{"report_id":"182c12a3-e49a-4d41-80f3-c65406fd67be","version":6,"status":"done","tags":[],"date":"2026-02-14T03:05:46Z","url":{"schema":"https","addr":"girisgunceladres.vip/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/#/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"title":"girisgunceladres.vip/h5/","dom":{"size":190084,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59522), with CRLF, LF line terminators","md5":"c1aeac6bc1725953b2749f90920edbce","sha1":"550235fb65c471d43c2f78b4fb6a580db9b03162","sha256":"5a9376be91646a8b6aae62d00ba4822ddd02b43c2f0a32885a1215e3100abc61","sha512":"8a066bc0cd4b480d055b0936c9ba616ecc61df3ae6a689999c32aa20e979d34b75d4772bfa322972f832e109630a8df688d44bab8d175e4d345d93c4fa43434b","ssdeep":"3072:yy3oWojGIVnqWPEwxsFbDW4YUml+tBwbHn:yy3oWoqIVnqWcusFNYUml+PwbHn","tlshash":"4004e632710239d72473ccc2e094af07ac1edf33c1684a54bbaa27659fd6ef45a25b19","dom_hash":"domhashaa591586e929460a9a9790f4a02db805","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"girisgunceladres.vip/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T03:05:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"girisgunceladres.vip","ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-31","domain_rank":0,"first_seen":"2026-02-13T09:40:00.106266Z","last_seen":"2026-02-13T09:40:00.106266Z","alert_count":0,"request_count":24,"received_data":1577176,"sent_data":11775,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"mp4.nymaite.cn","ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2022-01-21","domain_rank":0,"first_seen":"2023-09-01T01:24:47Z","last_seen":"2026-02-13T06:21:32.679617Z","alert_count":0,"request_count":17,"received_data":2414,"sent_data":8236,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"console.nymaite.cn","ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2022-01-21","domain_rank":0,"first_seen":"2023-06-15T03:01:52Z","last_seen":"2026-02-13T06:21:32.674976Z","alert_count":0,"request_count":6,"received_data":13708,"sent_data":3000,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"shortbox.cc","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-05-04","domain_rank":0,"first_seen":"2026-02-13T06:21:32.159416Z","last_seen":"2026-02-13T06:21:32.159416Z","alert_count":0,"request_count":2,"received_data":102078,"sent_data":849,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-02-11T15:09:54.260395Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/chunk-vendors.9141e4b8.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcd6c642dab9fa820f5b8075d2248275","sha1":"21c05aca8533018101b86ff3a6450584ab5fb1d3","sha256":"fc8accee25c9adddeeb6d5b2ee2c1e917eaba3cd9491d52ec28aa92ab37f1eb8","sha512":"1ee9dfe14afbd521667205567799efd6232ddb93f3e5d5e43ca8656fb452a8da8da06498dd7a3d551fb5ab730c447acfb8e93c53afe83db724df3ccd71c4daf2","ssdeep":"6144:mYDEsj7aV7N0vHTASzZTRWNob/AEvmfr11hpTo57umJDXvzL4HPCHoWB3F:x47N0vHUSzZTRWNB+imOJu3F","tlshash":"3505f78df286b0b507e770b5403f220bb2376999b40a84d4f275e4d4ad7894e622bf7d","size":821415,"data":"","first_seen":"2026-02-13T06:21:38.366043Z","last_seen":"2026-06-07T21:35:15.747053Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shortbox.cc/assets/js/jquery.min.js","fqdn":"shortbox.cc","domain":"shortbox.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a3eea3f27f34c98a7d644b3f0f60f85","sha1":"5ddd6acb2972a82d79c114ff0c4836b31d5255a6","sha256":"9cfed95f01296eb75a92709a60c838983daeab019219c75c106ffff4cd8b3908","sha512":"6bdd5d3ca228b89663547e381d8086a09098b884292e4c2b46f93b3b12aeb12f1217c3d8cd8563232a1b590e4e7c78c8aed11b61787025662f6d6d2d4b062dd2","ssdeep":"1536:19qodwgFZCg6YGIF+G5FWbxdnh17gnIlK/2RZYRHBpz+3e5ynQaKPkLl0xMXk23t:1fcsIq5FyQYpUuEK","tlshash":"07932add76d6b06247ab20b9506f510af232589d784c8400f264e8f6fc78e4a927bf7d","size":96638,"data":"","first_seen":"2026-02-13T06:21:38.368819Z","last_seen":"2026-02-17T11:32:44.987202Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/pages-home-index.56a9dab0.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddb308baab7c93e8e1ff4ec28b9da046","sha1":"d16c0468b237309901db65542daa0e78b1310e5d","sha256":"94eb2b215216984170378b31d008bd6bfa3ba7ef90d66c27ff9be9ebedc47f8f","sha512":"eefc6001da98e81607fee72bded98b3e23dd603692911855b9db861502a352520473d0b32ebe67c25373e24b9d71cc314e868becd2b9cae02551e8bcdd2a3216","ssdeep":"384:u7CQKu+5OAZ9ApJYdh8tFARjCPYhGDQPgEoSJKcZ+Vp4Owyb:uZKuE9AzYyqjCghjPzouKcZ4pP","tlshash":"a3030c2db14bb46b8dc39c1534ce591a11796e36e051b4c0f7f2c868caf1ada171af4e","size":40115,"data":"","first_seen":"2026-02-13T06:21:38.343168Z","last_seen":"2026-06-07T21:35:15.761186Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/assets/js/mt4.js?t=20221","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7a84f3838ffb696a13b25cbce1097ca","sha1":"4e51dd57574070e6d796d4d452774ad53dc55386","sha256":"47f4f41faf980b1a7406ed6578be312f8e96394f49dbba1449f0db1c081bf61d","sha512":"cf67527e2df5ee28f20d6d0e7a04674c62f5c77d27648aa12dc0e6dad3d469541feee07e4d26b573aae602097a2425f74a2b808286f8247608476f5032e0d1d4","ssdeep":"48:fHN4fUVJYIArGLr7BXgsBwyAn8DBwp3zZfyxxEbMhOrJmQ/Nu3zQjlLcwZz:1ckrrVBwyAnOszFaeMhcn6zQjlzZ","tlshash":"bbb188cd30f6647197a7f1aa25c5430356f23499abd5f364b08ca50b07d4ca4b13b9af","size":5365,"data":"","first_seen":"2024-12-15T08:42:20.713612Z","last_seen":"2026-06-07T21:35:15.75446Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/#/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3c42a63b848d3fb712f7d2752cde71dd","sha1":"a9ebaeacae86444b212c0445969da37387a583ea","sha256":"497ff616fb3ea9f7103998af71e34570fba494c9a5e99196718391c20a1c9c44","sha512":"6859b1126e684d46b887e4ce9d868c455acdd1e601db3f5892649e64d4da0c96a73d699901043d8e26d09e6ddf8b9091c9da99e0acbca5f9fac43cac0e1dd6f9","ssdeep":"48:bqWNdMHXiAvEX4J4kvPI/brwbgJC2vrzDO0SUfMHOlA36hkE7Ad:uWNm3DEJJC2LO0kuKorAd","tlshash":"ceb1939f248214306117df900ff6474a6bbab1749862a5363a9db2c3478ad48c09f76f","size":5342,"data":"","first_seen":"2024-12-15T08:42:20.716395Z","last_seen":"2026-06-07T21:35:15.770995Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/#/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3c42a63b848d3fb712f7d2752cde71dd","sha1":"a9ebaeacae86444b212c0445969da37387a583ea","sha256":"497ff616fb3ea9f7103998af71e34570fba494c9a5e99196718391c20a1c9c44","sha512":"6859b1126e684d46b887e4ce9d868c455acdd1e601db3f5892649e64d4da0c96a73d699901043d8e26d09e6ddf8b9091c9da99e0acbca5f9fac43cac0e1dd6f9","ssdeep":"48:bqWNdMHXiAvEX4J4kvPI/brwbgJC2vrzDO0SUfMHOlA36hkE7Ad:uWNm3DEJJC2LO0kuKorAd","tlshash":"ceb1939f248214306117df900ff6474a6bbab1749862a5363a9db2c3478ad48c09f76f","size":5342,"data":"","first_seen":"2024-12-15T08:42:20.716395Z","last_seen":"2026-06-07T21:35:15.770995Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ec0086722d72ea95d1e97d455d135c91","sha1":"136c72ace1875c1206b274ca0cf24ed33a11d9a6","sha256":"9ea1492b35a3f52f61c72ab9690242149455b8068d149dff181d54532437f552","sha512":"a6377bb19cce90e385c3cd941eaa1ae27e18d70e1ce90f4e2e5cf5a9c5141069539c442aeb8f5c8a13378a8acc1043c1e84bb2a8593ed6ee026e7303e97bad47","ssdeep":"","tlshash":"fce068c360aa294c0120801a304ac0032bba08b29ec149610c487ba58ab9e4bc46e859","size":343,"data":"","first_seen":"2024-11-11T19:54:28.271167Z","last_seen":"2026-06-08T13:58:59.443341Z","times_seen":725,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/index.83fb5993.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c8def300add4b18aa20d44f9c6df77f","sha1":"5a6b41e61fd6de05f0a03b184a0b0a6b5ecdd8ee","sha256":"3111a8790ef81f73f8a785224e02d5c454e15e2b14b8dbaa6959db11921988a9","sha512":"9797724be7cb833ea1ed9a1d15c795ee22e176b6fe95bb040f70cf09382df8911892ae189150968c3d01ff34bbae197934e52205c48b54ba78e403a0733051b2","ssdeep":"6144:t8OYsWZlM2bJAAih854mWy3oWoqIVnqWcusFNYUml+P4BO4KaaG:t8OYfZlM2bGAB54mVoFRYWcuISUml+PQ","tlshash":"dd747db93199fdef0ad32494041fa2017d6e3d27445af881fbf5cac59e1eb491226f28","size":338034,"data":"","first_seen":"2026-02-13T06:21:38.36697Z","last_seen":"2026-06-07T21:35:15.752284Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shortbox.cc/assets/js/mt4.js","fqdn":"shortbox.cc","domain":"shortbox.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc4c7b254531d15327af19df14b19199","sha1":"dbdd37067f44ee88c08691b0a6e4eaea2a18be84","sha256":"339c8ae9bb8706fa851b2df3f109e7bb7d9c067c0c74b2117ed07a5ab179e387","sha512":"4da5fed1d7e794219dbe8f7911c2e77a6177f3a91d78c3f219bc6df91411d2fa21252e280e9198674b0b546b3679c2a789e00606d4ce53dcae04eb9eb97dcdef","ssdeep":"","tlshash":"5c81f48d30fa1021885760fe1f8b71247425d01b6a5adf117e0e82499fd5739e3a7bde","size":3935,"data":"","first_seen":"2026-02-13T06:21:38.345895Z","last_seen":"2026-02-17T11:32:45.034531Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/pages-home-index~pages-user-share-withdraw.23d61766.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e66177696f3b8d8babe77eee46ef564","sha1":"3be69793038e4477e3751d6846d1bb02c1b3c314","sha256":"1e02b8ebaee2108df885ec75bd321adddb207b992899e15f977f002b66083f95","sha512":"7d27b6de82c5cec1a1cd8a841e968d18fd7ad31f35a255d4da4c36db3c714a67ffc5ef09e0f48515fcbc599f22cfb7e123f8618bf6f3a9056ce90716f4b4c93b","ssdeep":"192:19zLPlqIdoRsAhBpDT98dM21g0wSrew/0F+Mg98D7hH5oRs669qz:PlqBzwgZi/LqDQC9qz","tlshash":"4342b55fb1def42348e36454146b220a32662d5c84193190dff2d7ee8baaa4f07a7f5c","size":12577,"data":"","first_seen":"2026-02-13T06:21:38.357189Z","last_seen":"2026-06-07T21:35:15.747738Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/pages-home-index~pages-home-update~pages-home-user~pages-login-login~pages-login-register~pages-user~6ea07087.f6a1a659.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f968f5ebabe97723b9a6b6abe65bbb99","sha1":"5e941745f7d67e38e267eb5302c01a97d5295114","sha256":"f75aa7d182f255e03520a42940582af9e1ed13ef41ca40a1838bad49109dabc9","sha512":"d71c6399491b9f704b5efc755d36e74018104a8e4224158ea57332f7ce1f6cca3f151d65982fbda89e25b653ca96032bea2aa8f6d8d02377b099e4a93b77937d","ssdeep":"192:twpIxPYPPXbzcvXqk0bevv9fgl4LIEUP46psIFoRsP6g383d5FoRsr:taIx6zQ0bkBnMEUw6pszpdsO","tlshash":"7732fa5df28eb4640ad7c050c91b814971673e1ce435a691ebe8c3fb86e1bce0657f18","size":11626,"data":"","first_seen":"2026-02-13T06:21:38.347144Z","last_seen":"2026-06-07T21:35:15.76985Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/assets/js/mt4.js?t=10112","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7a84f3838ffb696a13b25cbce1097ca","sha1":"4e51dd57574070e6d796d4d452774ad53dc55386","sha256":"47f4f41faf980b1a7406ed6578be312f8e96394f49dbba1449f0db1c081bf61d","sha512":"cf67527e2df5ee28f20d6d0e7a04674c62f5c77d27648aa12dc0e6dad3d469541feee07e4d26b573aae602097a2425f74a2b808286f8247608476f5032e0d1d4","ssdeep":"48:fHN4fUVJYIArGLr7BXgsBwyAn8DBwp3zZfyxxEbMhOrJmQ/Nu3zQjlLcwZz:1ckrrVBwyAnOszFaeMhcn6zQjlzZ","tlshash":"bbb188cd30f6647197a7f1aa25c5430356f23499abd5f364b08ca50b07d4ca4b13b9af","size":5365,"data":"","first_seen":"2024-12-15T08:42:20.713612Z","last_seen":"2026-06-07T21:35:15.75446Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/index/init?platform=H5","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/index/init?platform=H5 HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:26 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hQxjJ9h3H7%2BAMYjFHrZ7uUtr0NQFVNicMshQJtDJM8AgnzNjdcw8PiU7NLHrzrQUJC865vUqCe0Ei6KN%2FCL0AV0t%2Ftv%2BKxdW4xYwPoW1Z48X4w2v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd958067f160731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1480,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5b1939a69ee10e3418c9ef5fc177695f","sha1":"18a3d9267b86bd811d0f6d403a09cafe9f4f8b2a","sha256":"8d5f4779aa31f7265bed3688d1a89be1c9d6e2d794f58815895697fd5926b6dd","sha512":"b781da2be9dd1a9fa48aa041bfcc2d0e34e058d57f5fb56ad6630a570c2b717467dff81530aca774ca28e1c2bc632b3c601b67646e08d369a9924add8dbf649e","ssdeep":"","tlshash":"8931547e6154cc6f126457c8668e395cc6ad1923dddcda6cd504dd9c4cf81ec2223572","first_seen":"2026-02-14T03:05:48.938213Z","last_seen":"2026-02-14T03:05:48.938213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%AE%A0%E5%A6%83%E8%A6%81%E7%BF%BB%E5%A4%A92981/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%AE%A0%E5%A6%83%E8%A6%81%E7%BF%BB%E5%A4%A92981/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":691,"timings":{"blocked":438,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/api/index/notify","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"POST /api/index/notify HTTP/1.1\r\nHost: console.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 47\r\nOrigin: https://girisgunceladres.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"{\"site\":\"girisgunceladres.vip\",\"type\":\"dramas\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: https://girisgunceladres.vip\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nset-cookie: server_name_session=48d390272009a6f0f71d5de6ebbb4c4b; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"16b2d898f9457da90cb78b49411f71ca","sha1":"825085ae3b6a57239a6f008e97219a91711b9ed3","sha256":"8695e03ee85c5d0561612193e21dd86725c4c7fe5257e0b29234db0804de41de","sha512":"615174a2a21ebfb378cd19b08386debf8556f883dba2e97745d302c3c6808d3b7bb3e0db6e0006c53752f5fe05349e84a63f170c722181b55dbe9f4bdc4d40c2","ssdeep":"","tlshash":"eda00254640918264826aa5886ca458a021d954308c6cfa86d4b6f2958cf574b83b675","first_seen":"2026-02-14T03:05:48.941151Z","last_seen":"2026-02-14T03:05:48.941151Z","times_seen":1,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E7%A9%BF%E8%B6%8A%E7%94%9F%E5%AD%98%E6%94%BB%E7%95%A52983/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E7%A9%BF%E8%B6%8A%E7%94%9F%E5%AD%98%E6%94%BB%E7%95%A52983/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":767,"timings":{"blocked":265,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/assets/js/mt4.js?t=20221","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /assets/js/mt4.js?t=20221 HTTP/1.1\r\nHost: console.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 09:29:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6593d790-14f5\"\r\nset-cookie: server_name_session=48d390272009a6f0f71d5de6ebbb4c4b; Max-Age=86400; httponly; path=/\r\nexpires: Sat, 14 Feb 2026 15:05:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5365,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5365), with no line terminators","md5":"e7a84f3838ffb696a13b25cbce1097ca","sha1":"4e51dd57574070e6d796d4d452774ad53dc55386","sha256":"47f4f41faf980b1a7406ed6578be312f8e96394f49dbba1449f0db1c081bf61d","sha512":"cf67527e2df5ee28f20d6d0e7a04674c62f5c77d27648aa12dc0e6dad3d469541feee07e4d26b573aae602097a2425f74a2b808286f8247608476f5032e0d1d4","ssdeep":"48:fHN4fUVJYIArGLr7BXgsBwyAn8DBwp3zZfyxxEbMhOrJmQ/Nu3zQjlLcwZz:1ckrrVBwyAnOszFaeMhcn6zQjlzZ","tlshash":"bbb188cd30f6647197a7f1aa25c5430356f23499abd5f364b08ca50b07d4ca4b13b9af","first_seen":"2024-12-15T08:42:20.713612Z","last_seen":"2026-06-07T21:35:15.75446Z","times_seen":52,"resource_available":true,"data":null}},"time_used":1144,"timings":{"blocked":568,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":303},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E7%97%85%E5%A8%87%E6%91%84%E6%94%BF%E7%8E%8B2979/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E7%97%85%E5%A8%87%E6%91%84%E6%94%BF%E7%8E%8B2979/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":689,"timings":{"blocked":436,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/index.83fb5993.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:25.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/js/index.83fb5993.js HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 30 Dec 2025 10:24:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6953a84a-52872\"\r\nexpires: Sat, 14 Feb 2026 15:05:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9f%2B4GbUrThgunbzcKVn3fi6PIFKBraRbM6h9%2FG05eeiB1vn4jQvoJXGitWeEYlyLkSO9FudA%2BVRjWZr8QgBFj7fR5Nm%2BmztiVyR%2FCjjo20tYY4%2Fo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd957feab1e0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":338034,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63484), with no line terminators","md5":"624422174cd245eba28adf099b2131af","sha1":"623aff76cd4f7c5298c382834a793be8807e5e38","sha256":"839510056780d689964182273620ea4d80839b41b54a9666fd12f9e490b9735f","sha512":"9bc9379c78d35fa6c46358b5263b9e52290197a76e72781ea7bcec0208554f5f4203817754677c3b21045bac9c2b425f19b3dccbf2216d3d6dce532769484c2d","ssdeep":"6144:t8OYsWZlM2bJAAih854mny3oWoqIVnqWcusFNYUml+P4BO4KaaG:t8OYfZlM2bGAB54m6oFRYWcuISUml+PQ","tlshash":"ae747db93199fdef0ad32494081fa2016d6e3d67445ef481fbf5cac48e1eb491226f28","first_seen":"2026-02-14T03:05:48.943391Z","last_seen":"2026-02-14T04:01:33.486038Z","times_seen":2,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":535,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/video/home","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/video/home HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nCookie: think_var=zh-tw\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4av066dxHAI8JnHP7LkOm8UNllmj2hFz4HHhmNaywMPrhJFLz9GUugmmZ9ZAu%2FLlxnOfJb2uepapS%2FRc4fBYDwT0fet8YY7fFv0gj8xXsm%2FEXBf5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd9580c0fd10731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16727,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3d31d3df6e4d395f733be528a0c2e24e","sha1":"b0a17e56dcc76b05f706608c21042510ea593da7","sha256":"7887b61ac2fc53a04121595981d0b91979003eea30fda91ca7f2023153d14fbc","sha512":"9670cb5f6a36df67e6461990579278d23c95948588e23e74dcf45b849fa52f778ce7b61608f3cf463d907b8239ee461773d4a67991c6c933bb9f1d1ec14563a5","ssdeep":"96:fcXxJI3kN4gFkN404HQUKvYwl2SYCzZ49DHPATarm+gGf+37fXEjHPATwk51zMn+:Mq6oFwTeg2TL52kKo0wGoR2Pe","tlshash":"727295d5cb7e0c2f170327f9adcb708a65fc619129dd9eb46e1bec28056449ec2c029b","first_seen":"2026-02-14T03:05:48.944776Z","last_seen":"2026-02-14T03:05:48.944776Z","times_seen":1,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E7%8E%8B%E7%89%8C%E5%AE%AB%E5%A5%B32996/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E7%8E%8B%E7%89%8C%E5%AE%AB%E5%A5%B32996/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":973,"timings":{"blocked":464,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T03:05:25.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/ HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 03:05:25 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mU%2FEGSBPJEj3fcMwFg6hUm0Op65cdz%2FL%2BRvFphzrGOlkHGC1ABHbKjSF7zCg4FKuaJzDmb%2FWU8lzMAu30xT7UcX%2FPXKRGNWRMjfSijFnWubBMssc\"}]}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9cd957fc6abd1a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (533), with CRLF line terminators","md5":"e5ccd5a78cff367d840d7a873b5d0b01","sha1":"35fb76410e61885e77d5e9ff08fcfae06adff876","sha256":"072dead3f0d8473c86ddf10307b71233dedc1b421b9322674657c9c4a903e897","sha512":"ab0631c88b5be4211cee3e7046f9496afeceeeb5a3768bd5093999236f4f05fab31965b9e8d4f5cc15d49b50fa7f147c60dc2c8801dfd8bf1ae83ee4b7964bd8","ssdeep":"","tlshash":"360112c31c20e40d0b108642317ad12e896b49f4ae50c9505cc46aec89e0b8ece2e804","first_seen":"2026-02-13T06:21:38.355181Z","last_seen":"2026-06-07T21:35:15.759784Z","times_seen":49,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/pages-home-index~pages-home-update~pages-home-user~pages-login-login~pages-login-register~pages-user~6ea07087.f6a1a659.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/js/pages-home-index~pages-home-update~pages-home-user~pages-login-login~pages-login-register~pages-user~6ea07087.f6a1a659.js HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-2d6a\"\r\nexpires: Sat, 14 Feb 2026 15:05:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jIagEZThW%2B9BodMfuq7TD9aI1atKy5vlKmETctZin6DTltqOMl%2B52PzDPWF3BuSfVkvk%2BVt3tVOtTx3rkG9B4P%2FaubKdjTgEBW4Kbub%2Bx%2Bua6EK3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd958063f0b0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11626,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10638), with no line terminators","md5":"f968f5ebabe97723b9a6b6abe65bbb99","sha1":"5e941745f7d67e38e267eb5302c01a97d5295114","sha256":"f75aa7d182f255e03520a42940582af9e1ed13ef41ca40a1838bad49109dabc9","sha512":"d71c6399491b9f704b5efc755d36e74018104a8e4224158ea57332f7ce1f6cca3f151d65982fbda89e25b653ca96032bea2aa8f6d8d02377b099e4a93b77937d","ssdeep":"192:twpIxPYPPXbzcvXqk0bevv9fgl4LIEUP46psIFoRsP6g383d5FoRsr:taIx6zQ0bkBnMEUw6pszpdsO","tlshash":"7732fa5df28eb4640ad7c050c91b814971673e1ce435a691ebe8c3fb86e1bce0657f18","first_seen":"2026-02-13T06:21:38.347144Z","last_seen":"2026-06-07T21:35:15.76985Z","times_seen":49,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/api/index/notify","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"OPTIONS /api/index/notify HTTP/1.1\r\nHost: console.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://girisgunceladres.vip/\r\nOrigin: https://girisgunceladres.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: https://girisgunceladres.vip\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: content-type\r\nset-cookie: server_name_session=48d390272009a6f0f71d5de6ebbb4c4b; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/chunk-vendors.9141e4b8.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:25.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/js/chunk-vendors.9141e4b8.js HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-c88a7\"\r\nexpires: Sat, 14 Feb 2026 15:05:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iZuiBj56vKhsMaX0CtVjOI3PyLg46iVhi2ZwYOs9oF6xP%2BBSQEY1qzOM3wDuKDezu0sVzuE%2B2q0393lRyfavWC4s2q1t%2FnZNGPESXFNRl7qguDwY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd957feab1a0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":821415,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65218), with no line terminators","md5":"dcd6c642dab9fa820f5b8075d2248275","sha1":"21c05aca8533018101b86ff3a6450584ab5fb1d3","sha256":"fc8accee25c9adddeeb6d5b2ee2c1e917eaba3cd9491d52ec28aa92ab37f1eb8","sha512":"1ee9dfe14afbd521667205567799efd6232ddb93f3e5d5e43ca8656fb452a8da8da06498dd7a3d551fb5ab730c447acfb8e93c53afe83db724df3ccd71c4daf2","ssdeep":"6144:mYDEsj7aV7N0vHTASzZTRWNob/AEvmfr11hpTo57umJDXvzL4HPCHoWB3F:x47N0vHUSzZTRWNB+imOJu3F","tlshash":"3505f78df286b0b507e770b5403f220bb2376999b40a84d4f275e4d4ad7894e622bf7d","first_seen":"2026-02-13T06:21:38.366043Z","last_seen":"2026-06-07T21:35:15.747053Z","times_seen":49,"resource_available":true,"data":null}},"time_used":924,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":390,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shortbox.cc/assets/js/jquery.min.js","fqdn":"shortbox.cc","domain":"shortbox.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shortbox.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 11 Jan 2026 05:01:11 GMT","end":"Sat, 11 Apr 2026 05:59:32 GMT"},"fingerprint":{"sha1":"61:72:5F:C9:D5:3C:A5:3A:9D:46:23:DA:37:03:F0:1D:87:36:67:EF","sha256":"77:8C:13:FF:79:AC:1B:28:3D:AD:8D:9E:92:82:3E:E8:54:E0:6B:94:CE:34:0B:3F:6A:18:14:AE:09:85:42:17"}}},"request":{"raw":"GET /assets/js/jquery.min.js HTTP/1.1\r\nHost: shortbox.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 03:05:26 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 29 Dec 2025 21:47:21 GMT\r\nvary: Accept-Encoding\r\netag: \"6952f6e9-1797e\"\r\nexpires: Sat, 14 Feb 2026 15:04:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 51\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IeP5XYz5406AFNmWrFdRGwWZhNLhdGogd9XGNTsJv3ixr2r6wmjuXYi4TGt%2FAONfC0CxDCsXtC2cmQ2P0Lx2MRKc90dceGaxpxvC\"}]}\r\ncf-ray: 9cd958067e41b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96638,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31994)","md5":"2a3eea3f27f34c98a7d644b3f0f60f85","sha1":"5ddd6acb2972a82d79c114ff0c4836b31d5255a6","sha256":"9cfed95f01296eb75a92709a60c838983daeab019219c75c106ffff4cd8b3908","sha512":"6bdd5d3ca228b89663547e381d8086a09098b884292e4c2b46f93b3b12aeb12f1217c3d8cd8563232a1b590e4e7c78c8aed11b61787025662f6d6d2d4b062dd2","ssdeep":"1536:19qodwgFZCg6YGIF+G5FWbxdnh17gnIlK/2RZYRHBpz+3e5ynQaKPkLl0xMXk23t:1fcsIq5FyQYpUuEK","tlshash":"07932add76d6b06247ab20b9506f510af232589d784c8400f264e8f6fc78e4a927bf7d","first_seen":"2026-02-13T06:21:38.368819Z","last_seen":"2026-02-17T11:32:44.987202Z","times_seen":47,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":54,"dns":36,"connect":1,"send":0,"wait":8,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/icons/rank.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/icons/rank.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 761\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\netag: \"65f9286c-2f9\"\r\nexpires: Mon, 16 Mar 2026 03:05:27 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uzSj9MbEDi3uuLzG4kQ7iw2hpLGdNM7bdSPnB7%2F49elspbgXTgqnyp25lHgX5xF9u%2FKeC4I0GR3bCi4s7O%2Bv0ubmYthcEpvrlHT2XGPK%2ByIqVZ%2F1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd958094f640731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":761,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 44, 8-bit/color RGBA, non-interlaced","md5":"feba139cbd5d8dcab4665ab0612895b3","sha1":"4a3cae6d5ef30c5a149a8b738c8bdfee14af97ff","sha256":"295d784b083cf8d9d94aaf8667a0c3443c8ee49a402e8b765d95760c10a00f2d","sha512":"e46e2dfa026eeba31568785ddedf049f9ca55cb4580e53e64dff8f3baf62036f38de62f4ab4de7d496208308801a0a4b43bd250fe98d8e200a8d3efba46f85bc","ssdeep":"","tlshash":"7801754a8b8868148b46c2214f0fdc9e7450fd1b216c218695759501e47a2773944022","first_seen":"2024-11-30T21:11:26.074524Z","last_seen":"2026-06-07T21:35:15.763341Z","times_seen":50,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/icons/new.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/icons/new.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nCookie: think_var=zh-tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-766\"\r\nexpires: Mon, 16 Mar 2026 03:05:28 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=le8N0n6RrSjSwgIFSHOjmFrksIOVdVR19XGBKlZn8k1AYlNK67Xzpb3PZwkoPpAnyn006epdygk8Cm5Oh3Ri7CGhJGAnqX2yDbn33oK6OyGLgZ9K\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd9580d280a0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 38, 8-bit/color RGBA, non-interlaced","md5":"cbe85e96f04cff3f137614f0f97f3698","sha1":"eae4f014fce9d20525ffd69b3451b1b152516628","sha256":"6aa32357ddb383df184a87bbae39a4a506bf515f0183ec54eec8c7a81676f382","sha512":"9f49615c36d1f41f6fdafd7f56939af7ac98215d334bcc2a3e4e661ae807af94d820f4ecbe4b6760a6b9342ffefaeb2eeff5823c84d2858978bd4eeca6bc6e71","ssdeep":"","tlshash":"894119a811a5102bf1e1da32f4c941c9ba337d2b0370b341fe454b0b152f986ae6e11f","first_seen":"2025-11-11T16:01:27.554234Z","last_seen":"2026-06-07T21:35:15.750161Z","times_seen":54,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/assets/js/mt4.js?t=10112","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /assets/js/mt4.js?t=10112 HTTP/1.1\r\nHost: console.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 09:29:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6593d790-14f5\"\r\nset-cookie: server_name_session=48d390272009a6f0f71d5de6ebbb4c4b; Max-Age=86400; httponly; path=/\r\nexpires: Sat, 14 Feb 2026 15:05:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5365,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5365), with no line terminators","md5":"e7a84f3838ffb696a13b25cbce1097ca","sha1":"4e51dd57574070e6d796d4d452774ad53dc55386","sha256":"47f4f41faf980b1a7406ed6578be312f8e96394f49dbba1449f0db1c081bf61d","sha512":"cf67527e2df5ee28f20d6d0e7a04674c62f5c77d27648aa12dc0e6dad3d469541feee07e4d26b573aae602097a2425f74a2b808286f8247608476f5032e0d1d4","ssdeep":"48:fHN4fUVJYIArGLr7BXgsBwyAn8DBwp3zZfyxxEbMhOrJmQ/Nu3zQjlLcwZz:1ckrrVBwyAnOszFaeMhcn6zQjlzZ","tlshash":"bbb188cd30f6647197a7f1aa25c5430356f23499abd5f364b08ca50b07d4ca4b13b9af","first_seen":"2024-12-15T08:42:20.713612Z","last_seen":"2026-06-07T21:35:15.75446Z","times_seen":52,"resource_available":true,"data":null}},"time_used":1440,"timings":{"blocked":603,"dns":23,"connect":270,"send":0,"wait":273,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E6%9D%83%E5%AE%A0%E5%B0%8F%E7%8B%82%E5%A6%832991/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E6%9D%83%E5%AE%A0%E5%B0%8F%E7%8B%82%E5%A6%832991/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":1499,"timings":{"blocked":545,"dns":0,"connect":275,"send":0,"wait":404,"receive":0,"ssl":273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/api/index/notify","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"OPTIONS /api/index/notify HTTP/1.1\r\nHost: console.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://girisgunceladres.vip/\r\nOrigin: https://girisgunceladres.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: https://girisgunceladres.vip\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: content-type\r\nset-cookie: server_name_session=48d390272009a6f0f71d5de6ebbb4c4b; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T03:05:24.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 14 Feb 2026 03:05:25 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nlocation: /h5/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DsWKKc%2FnMUR1ByK5IxlmOepdilegTrqWYkgeOmkr3DTx3k8AzkOeTSFt9uQIGeP04a9nwQwBT05b2Wf%2FrSXIyciLFFx5pcWSFVn2a%2BnZvxZ6D0Si\"}]}\r\ncf-ray: 9cd957f98d4d1a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":89,"dns":79,"connect":1,"send":0,"wait":450,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/index/init?platform=H5","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/index/init?platform=H5 HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fyyeiu9FxlZq9xsHrdK1FjxClzu8aRj6EbSAYpWwbe2Zb4ltYquFM%2FQQnBIfUx4JjeBLrfXgjx87Aq0cl5GuELxNXgq5ApRaXt6SK%2FXCQ5LMVyzm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd95807bf3a0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1500,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5b01116c1f3385d7dc322ef9754b4c35","sha1":"ebf31b02e7bd00443f05dbc1ee3289a672cf236c","sha256":"fb92a7199efcb9aa9070d1ccd46df418b80331c1726120f71efac787d9675aeb","sha512":"47d1d2aff1d9977d5c837f2d5cd4e524b05d6b39a7d394f9588b123ae387fb3f25b57e732fb56832a664598d640d546bdb3a9e598d32e3cff97889de1ad40f46","ssdeep":"","tlshash":"d73140bea184c8ef136563d8668e396c86aa1923eddcd25cd504dd984c981cc3227973","first_seen":"2026-02-14T03:05:48.951042Z","last_seen":"2026-02-14T03:05:48.951042Z","times_seen":1,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/index/notification","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/index/notification HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RW3UVBoSf5SNuobLU3NSwsTfwkiIo766EiQoo8EaQ8T9rzDn%2FxJfIdcnTNY%2B58zPeG6H6apVl1Uq9W0VEPMkB%2B6twTmGZnr9dWjPfzlk%2FA4jukl6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd95808ef5b0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e1ded8c9ef3b07d4f60234ac6174d40b","sha1":"31b101e5e8f61a41e09f42fb7466c071331e376d","sha256":"132582780cb3359bd9ac2a6e0b35f78dd802522605a5319c63e3480169ff2d80","sha512":"bbce7c6a5d0c3e5fc138326167306263125fe9450e4a0c2bee9e0e8491d4a7b7a9de0b49a3b75702e624593d2297a1ca2cd80af97fb5f833749839a42ab69fbf","ssdeep":"","tlshash":"e9900254240918264416906cd24981c6065a505204964b78ad4b5d25514c0541505531","first_seen":"2026-02-14T03:05:48.952431Z","last_seen":"2026-02-14T03:05:48.952431Z","times_seen":1,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":430,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/tabbar/home_2_s.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/tabbar/home_2_s.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-52e\"\r\nexpires: Mon, 16 Mar 2026 03:05:27 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gdjolt00WeHTAgI8aFc6NK5jGDmUkFiMjHOHycQsQOKhoWgVfJXI%2BQSVUxzef6u%2B4CaGJpb6JVuOmsKnz1lSgCfjCg89t8v2HyhtdDJ5fCKmbAbl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd958094f650731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"86235a0d3058f1114bcaa5280b96db1f","sha1":"10c09a543d0c144fce9166302754e94a69e5d768","sha256":"b2a2613ef0394f0ac8a61b6ea31a2124c6107009f4493c3300fe8ac7260f71e6","sha512":"5edef86e91ac1a486c03b7112a2c8fe80748a9db5456af3e7c11b86605930ddf3e7b7fb22dac2647077587b535da0660234d1046f6bd91984db8b66a96aca4e0","ssdeep":"","tlshash":"6021c8cd2c315cdb51c6da6ba8a58ccead7cd22914208ff841a7067cf687629a0585ef","first_seen":"2025-11-11T16:01:27.540092Z","last_seen":"2026-06-07T21:35:15.758832Z","times_seen":53,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":400,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/tabbar/watch_2_d.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/tabbar/watch_2_d.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 977\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\netag: \"65f9286c-3d1\"\r\nexpires: Mon, 16 Mar 2026 03:05:27 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WlBDKhtMY%2FDvZXP0QXLCdxZAMFCKPgLfo%2FYoUkGlDJ9OspBdxeWdbQZzVEhtnHRb7HdRuxppeBiVfmeEQyEpK1V%2B1sxBL%2BXLAtY1WodDmoRSBLOO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd958095f660731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":977,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"af3503f4338f17f74fdd0ac9694c799b","sha1":"a3e8402831d12cea58de5296e0a55749a8dc0b59","sha256":"061f29b13bf366b4beecd1ee940cb327567b280e63a97dc507680836bbff8baa","sha512":"b30aefa3be318bee8f787327483226e478baf92d3e2c0a8df0636e2e796a9419fe5243792cb9fde1e94b2f2ebf47b56be244c7792e1a594791a583658d5a2bdb","ssdeep":"","tlshash":"341198c77681ca5193cc70470d7d65055f1576d293908b5ece4d92b34d1b146cb8eaa3","first_seen":"2025-11-11T16:01:27.540922Z","last_seen":"2026-06-07T21:35:15.764513Z","times_seen":53,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/index/lang_data?lang=zh-tw","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/index/lang_data?lang=zh-tw HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: think_var=zh-tw; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fRfjHHK9cjmpDyc4nMK%2BNfxGG%2FuL4DOW3t4rCAD6NYWildQ2WnBrnZx9YxA9SiE0yILm8EC6%2BdIEQecLTDUymmDDvcZj7GP5dOFFMJz3xKfxQl0K\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd95807cf3b0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28088,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (20127), with no line terminators","md5":"f18d5b3efe7c25ad3820c67f27e1aa3d","sha1":"2ac1c08d2799cb47da2f23210e2c8e00c91ba6c1","sha256":"1c889f4cbb09df3a397bce23d683f10de993e68ad93a2e5580badbac5a1c376b","sha512":"9d8b72ee37fb3c1a6fffd9523e90c7d447cead6c981466b18c5b993490cab52cff3ed3598d5dbb7b84d77d5c11fbf7a5f2b9331a8621037524617f70a73290c8","ssdeep":"384:gTTcv9q/+TRqCsHBGKQuGwOSIcItCNgi/XpWlUl3tS88+BjRaVUDJ/Ku9omlq+:gcv9q2TRqCWCjwOS2g54lUl3t2uFDYZ+","tlshash":"7cc22989455e9ebb4fc010c6b00e0d8375e912e592e6c95fe8bdbf4c5e5c917a2fba00","first_seen":"2026-02-14T03:05:48.955666Z","last_seen":"2026-02-14T03:05:48.955666Z","times_seen":1,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E9%81%87%E8%A7%81%E7%89%B9%E5%88%AB%E7%9A%84%E4%BD%A03000/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E9%81%87%E8%A7%81%E7%89%B9%E5%88%AB%E7%9A%84%E4%BD%A03000/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":1479,"timings":{"blocked":522,"dns":0,"connect":259,"send":0,"wait":431,"receive":0,"ssl":264},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E7%89%B9%E5%B7%A5%E7%8E%8B%E5%A6%832994/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E7%89%B9%E5%B7%A5%E7%8E%8B%E5%A6%832994/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":1480,"timings":{"blocked":522,"dns":0,"connect":265,"send":0,"wait":429,"receive":0,"ssl":261},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%AB%A1%E5%A5%B3%E6%9C%AA%E5%A4%AE2984/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%AB%A1%E5%A5%B3%E6%9C%AA%E5%A4%AE2984/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":266,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E6%8A%A2%E4%B8%AA%E4%B9%9E%E4%B8%90%E5%81%9A%E5%A4%AB%E5%90%9B2990/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E6%8A%A2%E4%B8%AA%E4%B9%9E%E4%B8%90%E5%81%9A%E5%A4%AB%E5%90%9B2990/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":686,"timings":{"blocked":433,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/favicon.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/favicon.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nCookie: think_var=zh-tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:29 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-2a6c7\"\r\nexpires: Mon, 16 Mar 2026 03:05:29 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\ncontent-encoding: gzip\r\npriority: u=6,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n3iJ4gvKhq0JIjBokJ1Km7NG3lHhxmzaDIbamoK%2Bm99P%2FHFG484vphcuj%2Fuq%2FpJVaF6P4t55xWQ8GSmfG4SlhtEihhZi8XKcLEYSJuxweQZMex%2Fy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd9581398be0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 797 x 797, 8-bit/color RGBA, non-interlaced","md5":"3722a5abfe39e847b19beb1d1a41164d","sha1":"c51eeb17b191dcf1663564ab310ea5c29781a912","sha256":"b455a00cdfbe81e1a37a48e0b1d5433bcc29f8d63d91777dd8e7482a2e8ec312","sha512":"9c726c3672791bc6ed5ffc5fce34859dbf70488a22cb77e6f335654bda101eae99c221bf16eeb8b8c1355d44d0c509007cb62350c026cfd78139612ba0a32b9f","ssdeep":"3072:DirwKSPpTO9tOrXVYsTGNcpSN3znbrk4qXvz4XzcoMaKKPDgcs9Ken4URwj/:D7tKLCVrFSpXk5XvHoMaP7A+Ug","tlshash":"4004128762becca5df0f117d6a7f0e57944665b183fc2931e9c2714e7510e2e00b693a","first_seen":"2026-02-13T06:21:38.363259Z","last_seen":"2026-06-07T21:35:15.768237Z","times_seen":50,"resource_available":false,"data":null}},"time_used":801,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":537,"receive":264,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:29.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Sat, 14 Feb 2026 15:05:29 GMT\r\ncache-control: max-age=43200\r\nset-cookie: __uni__uid=rBEQMWmP5nmMf9yPAxUXAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-08T13:46:46.024134Z","times_seen":16220,"resource_available":false,"data":null}},"time_used":1374,"timings":{"blocked":555,"dns":1,"connect":267,"send":0,"wait":264,"receive":0,"ssl":285},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/index.2da1efab.css","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:25.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/index.2da1efab.css HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-178f9\"\r\nexpires: Sat, 14 Feb 2026 15:05:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mBgWZFFEG5fI1wjzGQcJlHAsyIv7w3JFTaIyNrMkxN5LNyp5O8mmE4gvkMFInO0YLYt8C3SfSc0CYdcFnw%2BleP1T8EWtYYRhePEE%2BZ6XqM%2F6KJ0o\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd957feab0b0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96505,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"73ae6c583d02d78f81e3f18860a2899a","sha1":"07df9233fc11dddc34fbf519b891d40b2ac29c0f","sha256":"e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83","sha512":"da54ba9dbe06d8d763f3cfd64cf5babb54e761e3208c7a2f23e845290c48db8c115bb86c24262cd6c9a96ff2e51674c6d86439e1814baf2de7980f5c06349921","ssdeep":"1536:OlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nKhlvbc:VApuK7hmVrS1Wu3iG41nKPI","tlshash":"1893f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2024-01-02T00:07:11Z","last_seen":"2026-06-08T13:58:59.439178Z","times_seen":5985,"resource_available":false,"data":null}},"time_used":517,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/index/lang_list","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/index/lang_list HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A8wiidCriZw17tJ8S4PEMOTo%2BAZ%2BBNC1NyX%2Bbva4Z5Fq3ns01JT%2FCjfaP1fHHJ7HjvbfbrD0l02L6WxVFFTBTcBVjxSdKfzOHvVi8O5ztG0Jq2RA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd95808ef5c0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":434,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7da3152f13250d0804e1ed1ba6f1cba7","sha1":"89f2535f3efa4338ab59a40cf694f0da0ade8ec6","sha256":"807414b994fccb1b5a288e7f2cb22a13b18bc577ac57712e7bd3a0ab97810b7c","sha512":"c8520027bd17bc7c590ab530bf70dfa51cfc519556353dfab78c6ba44eaa19de3bce40747916bc590603474853d3afbd430b67c492d0128768a03598e4418078","ssdeep":"","tlshash":"0fe0ec60d7a518bac0236031590ade05257e5001bbcced7c5f7e8f854d083e0810fcf1","first_seen":"2026-02-14T03:05:48.959879Z","last_seen":"2026-02-14T03:05:48.959879Z","times_seen":1,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/icons/hot.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/icons/hot.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nCookie: think_var=zh-tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 580\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\netag: \"65f9286c-244\"\r\nexpires: Mon, 16 Mar 2026 03:05:28 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YfINi%2FB7hAeLRaKDSBsu1UDXCfa0puVJxU3Had5QsQDk3bTY69%2FGqhCNJpBdOknZ59CO9Hfa586MreVaThk4N5nDOmpWJNOaynvC5oi3dIxIov2t\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd9580d78100731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"3ea5faad5a6b6fb16c0670f5620a8591","sha1":"e0d318893c9122dc8850b3e9e4a76698c4c1962c","sha256":"0cb3acb84a0a56fa06aad389d72f5aef239b17b75cd368931a6000ae8c215a48","sha512":"049ccb5594717df954e0559b6f6e06a13aeb39a39198c1cf4f2b6183d8d3bdde48e957327ed0d15114d4f6df9eff18e588216a70dc31985600be7950ab6f15b5","ssdeep":"","tlshash":"2af00cc2961d12bc5f9886e5f6670af520764bf55d0cb80c36b19425ee92c862b270a9","first_seen":"2024-11-30T21:11:26.076359Z","last_seen":"2026-06-07T21:35:15.76735Z","times_seen":55,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E7%BB%9D%E4%B8%96%E5%B0%8F%E7%8B%82%E5%A6%832985/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E7%BB%9D%E4%B8%96%E5%B0%8F%E7%8B%82%E5%A6%832985/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":695,"timings":{"blocked":443,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E4%B8%91%E5%A5%B3%E6%B4%9B%E6%97%A0%E5%BF%A72982/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E4%B8%91%E5%A5%B3%E6%B4%9B%E6%97%A0%E5%BF%A72982/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":692,"timings":{"blocked":439,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/tabbar/user_2_d.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/tabbar/user_2_d.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-498\"\r\nexpires: Mon, 16 Mar 2026 03:05:27 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EEuL3yzwz58Aq68GfoCwMH5DVuTNwd6XLY%2BPJxeLt7qw6LoOG2pW52u1QqF1LrAs65V5%2BQr5YvPX5MO9lgR%2FLFoNYFnw%2BT2ql3u1hSKxKGjigNC7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd958095f680731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1176,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"e8b8713f472b380040be70a6ebd217c5","sha1":"cc00437113704ba1f2a2d9c6b0e5c1d21becc9c9","sha256":"1f5af3682915e93fb942047276bf783faf9c9f437257c6fa575884b24e5a91a8","sha512":"a8327f67718de7548d8e659a1c6edc30d9b1478800f051ce6b413565d84a74c337b51996bb427c145213cdaca7dfd86e1775ab4010f509052e3b090138c0d60f","ssdeep":"","tlshash":"74210d6e77e75a24126f31ff0a516464edb513a4305cd5098c4ffc10eb0cc930c8d229","first_seen":"2025-11-11T16:01:27.544183Z","last_seen":"2026-06-07T21:35:15.753115Z","times_seen":53,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/pages-home-index~pages-user-share-withdraw.23d61766.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/js/pages-home-index~pages-user-share-withdraw.23d61766.js HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-3121\"\r\nexpires: Sat, 14 Feb 2026 15:05:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MNeVmrYZu8PXiJ%2BEdkc3kPjHfTmyrULJKcKjq6H2tv%2F%2FcN1GGvUVLASg6ggsmlPOtCpJhFqDrR8aoBEBZfZ8b9HqiyTYt1yluKPQBKxOhV5m640y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd958063f0c0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11589), with no line terminators","md5":"7e66177696f3b8d8babe77eee46ef564","sha1":"3be69793038e4477e3751d6846d1bb02c1b3c314","sha256":"1e02b8ebaee2108df885ec75bd321adddb207b992899e15f977f002b66083f95","sha512":"7d27b6de82c5cec1a1cd8a841e968d18fd7ad31f35a255d4da4c36db3c714a67ffc5ef09e0f48515fcbc599f22cfb7e123f8618bf6f3a9056ce90716f4b4c93b","ssdeep":"192:19zLPlqIdoRsAhBpDT98dM21g0wSrew/0F+Mg98D7hH5oRs669qz:PlqBzwgZi/LqDQC9qz","tlshash":"4342b55fb1def42348e36454146b220a32662d5c84193190dff2d7ee8baaa4f07a7f5c","first_seen":"2026-02-13T06:21:38.357189Z","last_seen":"2026-06-07T21:35:15.747738Z","times_seen":49,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/js/pages-home-index.56a9dab0.js","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/js/pages-home-index.56a9dab0.js HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65f9286c-9e2f\"\r\nexpires: Sat, 14 Feb 2026 15:05:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pURPrWy%2FymY81TZcvyq3oLyyFU5A9XWnhTtixUVu%2F%2FB4WE2A7SAMH6497WKNEl1t9JNurSVGuEb6FoUavKhqmxDNrxsw1ktBuUhBdBfalSCYOEys\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd958063f0d0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40495,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38325), with no line terminators","md5":"ddb308baab7c93e8e1ff4ec28b9da046","sha1":"d16c0468b237309901db65542daa0e78b1310e5d","sha256":"94eb2b215216984170378b31d008bd6bfa3ba7ef90d66c27ff9be9ebedc47f8f","sha512":"eefc6001da98e81607fee72bded98b3e23dd603692911855b9db861502a352520473d0b32ebe67c25373e24b9d71cc314e868becd2b9cae02551e8bcdd2a3216","ssdeep":"384:u7CQKu+5OAZ9ApJYdh8tFARjCPYhGDQPgEoSJKcZ+Vp4Owyb:uZKuE9AzYyqjCghjPzouKcZ4pP","tlshash":"a3030c2db14bb46b8dc39c1534ce591a11796e36e051b4c0f7f2c868caf1ada171af4e","first_seen":"2026-02-13T06:21:38.343168Z","last_seen":"2026-06-07T21:35:15.761186Z","times_seen":49,"resource_available":true,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%A5%B3%E6%80%BB%E8%A3%81%E7%9A%84%E5%90%8C%E5%B1%85%E7%94%B7%E5%8F%8B2988/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%A5%B3%E6%80%BB%E8%A3%81%E7%9A%84%E5%90%8C%E5%B1%85%E7%94%B7%E5%8F%8B2988/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":764,"timings":{"blocked":262,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E6%9E%AD%E5%AE%A03003/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E6%9E%AD%E5%AE%A03003/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":261,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/block/index","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/block/index HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nCookie: think_var=zh-tw\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kESBRjPntXWBFXZFY7ry40eRmyRyJLSYU%2Bg6GaqowP6ni%2FcnNqT5MPb2E9v7BsAVXehSHjW85UnTBcosgIKxyrmAZCBCksLHAfV%2FgfMmMFxWmY7M\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd9580bffcf0731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5fead9a5f6dc0212004e294f21e34823","sha1":"d5d3e5b9d657c62d2b8d85f06141e05817722b08","sha256":"e04b2f95e14ffa52f2e97c06bec744c99a01a9be27a130afb59ad22e75bab53f","sha512":"106f2191fa4373762fd9fdfb950f95b5b323a66d269a3b63ec04f20e88456240adc4f32989e1f25a6880dda484c84f9ce4acd75d4bb83a3fc35750e863f5d9ba","ssdeep":"","tlshash":"d3e02bd00e2c1c5b9ac2b3f499d7308856ee12c214c45738790aec6084ed1c587c52f3","first_seen":"2026-02-14T03:05:48.964383Z","last_seen":"2026-02-14T03:05:48.964383Z","times_seen":1,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/h5/static/tabbar/recommend_2_d.png","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /h5/static/tabbar/recommend_2_d.png HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 953\r\nlast-modified: Tue, 19 Mar 2024 05:53:48 GMT\r\netag: \"65f9286c-3b9\"\r\nexpires: Mon, 16 Mar 2026 03:05:27 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, token, platform\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dqGsHcGwYWUN5XAsZIoY3IxFF1wm%2FdL%2FClr0eWKQ%2BI76cUOGrSO5F1nU3bY3xXEBySJ4sASP64rzt3eIUwkfhZvZHIc%2BkKJYWsaIzHu%2FSZ9Hahow\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd958095f670731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":953,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"4c16a60e57e4259ae6888845d9027b84","sha1":"2318a1247bf67a1b226d6b3dec57655ef21f8a56","sha256":"574445421bcc36f427e1b92b567f7e1ece227df4d3345a5d7589320750334ed5","sha512":"07e9336d2c984f6b28404950c040c1d94ade359c12d7ce167afaab0f9f24d0c160e00714789a1d0b41fc179b91012e4356f5fadb5948e0d734a99c3916bf0206","ssdeep":"","tlshash":"2a1194e087e41928e1a36c6a68280e21e9fd20002271421ceb88a1909daf42290dc8a8","first_seen":"2025-11-11T16:01:27.568075Z","last_seen":"2026-06-07T21:35:15.757103Z","times_seen":53,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"girisgunceladres.vip/addons/dramas/video/index?type=top","fqdn":"girisgunceladres.vip","domain":"girisgunceladres.vip","tld":"vip"},"ip":{"addr":"104.21.18.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"girisgunceladres.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:12 GMT","end":"Sun, 29 Mar 2026 13:30:54 GMT"},"fingerprint":{"sha1":"D5:E4:4C:0F:81:DB:B0:DB:79:A5:0F:E4:75:B5:69:61:43:9C:51:9C","sha256":"D8:C6:DB:13:E8:9E:2D:EE:E2:C3:37:ED:10:5A:FD:0B:BA:31:63:67:CD:BD:03:6E:C3:52:54:9C:55:3D:84:39"}}},"request":{"raw":"GET /addons/dramas/video/index?type=top HTTP/1.1\r\nHost: girisgunceladres.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nToken: \r\nSign: \r\nLang: zh-tw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/h5/\r\nCookie: think_var=zh-tw\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 03:05:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hLLXCTwOVInhfttzulj4GB6hrE7naixrW251r3XkkxMN8fr5t6vy2KzCT299HcfaUdxmkqdozt6%2F7HSL%2B5XGz5id9TattuOPrXCqkEx%2FmLu6mrFY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd9580c0fd00731-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6286,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"196ae960ed6aca3d437b7b1633a4a88b","sha1":"4eade13677853b059173cb32974f14d81733539b","sha256":"0b412e7c9998014f6b2c7746857a7a3466e4653b7e72a401837dc88e0a232eaa","sha512":"a632c755540431cf7da0855b33229690a283c9831e6073f4ebc541692d57c4296f39896ab45cf9fb209c9af2700331fed23b8ec0f4594573b581f27c7721bfe6","ssdeep":"96:J2xjy22xjzIycXVANgGAfaik1yKkbzbnFy8Q6m4Yp+okN40VkNp6YHPAQVHU8gQP:J2Z26dONNlCS6mN4ooVtYrbMk9","tlshash":"eed14284ef7e5c26530317f9ae97b44659fc62941a844bb5aebedc3c11a0caed3c0067","first_seen":"2026-02-14T03:05:48.966553Z","last_seen":"2026-02-14T03:05:48.966553Z","times_seen":1,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"console.nymaite.cn/api/index/notify","fqdn":"console.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"146.56.206.145","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"POST /api/index/notify HTTP/1.1\r\nHost: console.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 47\r\nOrigin: https://girisgunceladres.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"{\"site\":\"girisgunceladres.vip\",\"type\":\"dramas\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: https://girisgunceladres.vip\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nset-cookie: server_name_session=48d390272009a6f0f71d5de6ebbb4c4b; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"16b2d898f9457da90cb78b49411f71ca","sha1":"825085ae3b6a57239a6f008e97219a91711b9ed3","sha256":"8695e03ee85c5d0561612193e21dd86725c4c7fe5257e0b29234db0804de41de","sha512":"615174a2a21ebfb378cd19b08386debf8556f883dba2e97745d302c3c6808d3b7bb3e0db6e0006c53752f5fe05349e84a63f170c722181b55dbe9f4bdc4d40c2","ssdeep":"","tlshash":"eda00254640918264826aa5886ca458a021d954308c6cfa86d4b6f2958cf574b83b675","first_seen":"2026-02-14T03:05:48.941151Z","last_seen":"2026-02-14T03:05:48.941151Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shortbox.cc/assets/js/mt4.js","fqdn":"shortbox.cc","domain":"shortbox.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:26.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shortbox.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 11 Jan 2026 05:01:11 GMT","end":"Sat, 11 Apr 2026 05:59:32 GMT"},"fingerprint":{"sha1":"61:72:5F:C9:D5:3C:A5:3A:9D:46:23:DA:37:03:F0:1D:87:36:67:EF","sha256":"77:8C:13:FF:79:AC:1B:28:3D:AD:8D:9E:92:82:3E:E8:54:E0:6B:94:CE:34:0B:3F:6A:18:14:AE:09:85:42:17"}}},"request":{"raw":"GET /assets/js/mt4.js HTTP/1.1\r\nHost: shortbox.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:05:26 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 30 Dec 2025 06:58:37 GMT\r\nvary: Accept-Encoding\r\netag: \"6953781d-f5f\"\r\nexpires: Sat, 14 Feb 2026 15:04:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 51\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xI4SLXNpYGbdmHDcBZi7gSQtnywLcJjFtCoCqIfHNBpDzHOlfcrvWKonmXt%2F0X%2BO6Sx7b11PYfzrDPTuiucencgyNqto7ulfW2Ng\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd95806d8c50daa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3935,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"bc4c7b254531d15327af19df14b19199","sha1":"dbdd37067f44ee88c08691b0a6e4eaea2a18be84","sha256":"339c8ae9bb8706fa851b2df3f109e7bb7d9c067c0c74b2117ed07a5ab179e387","sha512":"4da5fed1d7e794219dbe8f7911c2e77a6177f3a91d78c3f219bc6df91411d2fa21252e280e9198674b0b546b3679c2a789e00606d4ce53dcae04eb9eb97dcdef","ssdeep":"","tlshash":"5c81f48d30fa1021885760fe1f8b71247425d01b6a5adf117e0e82499fd5739e3a7bde","first_seen":"2026-02-13T06:21:38.345895Z","last_seen":"2026-02-17T11:32:45.034531Z","times_seen":47,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%8F%8C%E4%B8%96%E8%90%8C%E5%A6%8322993/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%8F%8C%E4%B8%96%E8%90%8C%E5%A6%8322993/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":772,"timings":{"blocked":270,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%A5%91%E7%BA%A6%E5%9C%A3%E5%A5%B32989/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:28.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%A5%91%E7%BA%A6%E5%9C%A3%E5%A5%B32989/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":260,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%BE%A1%E5%AE%A0%E7%94%9C%E5%A6%BB2999/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%BE%A1%E5%AE%A0%E7%94%9C%E5%A6%BB2999/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":1548,"timings":{"blocked":578,"dns":2,"connect":261,"send":0,"wait":439,"receive":0,"ssl":265},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp4.nymaite.cn/s/%E5%8F%8C%E4%B8%96%E8%90%8C%E5%A6%832992/1.jpg","fqdn":"mp4.nymaite.cn","domain":"nymaite.cn","tld":"cn"},"ip":{"addr":"124.220.23.160","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://girisgunceladres.vip/h5/","date":"2026-02-14T03:05:27.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nymaite.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 05 Aug 2025 09:05:43 GMT","end":"Fri, 04 Sep 2026 09:05:42 GMT"},"fingerprint":{"sha1":"AD:39:9B:23:73:DD:9B:2E:E9:45:1E:28:EE:36:73:C0:1E:05:38:B0","sha256":"90:BD:79:83:21:77:FB:BA:19:00:B4:7F:4F:38:4E:85:4A:12:75:6B:1E:B1:B7:B4:5C:68:09:70:F5:17:66:60"}}},"request":{"raw":"GET /s/%E5%8F%8C%E4%B8%96%E8%90%8C%E5%A6%832992/1.jpg HTTP/1.1\r\nHost: mp4.nymaite.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://girisgunceladres.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 03:05:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T14:34:26.731673Z","times_seen":16242055,"resource_available":true,"data":null}},"time_used":1549,"timings":{"blocked":537,"dns":0,"connect":267,"send":0,"wait":475,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}