7bd2afa
GET /portal-saas/new2022081515103939349/cms/image/74b849d8-5b80-4aac-b9b8-bfcfdb073e9c.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 68857
server: openresty
date: Tue, 04 Apr 2023 13:17:09 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:09 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4_IaNfUGRvJFqrG5BIGpr4oe0C4lEDUAMtVCOSnUjRt8G1hQa_OFkw==
X-Firefox-Spdy: h2
www.yadangyule.com/npublic-img-s.png.jpg
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/npublic-img-s.png.jpg
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npublic-img-s.png.jpg HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/npublic/img/s.png
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 93bf7edd3fd06f35743df96909f09d94
24db5774e1af60fe68ec948d47dd86df91ef1874
9c3ce822adcaa5e8d6c73b7f83d623afcad2f2ceae722583f58629a34f8e1830
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 13:17:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Apr 2023 10:07:04 GMT
ETag: "24db5774e1af60fe68ec948d47dd86df91ef1874"
Last-Modified: Tue, 04 Apr 2023 10:07:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 604
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b29d477ff0ab509-OSL
omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/f995bf86-2889-4866-8a0b-17f94cfc5ed9.jpg
143.204.55.76200 OK 415 kB URL HTTP/2 omo-oss-image.thefastimg.com/portal-saas/new2022081515103939349/cms/image/f995bf86-2889-4866-8a0b-17f94cfc5ed9.jpg
IP 143.204.55.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x300, components 3\012- data
Size 415 kB (415113 bytes)
Hash 2f9156a178fa1dd8ee2a139688c7de93
f22f9baf6c4e18783e03f8c3362766ea53c13518
1a3ec6d25a28c7dd05ab0353b8ecab20eda2634b162b1ea6706fb2adfe40aa89
GET /portal-saas/new2022081515103939349/cms/image/f995bf86-2889-4866-8a0b-17f94cfc5ed9.jpg HTTP/1.1
Host: omo-oss-image.thefastimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 415113
server: openresty
date: Tue, 04 Apr 2023 13:17:08 GMT
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 5
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-credentials: false
expires: Thu, 04 May 2023 13:17:08 GMT
cache-control: max-age=2592000, public
p3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 56lXIgpkhfvZNShO2gsfxtoatS6swSfOWygFHnzOHIwH1evzUBwWWA==
X-Firefox-Spdy: h2
www.yadangyule.com/npublic/libs/widget/cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/npublic/libs/widget/cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npublic/libs/widget/cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000 HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:09 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/npublic-libs-widget-cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
www.yadangyule.com/npublic/libs/widget/pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/npublic/libs/widget/pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npublic/libs/widget/pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000 HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:09 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/npublic-libs-widget-pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
www.zydpyb.cn/npublic/img/s.png
54.230.111.45200 OK 608 B URL HTTP/1.1 www.zydpyb.cn/npublic/img/s.png
IP 54.230.111.45:0
File type PNG image data, 10 x 1, 8-bit colormap, non-interlaced\012- data
Hash 9fe9764a4ecd8a4ddce5dbbf764a9fb7
09c39cf5dbe1beae8a596ca38c6440aa8ef81010
2c6eadd01c2eeb56aaf4f59d4ac95dbee21a0caa9334f3dc91e2f9ae4c527a41
GET /npublic/img/s.png HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:09 GMT
Last-Modified: Mon, 27 Mar 2023 09:05:51 GMT
ETag: W/"64215c6f-3bc"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Content-Type-Options: nosniff
Expires: Tue, 18 Apr 2023 13:17:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MNQlfXSp9Snf4fNtsf2gEVAxUEO7Nagl4LJXmlaFv-91HxzTrwCDPw==
www.zydpyb.cn/npublic-libs-widget-pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
54.230.111.45404 Not Found 56 B URL HTTP/1.1 www.zydpyb.cn/npublic-libs-widget-pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
IP 54.230.111.45:0
File type ASCII text, with no line terminators
Hash 2e61ac808cfc14cd0d9951d9f6d2cabf
74f6fa683d574e801c320fae2c34aabcd0c54318
6766ac6b4f03b75211b7e0888b19ccf5b63a7ca33631253c316fef33198f0225
GET /npublic-libs-widget-pl_util.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000 HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:10 GMT
Cache-Control: no-store
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Error from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 23IJzgtZto13zqccAcKYmbGVXj0UkhYgdzSW5YJZt-ocHriOrEMW8w==
www.zydpyb.cn/npublic-libs-widget-cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
54.230.111.45404 Not Found 56 B URL HTTP/1.1 www.zydpyb.cn/npublic-libs-widget-cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
IP 54.230.111.45:0
File type ASCII text, with no line terminators
Hash 2e61ac808cfc14cd0d9951d9f6d2cabf
74f6fa683d574e801c320fae2c34aabcd0c54318
6766ac6b4f03b75211b7e0888b19ccf5b63a7ca33631253c316fef33198f0225
GET /npublic-libs-widget-cmsAjax.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000 HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:10 GMT
Cache-Control: no-store
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Error from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ezmko8b4YwQ3WonUwlwhvGzXEf66JThlxBDb-VsJwLLkA56D06WTkQ==
www.yadangyule.com/thirdcode/scripts
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/thirdcode/scripts
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /thirdcode/scripts HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.yadangyule.com/404.html
www.yadangyule.com/producer/sale
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/producer/sale
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /producer/sale HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.yadangyule.com/404.html
hm.baidu.com/hm.js?539a2fdf7af7098469f7d11e4e3204ea
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?539a2fdf7af7098469f7d11e4e3204ea
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 8c953ab4ba579aae7446c343501f1eb4
9fe6501879f3d28de313846991ed622118fc269c
bf4d3ea01d188524f66b63f3ddbe292bf837066ba42efb6adb1be0db2f161d0b
GET /hm.js?539a2fdf7af7098469f7d11e4e3204ea HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Tue, 04 Apr 2023 13:17:10 GMT
Etag: c46c513b0d85d637ad23122a45d27c2f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B9370FE005013A99; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.yadangyule.com/favicon.ico
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/favicon.ico
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/favicon.ico
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1156630442&si=539a2fdf7af7098469f7d11e4e3204ea&v=1.3.0&lv=1&sn=34691&r=0&ww=1280&u=http%3A%2F%2Fwww.yadangyule.com%2Fcompany-2.html.html&tt=%E4%BC%81%E4%B8%9A%E8%8D%A3%E8%AA%89_%E5%8D%8E%E4%BD%93%E6%B1%87%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1156630442&si=539a2fdf7af7098469f7d11e4e3204ea&v=1.3.0&lv=1&sn=34691&r=0&ww=1280&u=http%3A%2F%2Fwww.yadangyule.com%2Fcompany-2.html.html&tt=%E4%BC%81%E4%B8%9A%E8%8D%A3%E8%AA%89_%E5%8D%8E%E4%BD%93%E6%B1%87%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1156630442&si=539a2fdf7af7098469f7d11e4e3204ea&v=1.3.0&lv=1&sn=34691&r=0&ww=1280&u=http%3A%2F%2Fwww.yadangyule.com%2Fcompany-2.html.html&tt=%E4%BC%81%E4%B8%9A%E8%8D%A3%E8%AA%89_%E5%8D%8E%E4%BD%93%E6%B1%87%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 04 Apr 2023 13:17:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5553E55274444E53; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.yadangyule.com/npublic/libs/widget/language/zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
160.124.44.226302 Found 0 B URL HTTP/1.1 www.yadangyule.com/npublic/libs/widget/language/zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
IP 160.124.44.226:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npublic/libs/widget/language/zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000 HTTP/1.1
Host: www.yadangyule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yadangyule.com/company-2.html.html
Cookie: Hm_lvt_539a2fdf7af7098469f7d11e4e3204ea=1680614231; Hm_lpvt_539a2fdf7af7098469f7d11e4e3204ea=1680614231
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Apr 2023 13:17:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.zydpyb.cn/npublic-libs-widget-language-zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
www.zydpyb.cn/favicon.ico
54.230.111.45200 OK 68 B URL HTTP/1.1 www.zydpyb.cn/favicon.ico
IP 54.230.111.45:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 4dd6d89f65316a1190730a6c93bc80f9
e4f5d39f13870221e2d500bf5e67be89b680f700
b9d2c774c6d4c301a4d3042a19397a53e6fec706acd0d2141354e077a43d6ca5
GET /favicon.ico HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:11 GMT
Last-Modified: Thu, 30 Sep 2021 07:55:01 GMT
ETag: W/"61556d55-47e"
Cache-Control: no-store
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HTM8bMYPJXRqcYQodDnWm3goi-uC-XVI_VCtQxyGyJOR9_YADJRoyw==
www.zydpyb.cn/npublic-libs-widget-language-zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
54.230.111.45404 Not Found 56 B URL HTTP/1.1 www.zydpyb.cn/npublic-libs-widget-language-zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000
IP 54.230.111.45:0
File type ASCII text, with no line terminators
Hash 2e61ac808cfc14cd0d9951d9f6d2cabf
74f6fa683d574e801c320fae2c34aabcd0c54318
6766ac6b4f03b75211b7e0888b19ccf5b63a7ca33631253c316fef33198f0225
GET /npublic-libs-widget-language-zh_CN.min.js?instance=new2022081515103939349&viewType=p&siteType=oper&v=1679907912000 HTTP/1.1
Host: www.zydpyb.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.yadangyule.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Tue, 04 Apr 2023 13:17:11 GMT
Cache-Control: no-store
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Error from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S_LP6KlbQT4QEm8xO2-_hODTD8foEyMODzDfdkHc6RmsxgFD9Xc9zQ==
bob.hbkldb.com/
154.93.187.186403 Forbidden 0 B IP 154.93.187.186:0
ASN #134548 DXTL Tseung Kwan O Service
GET / HTTP/1.1
Host: bob.hbkldb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yadangyule.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Apr 2023 13:17:09 GMT
content-type: text/html;charset=utf8
vary: Accept-Encoding
set-cookie: 6d71dd110dc8ad338a2c21cb30ff3cdd=5e34ab145c627bc8b91c3cc299598c56;
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bob.hbkldb.com/?btwaf=63526936
154.93.187.186403 Forbidden 0 B URL HTTP/2 bob.hbkldb.com/?btwaf=63526936
IP 154.93.187.186:0
ASN #134548 DXTL Tseung Kwan O Service
GET /?btwaf=63526936 HTTP/1.1
Host: bob.hbkldb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bob.hbkldb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Apr 2023 13:17:09 GMT
content-type: text/html;charset=utf8
vary: Accept-Encoding
set-cookie: 6d71dd110dc8ad338a2c21cb30ff3cdd=5e34ab145c627bc8b91c3cc299598c56;
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bob.hbkldb.com/?btwaf=40925378
154.93.187.186403 Forbidden 0 B URL HTTP/2 bob.hbkldb.com/?btwaf=40925378
IP 154.93.187.186:0
ASN #134548 DXTL Tseung Kwan O Service
GET /?btwaf=40925378 HTTP/1.1
Host: bob.hbkldb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bob.hbkldb.com/?btwaf=47422564
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Apr 2023 13:17:11 GMT
content-type: text/html;charset=utf8
vary: Accept-Encoding
set-cookie: 6d71dd110dc8ad338a2c21cb30ff3cdd=76934aee16865d40857fa517e3f90960;
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bob.hbkldb.com/?btwaf=93021405
154.93.187.186403 Forbidden 0 B URL HTTP/2 bob.hbkldb.com/?btwaf=93021405
IP 154.93.187.186:0
ASN #134548 DXTL Tseung Kwan O Service
GET /?btwaf=93021405 HTTP/1.1
Host: bob.hbkldb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bob.hbkldb.com/?btwaf=40925378
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Apr 2023 13:17:11 GMT
content-type: text/html;charset=utf8
vary: Accept-Encoding
set-cookie: 6d71dd110dc8ad338a2c21cb30ff3cdd=76934aee16865d40857fa517e3f90960;
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2