{"report_id":"24580bb7-72df-4c45-834a-1a7b13641fce","version":6,"status":"done","tags":["bet365","gambling","phishing"],"date":"2026-03-04T11:45:21Z","url":{"schema":"https","addr":"wnsmm.cc","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"title":"澳门威尼斯人","dom":{"size":6092,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4643)","md5":"eda119ff0605ebf1da9a1f165382a2d5","sha1":"c4d5c580b4327ed5d24c6701e098c811f6ed272f","sha256":"8c80a6a402c4821bf1450203cee2e0e1f1a54f5004a491166361084c420b35a1","sha512":"3534b5155983caaa1d8a2dcb55cdb80aee79cbf8edf8202adf6cac156419972bd874b0b5173d8cba3be114e51ca04ac0e56e5e8e37d4a97f7a5dfe9a4f57a156","ssdeep":"96:JJkC2G3sf7cWGArKK1/BXu8/NTmuGz79djLMGcslsghGlI/LPdE7H//KipfS:HkC2WszNhD1J+sV9kXjLMAOghqI/LPdV","tlshash":"e6c1433f416113299017ed684bb467178178d8267d6e77f929136a2dd7cbb8208f238f","dom_hash":"domhashc825ac7342d34e339c870e8a2e1df67d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"wnsmm.cc","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T11:45:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]},"summary":[{"fqdn":"wnsmm.cc","ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":26,"request_count":78,"received_data":3673028,"sent_data":43099,"comment":"","tags":null,"fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"SWFObject","description":"SWFObject is an open-source JavaScript library used to embed Adobe Flash content onto web pages.","website":"https://github.com/swfobject/swfobject","common_platform_enumeration":"","icon":"SWFObject.png","categories":["Miscellaneous"]}]},{"fqdn":"cdn.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":36142,"first_seen":"2012-06-22T08:37:34Z","last_seen":"2026-03-02T05:15:34.576678Z","alert_count":0,"request_count":14,"received_data":1052444,"sent_data":6715,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"7ngdqc.ntbnaq.com","ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2025-05-07","domain_rank":0,"first_seen":"2025-11-28T13:27:25.339889Z","last_seen":"2026-02-20T01:08:54.470769Z","alert_count":11,"request_count":64,"received_data":6053402,"sent_data":32027,"comment":"","tags":null,"fingerprints":null},{"fqdn":"secure.livechatinc.com","ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":8212,"first_seen":"2012-08-20T19:27:12Z","last_seen":"2026-03-02T08:45:29.636675Z","alert_count":0,"request_count":1,"received_data":2002,"sent_data":712,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.livechatinc.com","ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":29526,"first_seen":"2013-12-20T14:27:35Z","last_seen":"2026-03-02T09:42:02.154053Z","alert_count":0,"request_count":4,"received_data":21781,"sent_data":2510,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.livechatinc.com","ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":44666,"first_seen":"2017-07-31T05:50:56Z","last_seen":"2026-03-02T09:42:02.202287Z","alert_count":0,"request_count":1,"received_data":1887,"sent_data":573,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/8.Cht6u6sP.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"187d8444408628325c13db6342391630","sha1":"37a13e93d5853a75bd835a83e29cd20cbe313d9b","sha256":"027ed884dae6352d0b9ddf60df164bc121c2a621081e3cb6b9ac7b4120043548","sha512":"f83b2ae537323567db947720587b7463eac1d7caec8ab0aef82d13f41415c98d52adfbc82903afde21352fdd466b899ca30a8864685faaa848f9a8654816f5fd","ssdeep":"192:KZtPwLpcfZyJjChMMuTGUwPPWnhujfpwvelEgXXntXqjdA2ymTnIdwnQo322:KZtzyJKMMDUwPPWaagn6dA2ymTIdwQa","tlshash":"f0f1f8bff741e4b5e7eb88a09d1a0103ba3a1654799d8170f61c4d10a05eac4b277fe7","size":7834,"data":"","first_seen":"2026-03-03T14:45:10.146372Z","last_seen":"2026-03-06T10:04:31.123069Z","times_seen":216,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/11.DJPUQwQu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"640caab52100a1e9dfe618aaeb79838f","sha1":"4654776a82e5405614a595d40cb33ca2b5bae0b5","sha256":"fb8eb817d7251014c136b441bd4004fa6567908059013edbb938925f23b67ceb","sha512":"17d605182be517c5e797b2fd823b9ab7b6bd73d97bd2c3d11c5eb29d108cd350d789116528e351abaebdf3654cc65100b9e3353064ba38c9ab9008126c6a3061","ssdeep":"","tlshash":"00e08cbdfca8d92152f5e9f8c0b60822cb593b0e502382b0f60e6f4a9519199a552826","size":300,"data":"","first_seen":"2024-08-27T15:26:59Z","last_seen":"2026-06-07T06:28:14.380824Z","times_seen":29018,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/10.al-9NYxR.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"4a073c5805819d74eabd3e843372d502","sha1":"cb12e953dbee2d3ea08d35d86bcd2476a490bda9","sha256":"0cb3247cac5de8fcdfb226ebe2dc4960b6ed473966359f73ca13ca286309122b","sha512":"036da8fb3959ebbef26b546019535a9edb7a99227a28252878247a756d3a7ea693f48e9ffdaf5886faa7fb2cbe56292bbf9552db5dd1d26e6574d8034ee183ba","ssdeep":"","tlshash":"ebd0a78cb643b0b16276b138853f801fb035e984a44404f0d13ad9c03d7c1a97597c5d","size":236,"data":"","first_seen":"2025-11-04T08:39:27.95245Z","last_seen":"2026-06-07T06:28:14.425679Z","times_seen":16277,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37f0336a6fe3f56c661b149ecf659efe","sha1":"9aff4163d5da3b8d760f0593c583dd8d1f6dfc14","sha256":"f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f","sha512":"d24a42f5f1834957e5616b5f61d52db98c3351e5ab3346f1fee8e7ca6ba62dc7c51f4ae645a8dd403194e2df3f8d2ea2c3b34d371a67dde201979552033cbace","ssdeep":"","tlshash":"279004510f71113ddc305157055c13747050c13ddc1ffcd43413d57c04741300011401","size":48,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.209211Z","times_seen":16880,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/9.xhyEK0_l.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"c96a39460d2b0a92409b2b92f3da88f9","sha1":"c1ad7e3c7f38743ebadf589676726dad6799a9d5","sha256":"af2012b0cdfa449f186df2f8dc9b3e64b48b8c5c630cc8d3c4df61973499e7c4","sha512":"c6a642b4f09c7dc0b2679c972cc99e4c1e00e268d309aae062883d3eeeb7d3e39bef53388dd20aae7f733da57ed2374c1b12ded0997cbca2762b4b03c332cbfd","ssdeep":"","tlshash":"27a022ca38ca32ae020230300f0f20c0e0b8c02c030e0328800a0200b2300a002ffc3c","size":74,"data":"","first_seen":"2024-06-24T12:34:03Z","last_seen":"2026-06-07T06:28:14.406595Z","times_seen":18418,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/livechat.CWIaArQD.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"41bd0781dab47aa3519cd96277bc3dab","sha1":"130ab6f2eb3579c4d359af5ebd564082587812e1","sha256":"125146563f5edd2bba83bb862c052f8a441cf8e7ad82ee68d5e9797e0f784c27","sha512":"9234dda40c619d1f83c69685329b6cac199aa45df428f9a1765f26933d665fe94b83b7877f104656d87fe9c066c43419889db1ef569cffbd1a20337abfb441a0","ssdeep":"","tlshash":"37e05adae300b8e3fad9dde4c004e1a1a6faa39b47f487b0d0ce17715755165ce41a52","size":401,"data":"","first_seen":"2026-03-03T14:45:10.260928Z","last_seen":"2026-03-05T09:29:13.543871Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a030c6889648d25b98c8383a6ca3aa8c","sha1":"a48da2f93e96ef27dd33f475222bb6588a548ead","sha256":"ff3495e709104727bc98224c361510aa434701b2028c4fe17cc91dcaa5bc2004","sha512":"5e2fe4635bc98681088d6d88a4e233639a083689e6162fb81a32fa7c4641f359bca88dd8ffa0a73bcc7dc5069d696db0976dca69250c3fe9f1b923d54ca28d51","ssdeep":"","tlshash":"09518070689bb1e34314817969be3a140e5d0f47781960d5b2bf12c8abf4e8e1973e9c","size":2555,"data":"","first_seen":"2024-06-30T10:30:18Z","last_seen":"2026-06-06T23:54:10.549775Z","times_seen":619,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fe7dadf050dad2dcfd386d21b880281","sha1":"07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd","sha256":"aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9","sha512":"9da40e5132ece9fe346f27aa467b2496545c84197131c633e5b1ff1f641ece723440ec0289e82d7948b85bcd901b9e3eb6e36f8e0339ae05e4a32621e895accf","ssdeep":"384:yC+tJn9Dbvbf1P3QSBxDrdiewZnnoTW39if+04xSlR4nbiamdrjNfrzInGINYlor:NWJnlN3QSBxDMewZnnoTW39L0MSR4biK","tlshash":"a762954d3a9514bb4adf31b770ab204f767e8800852c91c4bdbca0d166b5ee072e7e6d","size":14857,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.206294Z","times_seen":17488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/0.D0pe4iQO.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"e622d582bbb1d5e18ed878ead32fb56c","sha1":"5f032bd2186d9a3ae7c08ec3b382d80c0c5aba37","sha256":"ae6cb07d09fa8f1ef60e3a5eee77e099674cec854d36dfb69bcd2f3cda4a878c","sha512":"a2bad043043ecafc0a33ec9b0b938413d284fb2fc698bb4ccccf3263ce201c7d96876736fed1648e01cc2a5edb57b5a14c920cd3e47f71f37239361399d2269e","ssdeep":"1536:oA1MU0ZmifmtX5KJBZLbNNl1lvz9iRQA0k3hd42XRCdCEQ:H1MU+fQX5W7vzY2Aj5XRCdzQ","tlshash":"9f7309e1f296f5399bd7a8e551245103fa363a18b86c8270f31cce14219e5c2b1b7f9b","size":75439,"data":"","first_seen":"2026-03-03T14:45:10.145234Z","last_seen":"2026-03-05T09:29:13.553508Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/moment.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"36c8f828395a9395549bd6e7307cb7e9","sha1":"f30a4961558e2d3d4405e7d93aa28fdb63245e78","sha256":"5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33","sha512":"40c24a9011e1bbdd98bd95b341c400bdaf48fefd953fcb407368fe3c685ac09196b55e230c03ca9890c35fe9acef2c916bed52423dc1a7b532a1db9817c03a8e","ssdeep":"1536:qOL1yBkBeb9wNoHpH7tjl2Ulwjwaj2BH3fMobEKeYEoZYiMirUw0:qOCWeH70R2BkobE+cw0","tlshash":"aeb35f5a59e31023496362294fdf2011ba388123590dee487d8da3d49f9ed7c47bafec","size":117433,"data":"","first_seen":"2023-07-29T10:21:40Z","last_seen":"2026-06-07T06:16:56.193664Z","times_seen":17476,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"bcf23536347ffdec663083e94ce91dfb","sha1":"a0973ffb9ec8a6604153e4e7a27cad19c74037cd","sha256":"a81387199dc8f3641fbb417125986b8014c17d3feaaaaab9c3c5bab1a6cdd3fa","sha512":"daa06ae537992db320359edfeaf58b418e6fff143a9266a2f883c127d92c62715da1e47937e4b15baf3276a74e1fca7cfc2ec53db2f5bbfa75912321914eeb1c","ssdeep":"","tlshash":"ab214e8354563043125749463be710b5f4b3510f65f4c099b25cdfca1f1e8980e7cca3","size":1142,"data":"","first_seen":"2026-03-04T11:45:34.668414Z","last_seen":"2026-03-04T11:49:17.068928Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2dfe7db95be9792922530c88ef88da4","sha1":"fc992fc77fdfa4abe3570569fbdc53a1c5714c0c","sha256":"d05ab645a69476e9a8ba932b58907e3d8f103bf23aedafbe3e76b27f4a22358a","sha512":"99065782830b3e3f013910fd9aa795fd6b341e7892eaec200ad05305920552798f2446dad45dd254de8185095f36af246cee24052b58f05eb17dee20d59b5abe","ssdeep":"","tlshash":"7f210e524f048a9b77cdc7195060241c6ccca06fbc94b988f6ce9ba70f5ea9e56fd083","size":1279,"data":"","first_seen":"2025-10-03T11:28:12.468736Z","last_seen":"2026-03-15T12:05:04.391268Z","times_seen":1669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/6.DOO3t-_-.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"a8e2b53982d152df0eaec74958f27053","sha1":"0bff986e88e2713c3d3ec2641496883eecc2acb8","sha256":"9c47463b03fb3737ba6f86f9136a8d3b45e4bb03d2bf66c53e17c6461815ceae","sha512":"1be83a22adbfba76ace6c0541d1198ee40c7784321e6e226fe100a063693a4a055d941e7824381a73264e4a0db7dfcf20febc1c75dcf2f953a5aaafba3579018","ssdeep":"","tlshash":"7f012fd938c398b0c32784cd21b899b2f57c0e4864fd40d0f5d86c8a3b221b1823aeb8","size":847,"data":"","first_seen":"2026-02-25T12:54:39.727904Z","last_seen":"2026-03-10T07:35:49.440775Z","times_seen":718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/commonPage/lan/i18n.js?t=1772624690.71","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"35a2f860dc46fa84d6727c4882752ee2","sha1":"5f18ac1a514559400fc271e3c09aef7bbfaa6fee","sha256":"e245b50027c1fb8ac97b86706a83be7397a924e33acece7ced9fe1d62ac5565d","sha512":"0d60ee9e490e7a8b571c3c5a3718e0103b7d82bd579cf59bd4c598a164208fdc837480a611b0eed2f7f19ac138bb1aa76b330f3ea13bb01ffd7d051bf90ee817","ssdeep":"","tlshash":"9d21fe68f3e061e32d5e8aa3eda63f6f11754abd00973407437831ce11797a79cac408","size":1310,"data":"","first_seen":"2026-03-04T11:45:34.597859Z","last_seen":"2026-03-04T11:45:34.597859Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"92ec07760269a9b5afd7d12ff38b3da8","sha1":"0ad3aa3532baa05c5331fc39a1ac45c207c0a862","sha256":"07003fcd862614d3aba14e6d1da4cb47b33f31df6651d359db5247ef20f4a392","sha512":"6729aae3cc8906f0079c89b342e8f973d211979c71f4cf1eb01008658d92b42674456d795bd419e95bc7afcca84c718f15f180c84cf448c6982a92e4d52b82d8","ssdeep":"","tlshash":"2f01cb214c7840906c500350137b7b0db922423b4d81e544721e5f613fe986f019a3da","size":707,"data":"","first_seen":"2026-03-04T11:45:34.670116Z","last_seen":"2026-03-04T11:49:17.070108Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2dfe7db95be9792922530c88ef88da4","sha1":"fc992fc77fdfa4abe3570569fbdc53a1c5714c0c","sha256":"d05ab645a69476e9a8ba932b58907e3d8f103bf23aedafbe3e76b27f4a22358a","sha512":"99065782830b3e3f013910fd9aa795fd6b341e7892eaec200ad05305920552798f2446dad45dd254de8185095f36af246cee24052b58f05eb17dee20d59b5abe","ssdeep":"","tlshash":"7f210e524f048a9b77cdc7195060241c6ccca06fbc94b988f6ce9ba70f5ea9e56fd083","size":1279,"data":"","first_seen":"2025-10-03T11:28:12.468736Z","last_seen":"2026-03-15T12:05:04.391268Z","times_seen":1669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e941ec57accd6be11f54c23945dd5d1","sha1":"bd1526e8fdb1188a28cbd79409da99782ca18dae","sha256":"d96f894cfe77f1babd1c1147ffc97f9397024ad417cc9bd0b3a5408680e8e641","sha512":"3b6371d55a4875fb8a0f1118490c3fcdde20812e74cd991414d0962f23202d67b8ef1b57a7001ed81677cbd72191556694179949e264bf65bd4d7111aa343fef","ssdeep":"384:2F05MtGUz1xJbIQCuF+jXFDGJ6IVDKQGZdHd6l3PEkdn69oz1R0f6Iem:2KytGUaJ0uXdE3F1GLdwF6e1A6Iem","tlshash":"4ba2959524e90075a6cbe16c5a9f5c98b72c409b4bc94d0fbc8e2a74df64b70037b6bc","size":21440,"data":"","first_seen":"2026-03-04T11:45:34.671187Z","last_seen":"2026-03-04T11:49:17.07066Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/iframe/logo.html","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa0621e6e42a615cbea4de6c3a18afc9","sha1":"434340f6baf11f5ea63358ec687639f03d779ff2","sha256":"7e5cc0b4b3d238540f57eada4575f9a121b364b435188d2019b672372949616f","sha512":"f91f087e3d0a75994362d78e955e5ebcc747afcc3d1c63590608a0f473291744202e1d808432186b91ae3d5cd5af4d7bf7023b9b4beaf1cdd5896d5e44f9a19a","ssdeep":"1536:z6xa7QtFR8OnIsjkcYf2HGauJueZZVrVuxg0LbogebW7vwp43vvK2gK2H2:exa7k8OnIQkn2HDuZVxupK2gK2W","tlshash":"9a9319399a5192effc425fc238e31172e4e64aaec7a4ca44c3e19d6cec160d0d52f997","size":94108,"data":"","first_seen":"2024-08-21T03:34:46.609401Z","last_seen":"2026-03-04T11:49:17.077549Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab8b1bcffc72e505e0f37f693d6a87a5","sha1":"849c792d84445ff1cc946c4458255dce152a68da","sha256":"36e8c37b1055713547aa080372b86615e1f9858d3f632cb0f949e05247f8e607","sha512":"cb717ce8dccbd48d7b8ac79f8018ff327637fce9ef4441b832a9ba7af57cfae5e476170ec2490374e8026a0b6a6a265399d4ad2801ebdb37b7a0092d8f9331a3","ssdeep":"192:1BDi+KreB5FlJ7KRn8rVavN3nryOcCxiAcJGw/d2mi7yn:TTKCBRhKRn6YEDdV","tlshash":"ec42c8a821fe392301d371394f1e6a072532599bc396ad013e5e8b884fe977c46b36c7","size":12737,"data":"","first_seen":"2024-06-28T11:39:26Z","last_seen":"2026-06-07T06:16:56.214446Z","times_seen":12666,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=14950425\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fwnsmm.cc%3A8989%2F\u0026group_id=2\u0026channel_type=code\u0026jsonp=__dmoa1a8me8s","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"50106a9c36f5bb1f99cb8e914118af9e","sha1":"3ec0581ca0ba4af2edb685f917ecd2406a742dce","sha256":"5cfd1fab810e4c19d7eb859af5ba07b57be4196fb18f8d06bb9293d10719a591","sha512":"d358e0e58134b170ba055e953599b825bed6f8be03f5b9f14656dac5745f07881650b11aa521047b8fe54d551f6c80f5a47cc29b96507649b8ba35adf033feca","ssdeep":"","tlshash":"17e02be6b6054665a9d593659504fa12ba7501f25140eebcb0a50204221f38dd224607","size":398,"data":"","first_seen":"2026-03-04T11:45:34.60971Z","last_seen":"2026-03-04T11:45:34.60971Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/14950425/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","size":35,"data":"","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-06-07T06:28:14.479218Z","times_seen":27949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_localization?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026version=4940c52ca0caf914a8b155bf4411bbe5_6aee3e71a91649f6c7519214e2118423\u0026language=cn\u0026x-region=us-south1\u0026group_id=2\u0026jsonp=__lc_localization","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"96f508caa7e2135b9fa98dc1edf67080","sha1":"ea426b20df6aa0b5502efeb09a721224982266fc","sha256":"4d21be17a8ad6f2a2c09c1850315da12c3ed77719ac53c1a54ec23cba667f8af","sha512":"64802a0ac99f7b0df652c9b76fd697ad50ac335f74e02f86c6526539f6e488e0d7994acdd92aa725a6ff2584a418ec811fd63cecd82f5c6a874588ba2cf3c285","ssdeep":"192:THXlChwBLXHjJ18GuajmiVdOFd79o5cKJmvmztlIQFxe2sHLUeaevz3hwtjIzso:THXlu8LXDJzui/ascHuLxteaevtnso","tlshash":"0d520a2807a9edbe02076ac4fa7b540a70d4268ad4d04c6bfea9c51c5745d8b738fb1f","size":13751,"data":"","first_seen":"2026-03-04T11:45:34.642565Z","last_seen":"2026-03-04T11:49:17.013255Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/idangerous.swiper.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f15409fb02c527ce1f66a2fd3c4aa0e9","sha1":"1e1e1bcc0f49e99e14ba34991cffe0745178d302","sha256":"1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27","sha512":"66a384d6ad5fba862e778e24c43326a718328b6f860469fb5eb69c2687b0bbdc3c2dfa9049b0e3d5509214db1dbec4477f5c3654dc04446a505379a4300d4908","ssdeep":"768:oTFZ8CkWyYzh9MTvl7prcAgQW5ppZ+rPPWRqKDyBuq0t:cZiY9uTJuAgQW5LZ+rPPWRLt","tlshash":"5613f8c1b32031a741f3626e91fecb4271f54966aa05d4dcb5ed84c41ab489a03beff9","size":45187,"data":"","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-07T06:16:56.166479Z","times_seen":17297,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/lazyload.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"d87854586672bff7f886a47da85da5ed","sha1":"8d0537030dc7a81ade87a41a75fd5a75e4e33da1","sha256":"17859187f895c27de8869fb6bfec579fd68c4588d0af71d08d334be92d144ada","sha512":"d8c3e724f00bcf1ebfe1f8e96dda01243cf22aef18a0fc5a25a42d84458ff58a22a316dabf1d80d1b4f4c28db79edbdf9ba19df755d72f2b0b9f64497137672f","ssdeep":"192:Cdr+EgBD7NiM7B1wV20jSCQrF/bcbe7/bgdCx4RTsmS3KDsS3CggvBSChKRJ0Suk:Cdr+JBDYpV20Ez+obgdsm3ROCJIqSJvG","tlshash":"304200483deb51aba1d3b0f89a5f11447235810b160eee253d6c9395af6093932f2ff9","size":12053,"data":"","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-07T06:16:56.16731Z","times_seen":17236,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"6681856885ee92601b7711c11d19553f","sha1":"95ab4437869df8c790cad28e0753a4c9ea362e73","sha256":"ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23","sha512":"5f2a2fe1e899778e0687301ff306fd8c35b869c0675f726653be98393da31fedc388b4d3ed25d7075a0da69656458fc929bb00daf92e1381e19bb49764bea4b5","ssdeep":"192:dvbLsKRfG3Ncq2w30CowkzcDC/L04alCUM:d93d3","tlshash":"1722cb08f1bb1da540b3203c1faff082ae64564b9d89cd02bc4d59c45f09aede971f9a","size":10725,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.215293Z","times_seen":17278,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d32a39ca4e8108b1db401e506d98f19","sha1":"ddafeb5f3def94e42c1c5c9f4f89804ea2d26736","sha256":"a1d49f8e5be67da4b3921d0f7cf628b007871101160e6eb6d746bcb440da9a45","sha512":"142665a3e052397ebfafc0b60c203aa3e1dd95905ad5e8708272bd75639cc9dc8d5ae9b4896bc7836199c3ff12aac2d390bfd3fdebca440681bf07b7c09767e2","ssdeep":"1536:E5hboeri/BevgjTcAhWeypynDx4Wwwpw84Io6eFlIUYow8:Evboeu/kYHyp0DPheF4oh","tlshash":"e2a34ada7282b03453f786e7a17fa216b3392818340d8420f17cdd6a395a9c79177f6e","size":100997,"data":"","first_seen":"2026-03-03T14:45:10.225758Z","last_seen":"2026-03-05T09:29:13.614557Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/websocket/Comet.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1008fe6a5e1a182d7775963b85405bb2","sha1":"e174a7b08cc3cb5545af1cd33d2814e604119392","sha256":"7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20","sha512":"26e07821ee1e8e94c4bada028e049df7572cac06f2e8dae958baa7a011eb201a6a1d4ed0cfa15017a3f52a0cb949343de0b33ca6da7c245f763c86d5adfb0223","ssdeep":"192:4Pf+aTbLSru4NyRs8VDv1KygOdWuTyVC3d7QPXLHOm8cSCl1Ej7bY8l7YJIJvO5N:4Pf+aTbe4M2cXzsjDUfj","tlshash":"ab721e4a2cf76086552732b90f5f64543235a8172605e91c7dcca6e08f98b7c1babff8","size":17162,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.152059Z","times_seen":17446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d15a9b513acdcf3e9b08901384511565","sha1":"f1fe72392137895e4952f835c0330f76aacfecdf","sha256":"9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995","sha512":"9bb3e57667fd095c42db5514ac18c9b41baf50b81ded3ff810486ce394e1034751a941fefdb4e0e09bb98613b5dfc0a842d37cd9802671928e5f49380b9eda29","ssdeep":"","tlshash":"b071013cf4fa2228282b6085779b2821a5915427144dfd0cbb1ff3389fe9d25ee566c7","size":3647,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.216118Z","times_seen":17271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/websocket/CometMarathon.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"466a7ed7d00986d45375c0cbffb5233c","sha1":"68845ead668e9abd29c24b491dbf97b219226c08","sha256":"7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123","sha512":"752801557c12ee7830f1f2e55352ab9c033aff01ff79abdffaee1601c54cdfc85a2041facfc5a7e180706812be5ad08668eada116544197fd2a784bac1903ea0","ssdeep":"192:0Pf+0Sn4NyRSTTPhvygOdWuTdC3d7QPXLHOm8cSCl1Ej3m7YAPzhsoqFncJ0j:0Pf+fnwfcXSaGLj","tlshash":"9e32314b6cf75085592b32b50f9f24447239d8572605e81c7dccaae48f98b6c0b6bfb8","size":11905,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.163137Z","times_seen":17445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026version=1250.0.2.219.518.1715.3.3.3.1.3.11.10\u0026x-region=us-south1\u0026group_id=2\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ebf901b97bb6fc5d03a94d67dd4b59e","sha1":"b0c639e46879b0de71a78ecda4770572f9265435","sha256":"9a7a84cc44b8a27405e8b6f23ad723f4a8cd64c72c9474ee9c2e360806b7f9b0","sha512":"36cf288372373e92e5af81cbf569324eeacc3de5f8401d78dda24685c9a230f5215f623ec9a9efdb0dc8ceeda289da97cc4b5f6720b3b30a2392fa4f5c800117","ssdeep":"96:ZskKJGEeT4/3xI9ujUPr93t01Twr1wP/wGtJuNHqGUmTGEP/vCaq:ZsNJfg4/xgu4PG41aQ7Um6uKn","tlshash":"c9d1852a835fc8bb6277819933ca720f34496138f1fc593fd564de30a15a287d107e9a","size":6400,"data":"","first_seen":"2026-03-04T11:45:34.634688Z","last_seen":"2026-03-04T11:49:17.008769Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/1.CQtGlTmN.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"4a10c7ff679d5a6296b3e15ec71fa5f6","sha1":"7b6d3653a318fe95570cce84c6b5ba72a4bf5015","sha256":"67d420b46de773221b02141e8c7134fd015b59b5e5f745ccb29b3c92468be0e5","sha512":"89efa657bfefa3013105dcc1ca62f63a2e77067fc7068ded9f25e6e206602ea1adc9ce6c0788740a8b757c83b57a6f53a47c26f9ba10cd8f8fd966736fa3dac4","ssdeep":"1536:M51K4Z4zJvuhGqG1Qn9TtKP1V7g6FkE3cJbvM:AdC2hqw9TyV7ggkEMU","tlshash":"21334ccef14174315bf315f2a06fa106b73a2a2d384c81b0f629dd9925de44ba227f6d","size":55065,"data":"","first_seen":"2026-03-03T14:45:10.161206Z","last_seen":"2026-03-05T09:29:13.692326Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/2.C0gegXQh.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"03c7b810234448ae64dd9892a662e43e","sha1":"5ee59572e8d1528976d6e603ba8e6aa8cf4e0f19","sha256":"6e5ea6662f022d5efc56b6bf3d1797674cc7f04eb800db1eac9a49be24629690","sha512":"83e4a67903b7aa07a92139fe3006ef9074bc67e4fa03bda85db98cccb2c932b4fb5bae5f04b72cc7795b06f4eda720237ee07e53f24de7e19ae0eb57e31b4b56","ssdeep":"12288:mx4lCyAjiSkC8nMQiiHkMK1rEdlOqtB5/oS6JxIOfDf+5tqbFmqeD1d9WB9Ff/mS:mx4lCyAjsdzqzYi","tlshash":"47946be07242f938d7e7c19b90bb160af33d3d09b42e9620f1ade85d33954489267fa5","size":442575,"data":"","first_seen":"2026-03-03T14:45:10.205138Z","last_seen":"2026-03-05T09:29:13.782645Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/3.B2M_fyvk.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"8fc2becec9bbb5ac069aa34468b76215","sha1":"8a7dc639ebbfd8beb2ad59fe57b9a63b7a7f18a1","sha256":"570206c6c8ec5a0c0eff5a74a683a6dccbb08a24a5919ffc5be31680c27b4757","sha512":"72dd74a528d7ac7229e3f599a179b34d74f2eeebe24cda1598736c8c8e49e328094a505b12c562e554f5f4784d224be797a3cb95bb794246ed2d9f95cb4b3281","ssdeep":"1536:vgZQUuQC6WDvhFCvB0Hx6J+vXlKAwTwH7nDPWnYlkChX8qg4JklHYD82:vgKUuQPWDvhFCp0UcDOnA5sFikRYD82","tlshash":"fbd3f8e83992f5626bf312b700af5817733c192b280c4990a211fdddb5b845ea17bf9d","size":138438,"data":"","first_seen":"2026-03-03T14:45:10.188122Z","last_seen":"2026-04-09T10:49:40.066961Z","times_seen":977,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f9ffcf6f2042e12b181012a1f9386d2","sha1":"518ccd99abba9313ed1f1dea4d5f291512489898","sha256":"39f9d4d26c16d5a5b5d86a43200adf903a3e16cc58ff3e5364b018e4be3e1060","sha512":"d68fbf77548c33fb2163fea03bb9593856bb4bc22f02bcb34f0b42dc4d3312de517e2f160b7137d6170a2f2e38fa81e7c10333941853ca9a8acdc2621c5fe8af","ssdeep":"384:VbIQCuF+jXFDGJ6IVDKQw+GhcqJmYcIyaFIy/BIyv3IyPlpK:WJ0uXdE3F1w+GW5IXIaIqIYpK","tlshash":"c6b2b41824ea447819e3726897efa1c4f538801b8449cd44fc9e97246fc8b6827b7bfd","size":23869,"data":"","first_seen":"2026-03-04T11:45:34.676149Z","last_seen":"2026-03-04T11:49:17.074736Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/layer.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb96339625e9d456e32f86cdb3c7a7a1","sha1":"1301165c58bbb13c542cba493b7ab5774e87e31f","sha256":"17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919","sha512":"53083bf4d6d450b1e9402c3f3dc40fb3434a27d47fbabee51f4ce1d3577f2a0aabe90cf5f6dfc22830a3878ec7552a6bf6bff605c82a4f832c79f34f7657ccef","ssdeep":"384:r1dCih92A3DgrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:r1YiV3D+WtXItqF13k8","tlshash":"6aa2b76a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":21994,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.182072Z","times_seen":17434,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/float.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"829af863b0cdc4a603919824ae046299","sha1":"1d417b1553e4ecb7125ebf2005b74255291fbf73","sha256":"1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271","sha512":"e1202fa26fd353dfb2f989d3d45512e0691c062076297399f5fe62f63e7f5b194fec4a3d7fe2f09be1a6a945e197e7d68445d33dcc6f80b23a315112d9ae5b6c","ssdeep":"96:G4SXFXVXDL+R5NxuHie/moRUgIm/Kv3RKXg+Iw3qCNv5IC80b7Yr+HpH:G7xhDL+jNxzeBVLKJ1LeqCwCxb7YspH","tlshash":"04e1506e03b1212195aff1beaf1e424c6631905b2507dd057e0c87c46fa493c4636fee","size":6959,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.198753Z","times_seen":17477,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c41709c2b64126b909c101a27f39153","sha1":"4ab666b36c092577acb41390ad90e96d5fea7711","sha256":"c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60","sha512":"f235dccead15199e58495c6faee849c50252b9beed29a04ae46a7a9bdbccfd569a8ab452e7fcf923b7048dfda0c3d7bd51261874642d40e994d1640ca89e330e","ssdeep":"768:u4ygd0iB6d9zYDO5qYT8fwTW3Jny+XiKZNtrt2tG:NB0iB6d9zYDO5qYTMwTW3Jny+jrP","tlshash":"e6c2b7093585102f4ecf30fbb897524f72ba95a45019a069b5fca4d1bef9f8530a6f38","size":27822,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.146855Z","times_seen":17422,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f5bce1aa50f72fd0834901c70db4f43","sha1":"41771079bee5eb45539e694a5eff580732ab26b0","sha256":"a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd","sha512":"d1445eef1431e8e11779bb3aa9da243cfc04ea0abe4cb9a62b6b0f5940a9ea17ad7d0926a51925feb06ce2afc435ce9050c3955ce973407eebfa4dd1d0ca35af","ssdeep":"192:cyzyMkzf77qsBQXbhG1SUnqpT7H8DvswVAJ4jy7j3vU4P8eaoCrHoQcasI4kHwCW:mMkjq0TqEVAJ184P4DiQzR0KmgqQ2N","tlshash":"599210b876f701b24c667477875a2144e100f0ebb648ee087d4e56dc4fa8a34b3a6fd5","size":19701,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.218627Z","times_seen":17245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/js/swfobject.js","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"062e203de84bf58ba8a6a90c46f72ad9","sha1":"d324dfe4965c0b56b74e9497cd56490cd1ae5a96","sha256":"4f19997108b3e4e7d227e708162f22a7741fb816237f833310f58f623dca3c1b","sha512":"1f006dbf600b6d5ef9d12e85ad9c2cfa19c74a66cf89076c7b91600298f3bdcb3e9c347cff90e221b86866b66c3c6f352b92fa54e11b73d45ebc66cb8dd76727","ssdeep":"96:jYlsTmD+UEjAt0YDXIBu0wEsZ9ikDZ/QngMkyo2K4RzJ/tXW:jisTmD+/jAt0YAuQsZZFogMkyK","tlshash":"6fd1763a7048b9f41ede11d44c6fa6c4fab5d5126449747cf88ad1c6966cc0b88b3f3a","size":6368,"data":"","first_seen":"2023-10-24T19:57:06Z","last_seen":"2026-03-04T11:49:17.063543Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"edaddb8132e9e0880252c5b6c47bf1c1","sha1":"dc08b5b6ca432b46cca94f1f297491e1b08736ea","sha256":"b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e","sha512":"00dbcc0a7b89e5e377bc26573fa3b9f1d09267044b3ee1c594e22522f8a17733bf041ebfa09ddb2e70a9f495437933f8a4e42875a16a3221067bf1df558c090b","ssdeep":"","tlshash":"da4000000000000000000000000000000000000300000000300000000f000000000000","size":6,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.219488Z","times_seen":20350,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/bootstrap-dialog.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ce8851dc823429a42ab6147554403cc","sha1":"28f381f0e0aa4f5d56690e65723bd97fb59a38e6","sha256":"dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811","sha512":"f42a4d48c666d9c78fcb6c6061141452899085c504bf15e23749611dda00b6913e75ebbe47ca436a2ed016175d0918f193e474f13974a2f6a5304e18909a87ee","ssdeep":"384:3ai3F3N3VKUINthDa7Vnq86z3JCDKSz1m0hMtkJI2Cg0WEUOv5Dq:T3l3INthDu1YCDKS5flC9m1","tlshash":"6a9261ccb2d9b54c47abe072143f200df03a996951496119bc79e9ebecf060aa077f79","size":20132,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.127441Z","times_seen":17542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/sprite_logo_h5.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"01a7a44d1e991edace3178d8adb28462","sha1":"abd4e088c6cf974c0e468dfd3673c9a02d4aefd9","sha256":"8b6d4a810163ac6f3b848425af836c2356283789e16e4dc3ca64ed62baeb4c12","sha512":"8a0300e2b8f19329e77cb7f458fba139c78b468ad6b930b829c80eccd24fb2cd3d3f0e37f7fe8c3dda4f4064b9ce98f74c2ce9f23568c11291bc0142486f6adf","ssdeep":"384:5AlUE7v7hB8ja+MZhsw+gRP9Gg481ZOzotgSV:0UE7vz8XMrtTbHgQ","tlshash":"4ca2977e36672732a98a61d59c3f66d16af124349c028d6c3a5ccdeb8a6cd0424b7f34","size":21918,"data":"","first_seen":"2023-10-24T19:57:06Z","last_seen":"2026-06-07T02:18:31.060343Z","times_seen":113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5bc8cd626b389bde727a91e6ce79436","sha1":"3df6c39300ac286cf596b3bda273cb39ff825429","sha256":"a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e","sha512":"2c1dde58ce83d9b716919dfc42602aef3022be012b3f92e61b17b674303ecbf0b9d308064b6d6c2443cf3e3dfd36bfb332eab62e64b56bef0be801e6f4610f12","ssdeep":"768:CwJl9VwAdGuMbJVAOi9ee9RjOEe1sdMv5rjITry:Cxb7AdRjOEKhHay","tlshash":"9553a7cd7522346b05de5235d18b4b4a623a9857730b90e4762c8cf46d29bbaf223f7c","size":64651,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.168197Z","times_seen":17618,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f1681b5a72417b33c2869aab85af152","sha1":"b40a6d9c6d058c2bd6e126a1b0191182926b9d04","sha256":"eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154","sha512":"d9190153595e85b071dbf1c92212e7c30a5de2e1d6c4533558bb5f4235d6227c327751799ce20fa50a875a4ceb25227f4eb7d133c3257d8770c1131117d8bda4","ssdeep":"","tlshash":"1631d8d2f3cd01fd42099504248620d9b11dc2394219d48efa9d3c8e73d696e232f32f","size":1761,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.221259Z","times_seen":17222,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/js/jquery/jquery.easyaudioeffects.1.0.0.min.js","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0b356857d3c9dc5af864b7eff6cd521","sha1":"1a87e231081fe9ae44bf0ea7cdf42a29b8565b97","sha256":"ca6e3078877fd787f646fc33fc225d9b6304986c7a244dd640415af6d76667dc","sha512":"b2fabd77473ee5173f67471290165d834b076560f0263690022dd4c373cde67caa56cb06671406af10d0b78e2373b408b03375fb7c5be5645fad0ab369ab83f2","ssdeep":"","tlshash":"3f21f30cb41ab50dc4ebf5652223a4143b3d81cd58a40ee57291df639bb1d9b0693b4e","size":1274,"data":"","first_seen":"2023-07-08T07:14:13Z","last_seen":"2026-06-02T16:08:19.099078Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","fqdn":"secure.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"d30bfddcdb3764a782b7c8584021d1d6","sha1":"64ed02149d0db57e6c1d68992361d7c1330a663a","sha256":"5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623","sha512":"7f7061097e172e659abcf34d29c148da0bc746fde1307cefa2bcc88ee94db292ba498b3f287a8436b39f9e6d44d5e145350896e447ac7c3cfb281a91a5bc6c97","ssdeep":"","tlshash":"79b09222c200942a24ba8118239fa6073110537a80660c1b143c64a436e610f80a239f","size":105,"data":"","first_seen":"2025-03-02T06:33:06.481005Z","last_seen":"2026-06-07T06:28:14.498928Z","times_seen":26399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c3f7d9e5de3b764c32a679ad06ae3db","sha1":"9ab260e36b46c6ca6f58066ee914f3826d86a37f","sha256":"fefe9a763127c0f92edfe95be1000aeed2eda7690482769c90dc9488dbe5d33a","sha512":"1517bde6929159474692270e256f6021611365d30618b57d1fd325e7170bc7540bac8500e1ccd438d2a3d5f3b6cf1456ba39560d5cbc685f4b56b4c2b4126ad3","ssdeep":"","tlshash":"0e51462618e8c076a31b639d0b9f1141b53c750bc3ac8d357d0d5b758fe451452dabdd","size":2561,"data":"","first_seen":"2023-11-23T15:36:17Z","last_seen":"2026-06-07T06:16:56.222104Z","times_seen":15229,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1772438913332","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a55780dc13cbf1a8d375f14ebb659cf2","sha1":"9548cc269bcde0dc48e166fa6bab37af8a649e57","sha256":"35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8","sha512":"3514366118d038da9131739e4557dc5fd92b8b7d3a27af00a7c2d8f4cfd49f4932991cba899fcc8171ac59eb356b25e717494225912f37d65600305ce2d3ace9","ssdeep":"768:WqBveMjZ1oE/eL8hhMjm9a1hI4vhej4pZ:Xpo5GhMjm9a1hI4vheUpZ","tlshash":"cee231166b7701e2916b71e10e4f9a083174952b5a87ce08bdac92e09f18d787373ff8","size":32679,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.153035Z","times_seen":17743,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"66653e47a46c8e11fe31ed25428166b9","sha1":"9dd0005b46bf5b4f3295ae8de8060c2c7eaf21a9","sha256":"73e80439f2fbb8ed3da2beb70049e8775005d3a6b8860e8935e38d21e0fbf845","sha512":"673b701ceecf83ce6a4205636259fd142861cb3935f40cf081ab975ab513d0224d37b3dc5e10876420d1e27c41dbcc3d2f309dbc2fa91b05423c446b825e4efb","ssdeep":"768:cxHmhEOPRtPvJdcz4nPDCKJV+3/svMIR0Kk3gYeLLvcOvBea/u+IaAVbaa1aTKOz:EWLqFjIIa4aTuUwlo8/b0vwr90AIC8","tlshash":"ecc3c71c75e712a664b330791baf31007072941ba90ddd04bd5dbac0bf9862da3b6bed","size":129059,"data":"","first_seen":"2026-03-04T11:45:34.680483Z","last_seen":"2026-03-04T11:49:17.078795Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"479c01001c455527cf2aafec087accad","sha1":"230c5d853a00977d890c25cb56b5a07c5e0acd0e","sha256":"0ad2a7081ff475ce3a2068fe69547248166c0fd39f26fbf03f2ac5db073a16cf","sha512":"ebedabe18db451b91ae6cfe4a55712d0401a1cd5545a5b9344edcbb68c7cb678a1a8a6efc20f101d99e8cc094a060bb32deccf9e694a837ee17a8f8585bd43c6","ssdeep":"","tlshash":"1f21233e1c17a1b52ef7046a9b7bd5a63af2051b2442e400bc8cd8193f14fc11c25bde","size":1389,"data":"","first_seen":"2023-08-21T11:10:45Z","last_seen":"2026-06-07T06:16:56.22405Z","times_seen":16881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/4.C_rgEAoe.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"1771376dc07da48b3f03339d86d57b7b","sha1":"a5861ebfff23a92ccd1ce6b8a517b6f877d50a63","sha256":"6e148df31d721a0ff08563f2d676751786e01418c86ee54ee8f0e88aa46ae26a","sha512":"6038efed0774fd61c7bf6558d3ea24ccebfada1041fa2c1606263a19f8700043a18f6e368ed550fc61f644eb7b81f8cac01498f30cc56a103295911b28e436b0","ssdeep":"","tlshash":"afc022563060f3a502bb0ed00033e02af32a402cf0ebfa80a65cc4f020630530a26b1b","size":193,"data":"","first_seen":"2024-06-24T12:34:02Z","last_seen":"2026-04-09T10:49:40.045057Z","times_seen":23532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/5.COnDpwuW.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"547d768a115f0b1c13a416dc06518ca0","sha1":"7f8fa3a9fb3f4a42bdf7f8e54f0620cfc21131a9","sha256":"d94c017d073799d844ba244e1472809a046dd250e5a7dd740c4f63b429213e70","sha512":"5426431966b1f3b78fee17347398a1c3dacb84ef2872dea69cd44e14f13a633e51159c05931b6d0835c8b6d4a2d199e3c874f7a7a2b2ca9f8c1dc0ee550c6b34","ssdeep":"6144:H3zu6cNIPxo+y30oO3fpKr35l37Fw9rqRDFq:Xzu6cNIq+y30oOxKr35l37Fw9rqR8","tlshash":"0b246cc4f18af53887eb34e6547e2002f63d6d18784c8560f758ddb63da858a9273f2a","size":218278,"data":"","first_seen":"2026-03-03T14:45:10.180807Z","last_seen":"2026-03-06T10:26:49.391079Z","times_seen":221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"cf0aad09d2e7287c48d72501c4ed8cbd","sha1":"7950b8c00d5a278b662dbccd11af31398a408e51","sha256":"72512199b29d971b5fe854b1f610604dcbdec2c38666c106f1d15863e0df32db","sha512":"2c1680bded9b22be2e6c38d76e46ef67bd438c6c9d99c804f9dcb77ca30bd5aa6f090c89a51205cc7efb466040a171eaa318ffe6fdf046c924394ce7867218f7","ssdeep":"","tlshash":"75d02b4472e3280c08f22b214cde250508a271b610484d08b10ce9d64bb5522b97773c","size":278,"data":"","first_seen":"2023-04-14T20:29:13Z","last_seen":"2026-06-07T06:16:56.217791Z","times_seen":13037,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7932637ac9b0a1125acfaeffa837b6af","sha1":"01107a42cef642f68e70ef30502ecb6c0de6a0d6","sha256":"f938651bd7efeb3c523dcca3df1c9a0cc63b12f604816c8e49636fda5b1b1c7e","sha512":"6ee9dd22796803d3a44aaf8a59219dc077e2cf7ebe2b58efe545c7f08028496e595fbea31d2990cc0f210054f6cd91055326484acd544aa29889712c2c050f57","ssdeep":"","tlshash":"bc71315e7559bc949bd3202a4a7f1008727b486f2928c850fa5dcc50af5cf0f2362b9f","size":3486,"data":"","first_seen":"2023-10-24T11:42:08Z","last_seen":"2026-06-07T06:16:56.224804Z","times_seen":15961,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/websocket/PopUp.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"07864ad2e2759d53f8f2f14dd4295bd9","sha1":"95144219e2eb702c4c4a707c3622b086876cf41c","sha256":"871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d","sha512":"f469d0f23c75e918d55e076d72481fca7043ac5eff9025aaac1f26860d080e4fc3c5d28f8f9ee1dae80719aca2b83f39ea82a129c221980bd7d63c212bacc119","ssdeep":"","tlshash":"9041ae54baf359a12c9b71f3aaaf30413160f2479505ed017d0cb9945f1d228b2cf7e9","size":2088,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.181112Z","times_seen":17512,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95956,"data":"","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-07T06:16:56.151049Z","times_seen":18320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/message_zh_CN.js?v=1772438913332","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f122062201cd2cedac9761f4c46b2a3","sha1":"5bced4febcad095851dd9d0dc4438d8e96aa8715","sha256":"96e43037ced41b7e8dfe16f604a02f6093aa1b65e9f349ea697e486e29bcd814","sha512":"b9cfd2e598fe9a778bea162e5180ca88bf01d2c02cceaeb27304e827fd0814662733d0df3ed07e2f3d5d0c34fea3f0e25b277d75fdc1a4de20c41eb169d225c0","ssdeep":"384:vTrBmS53qEviCysRI/2aTvfyxtvgfG+S7MjRBQP1RODaP5YnRn21IRBGN9Jaqxk7:IIy92nyfB+vODR01IRBG3JpfsIU","tlshash":"38e23ba604bedffb581615d6d44700c921d96b895afc7928bed0ee1e1b863c604f3387","size":32151,"data":"","first_seen":"2026-01-15T08:15:21.591485Z","last_seen":"2026-06-07T06:16:56.220391Z","times_seen":6825,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/gui-base.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6ce47d880d7a50ddf91b074c8572edf","sha1":"6a3657c67209136e5b544859daecf16f2d153b72","sha256":"c49e04c7ecfd07c74b58cf161ef2b58f2bc837a9091ed1ae090a33734cdaa734","sha512":"0946a1cb9d048b485dadf4056a4aa7be685a8906240a828a5ac776a4e1eae2ed5ef238bd0724da41cce33324357ba44704d34a6766430f1552630f9a17b664f4","ssdeep":"768:+lkflKVlvREcS38xHmuqrRO/5IS3oFaJX+mQdudqD9jAXImsUh8H3yALdODRG4eK:6ClKVlvREcYoHz0PszIfoALkMEY16pB","tlshash":"4353c80a72b130a106efb1b6515f460d323a6927d44ac458b97c9ae43f74f28316bf7e","size":60909,"data":"","first_seen":"2023-08-26T00:19:56Z","last_seen":"2026-06-07T06:16:56.141629Z","times_seen":16690,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery.super-marquee.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f77d83590bc0a69298f2fbcc5d9911cd","sha1":"1d6aa25d7052f53ad0181385e5efe72f224bbdb9","sha256":"1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7","sha512":"a39dc6c01df32c8f72842af346f4d67e1278d37a74a0541537b8274b421bcfbc547a2f4844f3c4b6c5cdda4c78f0a8f41171c87ffd149ab52526a95bc6c5bf61","ssdeep":"96:nwzrUsI9/8w/ISEgOGXFRNcrc8PQjc3Pb:+rUsk88OnJQA3D","tlshash":"2991252d7290f5d559cf3c3be02b0b050c785123a54e00927a65def279ba379a607e1f","size":4433,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.156398Z","times_seen":17500,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd4934ec50598a49950c57836d268ba9","sha1":"9830d9f40b0baf411ea1e7b7a4b65675cf35ae04","sha256":"89e8ae92a48e530a676704a7858edcc65fdd1488e39280ba8da4cb80dc5729d5","sha512":"1b7e75147ff199dc7900be58df3ab41039a70322ab2db2d697238b166447a915cefafb3e1cc17377a7ecfc08b641fd9ab51351f060abb405ceed36ee1e5b1b9c","ssdeep":"","tlshash":"c641df0d25ee1008d01729a9fbbbf50c632994272ca4ed08b50dd2154f6ed7ed2b9a9f","size":2036,"data":"","first_seen":"2023-11-22T16:18:01Z","last_seen":"2026-06-07T06:16:56.225565Z","times_seen":15176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95956,"data":"","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-07T06:16:56.151049Z","times_seen":18320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9757679696da9802c20a53f6b28439de","sha1":"8c066b28364edcd23406f6c86eab6c9a06f6e506","sha256":"747b05f94f19260905f23b5d5a78eae5d008bd3c857c9d28f43a9988f7d407b8","sha512":"b80c9645dbcf9253c560964eba5fb630de7d76d44bf20a88225b8adc4ca923f8c21b33a98f98e9135933001f5e731d9a8b50f42f63c26e74f8cad746c0127fa1","ssdeep":"","tlshash":"31011289fc41707596923668763bfa07513222155844643398eec37fef32d874103a8c","size":813,"data":"","first_seen":"2026-03-04T11:45:34.684519Z","last_seen":"2026-03-04T11:49:17.081384Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1880ce6f7e86a563b54412066416edc","sha1":"379f66a5c76c995e8255b0f825f2d2ef05d3ab74","sha256":"dadb28dfc6a383dc589a4c01a6db796fab7be6c40b7f7d413a189394ecac0bf1","sha512":"c5764f5080dc814bc985f6c4b26e18684cfe09bd3bb2dadb92e45500f82f583561e31d4b722d43628a014f5bb0c4f97019f91dbf0432d38909e7468e86e2bc49","ssdeep":"","tlshash":"70312f221117907787f2fb12a27f2406c80f878a953c99ee739f9070bb014fd71aaa4d","size":1827,"data":"","first_seen":"2024-07-12T23:08:52Z","last_seen":"2026-06-07T06:16:56.226307Z","times_seen":12351,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"e6ea297058f6d52d83390d9ea7f914aa","sha1":"349df987c3c4c50687d993b31f83cfea7f796730","sha256":"2f21ca2376a9112f70c12ecc46d75ff792b067f5edceae5ea06011c13cf14e56","sha512":"80999dd48f3db744a7cc59dc9cec9303b35216f65d2711891705dbc5dcfb34a18c5c015a2615573aaf59315882c5724ab5dc0e218e8f9cfa2579c4ef37d81cc5","ssdeep":"96:Ge2n8LmEhLzcRXKBxap3cSubfC7WjnM9LidafQa+X9MhsvVQCi:D2n8LmEhAXKfapMSu7C7w2WX988QCi","tlshash":"e0c10e4e72e120b199a7a52c929f901024725403080fdd1dbe4d93a4df89d7fb6ba3ef","size":6025,"data":"","first_seen":"2023-08-02T04:42:13Z","last_seen":"2026-06-07T06:16:56.227271Z","times_seen":17141,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"4e6bbb84979a27014e74be230fe8440f","sha1":"aafe0c1dba07e91354abfb25d154c0acbed24d61","sha256":"03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74","sha512":"445744eb54e6f81910f41add7f3ae90b45f311a7a3b5b86bb57079210dbe60c35b0b45ce06f3e4284c55578e2e2878d656ce445fa0040dc5e6edd47017a5a116","ssdeep":"","tlshash":"36e02649d63a68e0507364ac2b7f203129ee920ba009ce68fe2d13c16f444150b71786","size":390,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.228221Z","times_seen":14832,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d24a27b56a588bcb83462bf72dfe16a","sha1":"5a3a122a406ad4445c3b78f44ec4c32b7a13f7a0","sha256":"56287f4aa127f4034565f096be5459fa251e64215fa4e2c3979e5b7f2399d526","sha512":"1f76fc8263164bc9f876f7e50591d96e0302f065841ffbe3218632f94e5de2bb96ae02507c69f570ff6ade45bd2ae472f516f1e7bfd5d8f1404a6e979c326c0a","ssdeep":"48:Lh9J1waQo72wlPxv13vhvh9J1tato72tlMxv16oBJIOBf1ra/TJIDF1IeoUdvDBh:LzY67b1hvzVv7y4PaPxIfaZWGi17YjM","tlshash":"3781d07a32f24881907b50b91f2e37809335588fbf3d6868be5d0ac01f2a41ac096f5f","size":4121,"data":"","first_seen":"2023-04-19T10:42:24Z","last_seen":"2026-06-06T23:54:10.570157Z","times_seen":1051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cb994257c3638782720a43d0e03f372a","sha1":"fc1567589388184e3a7bffb5cce2b46d05408df0","sha256":"75713c243733d6bfb0c2ba9c1038f6942e838bab492e23f148f800d5112e08de","sha512":"0df390d5874a113774f1bd5bc2a9aaf9c60f570193ef5cc196518039dc8c9457e2a692633fb734268053821aac34947c7a8ac3e94fcd4d9931dd34e5adc4e563","ssdeep":"96:fMyapjulBID9Ifj6pDTGTXFP/T3m5tTGPvT3m5Sxu/Z0wo0p72LxSmHnuait8RSy:fMyapjulBID06pDTGTXFP/T3m5tTGPvx","tlshash":"f791610778a721b76473311e2faf0500b59e699b6a0dc828b9af5fe51f1af104013f96","size":4599,"data":"","first_seen":"2024-08-21T03:34:46.631255Z","last_seen":"2026-03-04T11:49:17.085758Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/7.qYTqns9Q.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"d541ce2d754402b833cc65b76eaea2c6","sha1":"c36a92a0f5cef497ce42b1e8b4c72c8d9bd3786b","sha256":"80353503e48ebf6c2ae9f70184d3e758f64bacf48afe147e039df807509200cb","sha512":"f8cd5cc49f9276c580419958bf312ee0a311194fd41d116ee709e56401d769511700031ec9f3e6151f8da6b7e13b16e374a231e31cb00b92413ce5c751c2a0b6","ssdeep":"","tlshash":"f090044530d334753111111c453f5c0551144c4c05d55730c010d5551f514f4571fc4c","size":40,"data":"","first_seen":"2024-07-04T09:32:22Z","last_seen":"2026-06-07T06:28:14.454447Z","times_seen":29834,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbfaa8f28e152c0a16ba77f18f1696a8","sha1":"fd91d0ba9c8d13cf2da285e2c96901c8f7e0ca62","sha256":"64f277c2394dc95fafff03a5b292ca7039cb8c8518ded80db8329b36e01811f9","sha512":"9077a29cd2813268db7862e611ad609ceb4626e19012fa0145d7f5ea5eb4c6aeb7e4cbf79320474b3758d060d422dee7bf7d27588deb17fceff08c62b89333e2","ssdeep":"","tlshash":"4051e00926e840af6c9330b64cbf6188167552374798c92479cf3680df58d6e27776ed","size":3120,"data":"","first_seen":"2024-08-21T03:34:46.632186Z","last_seen":"2026-03-04T11:49:17.086843Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"374927241973f0f59d688ecfad142b58","sha1":"c3b551af762b80e153ab6db15091366ab8c842a8","sha256":"20697903b70d287c40dc8a20284be966b5e62e92159e1106f1e9bd91fa828800","sha512":"fa5f2348b16dfe82d73e8a9db8cfc283744d10f835ccf53abb588eec3a1cc94280b8572c5eca09306bdd8afdbbe23d04b448c5ded2a5247770eb84de7a30360d","ssdeep":"96:xJkC2G3sf7cWGArKK1/BXu8/NTmuGz79djLMGcslsghGdHVfI/LDHFHn:PkC2WszNhD1J+sV9kXjLMAOghWHJI/LB","tlshash":"07b1121f41611329902bec688bb4a7178168e8767d5d77fe2413262dd7cbb4115e238f","size":5513,"data":"","first_seen":"2026-03-04T11:45:34.704683Z","last_seen":"2026-03-04T11:45:34.704683Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162001.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162001.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-5835\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 22581\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"ed6f04ebc5736c4717c84a1a2bcfa51c","sha1":"598865a99f57e3fdd55ca9a9bb2b804e73bec78b","sha256":"0e911e58271319dc23c7a823504825e083bc65572ecfb3b270ea5f3824bae56a","sha512":"3b9d51d1297c531485ee6ffbd44a651119f9d21f473fa88bfe1c877303017a6a9f32c1cc340089a27e859d7a2a3f0ace3242dc3f36fd25727539f1e6f1c51239","ssdeep":"384:YL7lL+2OIwHBSt9DnpB5d5eJe1+CXryeHbPSY9i1oKPe6QEOqV4BjmtKB:YZRZtBnwJeRXrye7KYAi8uEXuI6","tlshash":"eca2e1129577fb35cb8f680afec1d4e77e5c582353f3d14c4e85980a3c454e62a98e8a","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.227612Z","times_seen":1719,"resource_available":false,"data":null}},"time_used":1139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":915,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/livechat.CWIaArQD.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/livechat.CWIaArQD.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWwEl0s_wLGJ8p4RE-jjmY3XNR3_-AVGTZutCAY01rrruL2LcJcVvyRsk_X4eiTlX0Su7S74\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\netag: \"41bd0781dab47aa3519cd96277bc3dab\"\r\nx-goog-generation: 1772545407060141\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 401\r\nx-goog-hash: crc32c=MonwvA==, md5=Qb0Hgdq0eqNRnNlid7w9qw==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 401\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":401,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (400)","md5":"41bd0781dab47aa3519cd96277bc3dab","sha1":"130ab6f2eb3579c4d359af5ebd564082587812e1","sha256":"125146563f5edd2bba83bb862c052f8a441cf8e7ad82ee68d5e9797e0f784c27","sha512":"9234dda40c619d1f83c69685329b6cac199aa45df428f9a1765f26933d665fe94b83b7877f104656d87fe9c066c43419889db1ef569cffbd1a20337abfb441a0","ssdeep":"","tlshash":"37e05adae300b8e3fad9dde4c004e1a1a6faa39b47f487b0d0ce17715755165ce41a52","first_seen":"2026-03-03T14:45:10.260928Z","last_seen":"2026-03-05T09:29:13.543871Z","times_seen":149,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":3,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/mobile-api/v5/origin/loginSwitchCheck.html","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\nout-line: gb-cdn-805\r\nset-cookie: route=ac3a5dd70d711e3044f5a1cf2fe56e38; Path=/\r\nsub-sys: mobile\r\nuuid: 00117-01-00000000-1772624704ebfc\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 113\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":174,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"1452cebf3e2bb129b06762f43f09e5c8","sha1":"0ec65f1e79233e8c59f76c55fb89ac8637cfb070","sha256":"99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d","sha512":"758e5238156c2ffef164019c0090d96ae3567b56cdb9180b179f9f20dbefa3d184a9b0776e96d10667ecc0bef04ebccad0959b1eecbf5526077c096e22cfe919","ssdeep":"","tlshash":"b6c08c49f00458abce02239456d828402fec189270c9eccddc0c4a58f2cb4dfe322c2b","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.164015Z","times_seen":15808,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_14.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_14.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"63dc759f-4fee\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 03 Feb 2023 02:46:55 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 20462\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20462,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"86f136869bc81df2a646e873bd23b46d","sha1":"c40c25bbe820c39731d1c679653b28e119cbbadc","sha256":"bfebb7307f1858837e6b61be64e46352b1ccd29bf982e9975886c9feda9f637f","sha512":"f751f09cb06f7c301654647cd4e16755da78b6bb2ed71eee54b82e154f76b6a00352d75b12223278fcf0df58e8e68b5bb67c6b21e90a89f3c2256935988b704c","ssdeep":"384:T6R08Uf/vjBufBysuYYb6OP+lMymKuEynyvqwG83HUIOQJjg9BevLsAWac68Zn1Z:T665jX/lP+S2Gx8kAJj8BcsAWacTZr","tlshash":"4092d007fadccec8c904aeb5dcdc69059927212453363a7cfad84512b139a27bed139a","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.168074Z","times_seen":4690,"resource_available":false,"data":null}},"time_used":1154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":944,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162008.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162008.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-67dc\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 26588\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26588,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"0646e41d36016e00c0bf302cbe0e12b4","sha1":"ae2103abf43168d01a00baa8dd46ace35783ad8d","sha256":"4cbba4865f9c7d89534739341c61922915e8924117a19c3b9329c74278d260bd","sha512":"fb2a7c7f8e7e987af2fb98ae2627be1fbaef6f9d6ba21e808e6bb7caa2c2abcec8c656e5b113918bb733d06e835d7e8c86551f8034340ed3cff3db1cbfad1e0f","ssdeep":"768:rcT+XKtczjyra1XSltKKjXaXLZ9/5Rk5jtNEEvy2QkN:k2jy+1CltKU67/5RuzEEvy2/","tlshash":"56c2f12070b8a133b96b525b5508a1c4ef2374a5d4a745f5cfec702ba914ccf9cea2e3","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.183906Z","times_seen":1783,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":674,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/about-fl.png?wsSecret=dfcd5563ad1cdfb9e02ce0538a273384\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/about-fl.png?wsSecret=dfcd5563ad1cdfb9e02ce0538a273384\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-1089\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 4233\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8479531646258167472\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4233,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 33 x 13, 8-bit/color RGB, non-interlaced","md5":"85f8dd095cbe4fdb4ffa59ffe2b3b130","sha1":"fbf5e27e015389eb8eb04d9ca4d03a375778b0ec","sha256":"b5cf35f74dee9914bf8355da5680094039c98162d93d3a6d84a5b279a16ca4b1","sha512":"8bf2bbe25579fee684b9d59a4b5ba2ae0f8a09781fd461f8df5bfb3fb3d97aac26b77646ec8054978042d22303fbfdb522090a91e72416d594c96f2bc65989d9","ssdeep":"96:UllcHitlIxv9vk7C1+I4wWHLihk/xuNCRZUehNV/d:PIIHUCD4waAoUAd","tlshash":"b5915a89e4406105004d86a939f6da17492b9b80d6c8ad2abddfc14f8a309f23836bcb","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.001561Z","times_seen":5,"resource_available":false,"data":null}},"time_used":741,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":740,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/venetian117/themes/images/hover-list.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/hover-list.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760e-54f3\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21747,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 275 x 126, 8-bit/color RGB, non-interlaced","md5":"1279c6156e9a77530b0c0ea3b19a86ff","sha1":"05247df9f0ec7ca1ef717d1125b8c23616b245d6","sha256":"9cbe839136b0208088b44f1aa181475de27d9a6a0f219e2cd88e957e68d65ed2","sha512":"6c511b3ce73212aeba5ba1772378f488aade5eecb8a3acb2d182affcd0144f0e77d0a7598fd1e90cbb9cc42b185e02756a4b5766e212d37989c918a30ce91e90","ssdeep":"384:t0wLJk8BQdiYHB5FRjYdJKFnKqn2AxEWEHotMjy7xX7iOG3tRjD:tUgQdiW5j+sFKs2oEjAMjy1G53DD","tlshash":"7ba2d00acecefd2f150c58c1b0b31d274226ae519bc1b6f9d9db089d5b9e52cb12e1c6","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.050219Z","times_seen":5,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":775,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/websocket/PopUp.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 21 Apr 2022 04:30:12 GMT\r\netag: \"6260ddd4-828\"\r\ndate: Wed, 11 Feb 2026 13:03:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 14 Feb 2026 13:03:33 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 13151\r\ncontent-length: 2088\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 806059745002068040\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2088,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"07864ad2e2759d53f8f2f14dd4295bd9","sha1":"95144219e2eb702c4c4a707c3622b086876cf41c","sha256":"871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d","sha512":"f469d0f23c75e918d55e076d72481fca7043ac5eff9025aaac1f26860d080e4fc3c5d28f8f9ee1dae80719aca2b83f39ea82a129c221980bd7d63c212bacc119","ssdeep":"","tlshash":"9041ae54baf359a12c9b71f3aaaf30413160f2479505ed017d0cb9945f1d228b2cf7e9","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.181112Z","times_seen":17512,"resource_available":true,"data":null}},"time_used":1749,"timings":{"blocked":1476,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/themes/hongbao.css","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/themes/hongbao.css HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/ftl/commonPage/themes/gui-base.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\netag: W/\"64252e4f-d530\"\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nlast-modified: Thu, 30 Mar 2023 06:38:07 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":54576,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (336), with LF, NEL line terminators","md5":"a212ec8d2af1172e5fe97229a8cdd470","sha1":"676b870b21e2b4f18dd23dd24baa8a30955b8362","sha256":"910aca19fa0a1df0c76607fdde36968687403343a50022bed3693011abee9fc8","sha512":"6f8ef1e9c22978fe39412ca413b132e9ae54d5b84c1b95b6f40b5c7bd44e726212ca20b731de29294e77fadf0651f3cbc8bfad1d6a4ec6b808064faa4aa3811b","ssdeep":"1536:qsgR4FlccsG7TCbzG3ArEDTgkvudNssvmp13ZUcPGZ10iS9EvlBcovGF5XAso/GQ:qiu","tlshash":"78336d05e241abab21dad174230bca3bcdd81485fea4dfb7223971f4cba55e5b03625c","first_seen":"2025-04-07T03:18:03.889172Z","last_seen":"2026-06-07T06:16:56.158028Z","times_seen":10716,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7006.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7006.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"613c72bd-5004\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Sat, 11 Sep 2021 09:11:25 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 20484\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"7facd57d474585a0c9e3b2b6d4762969","sha1":"814362f72beba19c7dfb93b8d2bc760f87a2a00e","sha256":"3bf01b8e569dbd7060d7dcb2222e7e3ebc9e42f715535df2315c877fed9046bd","sha512":"792d38344efcbcd8765c1695770be65d6576ab04463178d1f601dabec10de958a47149033fcb18f1b94a6d9ac518747b5388d488aa8ec65ecc359faa9066dcef","ssdeep":"384:pBLLZvqURTXN5npCsJ+a+UIgmoZAkVTzWKZizN/k84LL2BD0M/DoDznNDBDKwJo:ptLBRTXxCsJficWKAzNN4aDBe/a","tlshash":"ed92d0dc79b70eb61c94def118105ab184eb9b549d4380ca13e190feb897db0847fe94","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.239108Z","times_seen":4692,"resource_available":false,"data":null}},"time_used":1138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":914,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/footer-partner-b.png?wsSecret=b5d1efb2afc37a2cfa071e88a15d2136\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/footer-partner-b.png?wsSecret=b5d1efb2afc37a2cfa071e88a15d2136\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-117ec\"\r\ndate: Mon, 02 Mar 2026 23:34:17 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 05 Mar 2026 23:34:17 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 71660\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2719315283822378213\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1030 x 143, 8-bit/color RGBA, non-interlaced","md5":"8fa4598e257c780ad23c18120ccb920f","sha1":"f47c523d5212f8d1162778c0d92653c85ebc5aa8","sha256":"430a30b9c627bed3c6d3291f3300238384409647993755ebdfbb08dfc9f3c7ef","sha512":"9cfb9d95e198f3a011562ec7531ecdb5e1a548db979b94993dc1558e1432903df8b42b190ac6439958c324381d3b75cddbae9f0a4d98e1bfc202be2d5c8aa52c","ssdeep":"1536:gOePoLEAohDik4p0Ph1EfjWJMzqdNOeo2r4QLh4gjCzjZ:AphDik7EKsse2MCh48CzjZ","tlshash":"f363022c170578692500a32b636618c75ebef552334b1d53aa92e443efccb7fa73930a","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.050949Z","times_seen":5,"resource_available":false,"data":null}},"time_used":827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","fqdn":"secure.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:05.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1 HTTP/1.1\r\nHost: secure.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 760\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1776,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1776), with no line terminators","md5":"85bd0d6da97a7827f5dd676d0d1abce5","sha1":"8e66763d6be78b29791e985a0565a5c89ff08842","sha256":"f5838307e3e252edf23febea2ebe52ffdcf0250fc8b7aa1f9e8ba24f7fd939d0","sha512":"6acab59ffc6fa7ce62377efb80c7c2fa132b348c549d85e3f0cd657542a8dbe7271473c22b4dcbfebd995a8d29834733392bef6d46f9a36bd870aa50d677dac9","ssdeep":"","tlshash":"c9314173aa00c91d71748231bd9fb08e895d534e8644acf2b29422fe0ad0ed98173e29","first_seen":"2026-03-03T14:45:10.156081Z","last_seen":"2026-03-05T09:29:13.872428Z","times_seen":149,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/6.DOO3t-_-.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/6.DOO3t-_-.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWz7YxQkfEi0OkfP155hcNhQgTsUAtCgdNSPxnidynWFlJMEXVnrLDKmbxxOzENcavh2cgXHm0nK8XrMgA\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\netag: \"a8e2b53982d152df0eaec74958f27053\"\r\nx-goog-generation: 1772545407047752\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 847\r\nx-goog-hash: crc32c=AoAT9A==, md5=qOK1OYLRUt8OrsdJWPJwUw==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 847\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":847,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"a8e2b53982d152df0eaec74958f27053","sha1":"0bff986e88e2713c3d3ec2641496883eecc2acb8","sha256":"9c47463b03fb3737ba6f86f9136a8d3b45e4bb03d2bf66c53e17c6461815ceae","sha512":"1be83a22adbfba76ace6c0541d1198ee40c7784321e6e226fe100a063693a4a055d941e7824381a73264e4a0db7dfcf20febc1c75dcf2f953a5aaafba3579018","ssdeep":"","tlshash":"7f012fd938c398b0c32784cd21b899b2f57c0e4864fd40d0f5d86c8a3b221b1823aeb8","first_seen":"2026-02-25T12:54:39.727904Z","last_seen":"2026-03-10T07:35:49.440775Z","times_seen":718,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/8.Cht6u6sP.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/8.Cht6u6sP.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxncJO65x5OUmnyBA5YmfmFw-LOENq4DwA8CITTgAHx70QTDWlRztmtYk-X66QUvb-B4Fo78L2n_grgOQ\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\nx-goog-generation: 1772545407039141\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 7834\r\nx-goog-hash: crc32c=gNy7Tw==, md5=GH2ERECGKDJcE9tjQjkWMA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 2979\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":7834,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7833)","md5":"187d8444408628325c13db6342391630","sha1":"37a13e93d5853a75bd835a83e29cd20cbe313d9b","sha256":"027ed884dae6352d0b9ddf60df164bc121c2a621081e3cb6b9ac7b4120043548","sha512":"f83b2ae537323567db947720587b7463eac1d7caec8ab0aef82d13f41415c98d52adfbc82903afde21352fdd466b899ca30a8864685faaa848f9a8654816f5fd","ssdeep":"192:KZtPwLpcfZyJjChMMuTGUwPPWnhujfpwvelEgXXntXqjdA2ymTnIdwnQo322:KZtzyJKMMDUwPPWaagn6dA2ymTIdwQa","tlshash":"f0f1f8bff741e4b5e7eb88a09d1a0103ba3a1654799d8170f61c4d10a05eac4b277fe7","first_seen":"2026-03-03T14:45:10.146372Z","last_seen":"2026-03-06T10:04:31.123069Z","times_seen":216,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/websocket/Comet.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 19 Jul 2021 23:50:13 GMT\r\ncontent-encoding: gzip\r\netag: W/\"60f60fb5-43bc\"\r\ndate: Wed, 21 Jan 2026 07:59:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:59:36 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 760\r\ncontent-length: 4031\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10180812736222645156\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17340,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1008fe6a5e1a182d7775963b85405bb2","sha1":"e174a7b08cc3cb5545af1cd33d2814e604119392","sha256":"7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20","sha512":"26e07821ee1e8e94c4bada028e049df7572cac06f2e8dae958baa7a011eb201a6a1d4ed0cfa15017a3f52a0cb949343de0b33ca6da7c245f763c86d5adfb0223","ssdeep":"192:4Pf+aTbLSru4NyRs8VDv1KygOdWuTyVC3d7QPXLHOm8cSCl1Ej7bY8l7YJIJvO5N:4Pf+aTbe4M2cXzsjDUfj","tlshash":"ab721e4a2cf76086552732b90f5f64543235a8172605e91c7dcca6e08f98b7c1babff8","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.152059Z","times_seen":17446,"resource_available":true,"data":null}},"time_used":3865,"timings":{"blocked":1501,"dns":883,"connect":322,"send":0,"wait":844,"receive":7,"ssl":305},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/lang-mc.png?wsSecret=41aae57d35d252646b5fa9e063d49281\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/lang-mc.png?wsSecret=41aae57d35d252646b5fa9e063d49281\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-63a\"\r\ndate: Thu, 26 Feb 2026 07:04:12 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:12 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 56\r\ncontent-length: 1594\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5928564112271857798\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1594,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 16, 8-bit/color RGB, non-interlaced","md5":"452840f001d3a6873c0381089cbdc73a","sha1":"a21d873b131508afc085bd916d054a2ebc8c7d1f","sha256":"7143b78dbe4b923e398a1851bd75f7884da563b52347ec8b23d4cbc09df96080","sha512":"a4d90e24f9f8abb376c2391b3b7a53bda24cacebab0e34ec53c6535a8ed81ecbfcaf55eb7572166088d5f15f3c93cd3a623b2cd2e35beda36197a3794d172189","ssdeep":"","tlshash":"1a31e75da4a0ed95a149e98504f66093cf2789d0c5f5f97bb18fe01b5e310f8027d0c7","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.998165Z","times_seen":5,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":789,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-SF01.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-SF01.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760b-5897\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:11 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 22679\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22679,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"2fbcb4a692fc6b41699f7e60ecf26a63","sha1":"da35d134b38413040316f5cf1e5f76d75fd941c7","sha256":"ccdecdf7de01b3b3513596f7c4555266473805551702685e14299770ae8bed26","sha512":"6e32f8eecfb9e9cf42a34c2602bbd4bf60b3b3b9fb704149fb4d103df54f2d70d11df0fdd9c33d6bcccd8f15fbb5c5f4b4e96d2ca421d6f8b66dec1d7a69aa6d","ssdeep":"384:w+iIOcI9NEXxqiIEKIpLkRb4jYUvYJ22eZ5eO1K4vsubRKYgfy:ZitlL2xqiI37Rb4jYk2yV1K4UgRKYB","tlshash":"0da2e1ed66c2fca64b4d8b660534b4acda1384f7dd4d9afb636349308102f3d42653a7","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.164432Z","times_seen":4697,"resource_available":false,"data":null}},"time_used":1226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":991,"receive":235,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162004.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162004.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-5ac2\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23234\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23234,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"3e13039b8888276d09647d85374b54d2","sha1":"b9880d841831c3b2a77148fa05936a559b826358","sha256":"430e6c57f5fa1579a4b091e3cba702b375a88539e495930e3e03a09d1bfb9fcf","sha512":"7dc09ca03c10cf9809ffcb250b121571386c78b248e9dd0b37d167abd317676b44f9993bccf72935776cb459eebb6fdd9e4fdc3349c352aace2ea1ceaa1fd3fd","ssdeep":"384:mOq4J8I1kRcvwFPi8CCjNdx6xKeh8Xy4W+B8O0kDLF14iDUPx6ZAwjf5AHq:lVWcYFDCgNKKehnTkDLfrDUPuVreHq","tlshash":"daa2e14a47b5ba231e1669730e81ffd8d1639d982f3eb948fc4074a5c1fa2de92160c6","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.221458Z","times_seen":1719,"resource_available":false,"data":null}},"time_used":1127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":902,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5004.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5004.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d4d4143-59ed\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 09 Aug 2019 09:47:47 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23021\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"20cd47483388f1e46ed9c2304f2c60ea","sha1":"1c09b695620a64ae94ba7807a41e95733c6211f9","sha256":"8f091a2a4dd3a918c15d7692aeb343f3d8e8d673541411e74256a48865735448","sha512":"dea757eaf98c38065906f40d0b99a886cffd14b8b8118f18a46a0f44e28549c573022f0b1b42829b2056da61b3eb6c2f5fbf31a91d9c692ff23b4bbdb3633f2a","ssdeep":"384:sefPDaLgrUTAdIaIYW/fBsSY7GToVKqmJGvWbGmAB8vhe/3yR/eBA4epnnlEyB:ZDapy15W/JLrEAp+Wb3485e6NYuKyB","tlshash":"b7a2e1bbb3018fcbc0e1d6d6935b5280ca1d82c48578e987e9589f0d59764a2f8f74cb","first_seen":"2023-10-03T13:36:15Z","last_seen":"2026-06-06T14:03:14.217011Z","times_seen":2700,"resource_available":false,"data":null}},"time_used":1084,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":875,"receive":209,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/nav-bg.png?wsSecret=e1f645c5a3a2bfd7eac350570830b6b8\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/nav-bg.png?wsSecret=e1f645c5a3a2bfd7eac350570830b6b8\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-e97\"\r\ndate: Thu, 26 Feb 2026 07:04:11 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 55\r\ncontent-length: 3735\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13546167237555284812\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 46, 8-bit/color RGB, non-interlaced","md5":"da154417ed9c7eb3b411c33c62d6e636","sha1":"3581253bd131ce5cdcce00d7e8deb97efaa20f02","sha256":"64aa2a614dc85d07b8949c484b194251314084332b4cbb1cba9109c673b07e56","sha512":"7dd2a22c2561355f658d7fb8d4290dc105ef6c3d159df01d96d13a9230fe8168fb8002f8d3e09ece109adebf8cc67e5373a326a46ec3340c91bdf499ffff1fb1","ssdeep":"","tlshash":"5f714b8df400558110099a9a38fbd9074a279ac0e7d4bd19fddec11f86309b13c7a7cb","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.955549Z","times_seen":5,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":675,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/venetian117/themes/images/hot.gif","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/hot.gif HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=259200\r\ncontent-type: image/gif\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760e-a7\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 167\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":167,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 21 x 12","md5":"c248d6e4aaf73d3d7b4777a03805d2e9","sha1":"7cff9a64ec3e2b4529997cefd8df680bed3b3426","sha256":"2beb27c9dbe6c180bfa26cd17cbec3bef83425a0a4802d91a6550fed1f4836f8","sha512":"ad59a8876ef7caf7e00e504c3ed33856a5838b2c5c6ab8975d132e26d068108035f90d3c0d4bc69f017108b656d3e1a759b1a44a220bf2221d40727ed1757c1e","ssdeep":"","tlshash":"9bc08c5fe38c200ce980b07508ad2e085b3ab1f0a8ea154ea55d856da0125fe1cf6492","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.832629Z","times_seen":7,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-fc8b\"\r\ndate: Tue, 03 Mar 2026 07:22:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 06 Mar 2026 07:22:11 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 17446\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12171035938764065485\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64651,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64577)","md5":"b5bc8cd626b389bde727a91e6ce79436","sha1":"3df6c39300ac286cf596b3bda273cb39ff825429","sha256":"a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e","sha512":"2c1dde58ce83d9b716919dfc42602aef3022be012b3f92e61b17b674303ecbf0b9d308064b6d6c2443cf3e3dfd36bfb332eab62e64b56bef0be801e6f4610f12","ssdeep":"768:CwJl9VwAdGuMbJVAOi9ee9RjOEe1sdMv5rjITry:Cxb7AdRjOEKhHay","tlshash":"9553a7cd7522346b05de5235d18b4b4a623a9857730b90e4762c8cf46d29bbaf223f7c","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.168197Z","times_seen":17618,"resource_available":true,"data":null}},"time_used":2308,"timings":{"blocked":1468,"dns":0,"connect":0,"send":0,"wait":576,"receive":264,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 27 Aug 2024 03:30:00 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66cd4838-6caf\"\r\ndate: Wed, 21 Jan 2026 08:09:20 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 08:09:20 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 7746\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6302920480859454518\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27823,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (27668)","md5":"9c41709c2b64126b909c101a27f39153","sha1":"4ab666b36c092577acb41390ad90e96d5fea7711","sha256":"c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60","sha512":"f235dccead15199e58495c6faee849c50252b9beed29a04ae46a7a9bdbccfd569a8ab452e7fcf923b7048dfda0c3d7bd51261874642d40e994d1640ca89e330e","ssdeep":"768:u4ygd0iB6d9zYDO5qYT8fwTW3Jny+XiKZNtrt2tG:NB0iB6d9zYDO5qYTMwTW3Jny+jrP","tlshash":"e6c2b7093585102f4ecf30fbb897524f72ba95a45019a069b5fca4d1bef9f8530a6f38","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.146855Z","times_seen":17422,"resource_available":true,"data":null}},"time_used":2041,"timings":{"blocked":1465,"dns":0,"connect":0,"send":0,"wait":569,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 27 Aug 2024 03:30:00 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66cd4838-3a09\"\r\ndate: Sun, 15 Feb 2026 10:03:20 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 18 Feb 2026 10:03:20 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 4126\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12593419480410411969\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14857,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators","md5":"4fe7dadf050dad2dcfd386d21b880281","sha1":"07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd","sha256":"aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9","sha512":"9da40e5132ece9fe346f27aa467b2496545c84197131c633e5b1ff1f641ece723440ec0289e82d7948b85bcd901b9e3eb6e36f8e0339ae05e4a32621e895accf","ssdeep":"384:yC+tJn9Dbvbf1P3QSBxDrdiewZnnoTW39if+04xSlR4nbiamdrjNfrzInGINYlor:NWJnlN3QSBxDMewZnnoTW39L0MSR4biK","tlshash":"a762954d3a9514bb4adf31b770ab204f767e8800852c91c4bdbca0d166b5ee072e7e6d","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.206294Z","times_seen":17488,"resource_available":true,"data":null}},"time_used":2040,"timings":{"blocked":1464,"dns":0,"connect":0,"send":0,"wait":569,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10274/1754661374479.png?wsSecret=f9ef72e6cb541d28f213b75bbc3831eb\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10274/1754661374479.png?wsSecret=f9ef72e6cb541d28f213b75bbc3831eb\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 08 Aug 2025 13:56:14 GMT\r\netag: \"689601fe-22026\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 139302\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15627759105925681258\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":139302,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5ec3ff74f733c08218ffe8847b9b70b2","sha1":"1b73b281c54f4eb3554ffe9039217c89f6b43eab","sha256":"283bbaf52612fc61f092116dc4b17e900b343b8b628fe1d71658537d2fbb783e","sha512":"ec82efb13e8a2246b3469707b9dc34757bc069b6d5da0b44377fe324afd5f1f2f2077c166f7dd357ab2daea99871ae9b696309a135e3069d7c0415d409e227cb","ssdeep":"3072:9d3TfnZOgqkioq295o6Bfze8z0RULwXx+xoUiVA20XyUtHz8F:n3DZ73iv29W/60RWwXwqUWHmHI","tlshash":"52d3121840d49e1c90314a3b5101976b1596d7809936fed4d706bffb5c9e0cb3e692bd","first_seen":"2026-03-04T11:45:34.539084Z","last_seen":"2026-03-04T11:49:16.990659Z","times_seen":4,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":285,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HM2D.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HM2D.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"69672fb9-5900\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 14 Jan 2026 05:55:05 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 22784\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22784,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"f8810ce5fbb0cac8d6cfe2fd191e72f5","sha1":"c9731c289b49ba4ce429609432c3071cc0c75362","sha256":"6b6f72b56236d338edb167c989f0cc5f5ee4e87359c7e2efe0db129e108580f4","sha512":"34bfc60da2064eeb78e6705db8a80a22b26b721ccb2b566fb4b0a9046f122644f7f7f84dc9603b86884c51b86ac3dc61b0c1f8e2ecac419102f8154d513140d6","ssdeep":"384:O2ZXzjt1fwrFwjyPKPWuLPdIHU18WU+/+R2mn31VEO7LFfvbB8CAqdRGK7yyR5mE:nJXtRwrGjyyRLPK0eWU+/QlVLF+CAqdF","tlshash":"e8a2e0d908269abfac8e32d129ef02d95d5129bbf3d1dfcc30c61cb7b697240069258d","first_seen":"2026-01-20T08:54:36.855975Z","last_seen":"2026-06-06T14:03:14.183564Z","times_seen":160,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162002.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162002.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-5343\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21315\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21315,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"be7bafd85b8f4bdb045309e63b057848","sha1":"a7ed6c7e598844de39657e89da7facee6ed6b1b0","sha256":"4bc7e61859cf957d6bbf6bab7636181cf6d53cc6f7e9a8563d28625a845913f2","sha512":"3680451eb3ea6f2c0f84a1a1fa2d44e987b0109652be1e8b0038546b45cf2aec7e603ead6c95ae2658bb5781913a7b38dfdeb4ce22411c4dad1e23e003c915c1","ssdeep":"384:rHjC16+4MLdoWdMBxoYCYAc6HRQu6s6Tf0RrM8iHMtZaYIhHRn4OS1CCMd:jjCsyRoWuPoYCYAdITsiHMtZQIkd","tlshash":"d7a2d0b7c80e79ce7a0a9d9967e9b05546726de664836b42002176e14fffa83e032dc1","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.215907Z","times_seen":1719,"resource_available":false,"data":null}},"time_used":901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":686,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5005.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5005.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d4d4143-555a\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 09 Aug 2019 09:47:47 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21850\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21850,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"2acb631ee46633c2bb57645aa0062b24","sha1":"7ebc60e9519805119574b600d0400278fb02ea7f","sha256":"c026010b4e9ba86b7dd1670e242e42a1e4fec0547b7fecc3b37feddd0c21d46b","sha512":"5086e1c163e9f210f1a5aff83501c34009beac3944e1bdfdd29e2f1f5eb0802025c1c4aff8bb2932b250a58de59c37780d0b499a7b6c7ca99616a622396c6aa4","ssdeep":"384:JfrRGxr1nBE1sTnUIFFLBM7tmboLgUgE9TrK1kaZK+juAn3zmfOZ4rWYSTU:drQxjisTnUIFFGM0LgUPRKKyuY3zEOZ8","tlshash":"c9a2d01d691dd81dc23b229f64fde6840ce957adf02706bfc24678b30a543acc4fa61a","first_seen":"2023-10-03T13:36:15Z","last_seen":"2026-06-06T14:03:14.248824Z","times_seen":2700,"resource_available":false,"data":null}},"time_used":1094,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":876,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/info-list-1.png?wsSecret=1208be7228a2c7b7624186e746351f59\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/info-list-1.png?wsSecret=1208be7228a2c7b7624186e746351f59\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-974a\"\r\ndate: Mon, 02 Mar 2026 05:42:29 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 05 Mar 2026 05:42:29 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 38730\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4049716681741965421\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38730,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 206, 8-bit/color RGBA, non-interlaced","md5":"4b62820d09e997381ec55c597d602183","sha1":"f108d2d0d596884f806e300d0b6c713a7be8d8ad","sha256":"3d248bc349df2b1dab713f143cb62d8d606f8208e54969f92890a45158049657","sha512":"9b002ac5bc7d9bc153e123b733ac6dd75149464ae9fd5c3acc2ac0e923111e049d2869e66939bfbe67d688ff812a7dcb17ef949709add4fa9fbc3b9758609a44","ssdeep":"768:WXKKkIXAQ8Uq8kFlC/yzw24LFlhLe4SlFofSs/pRCBHDLI/0wethvPV:/IXAQ8UqRFlCn2yxzfj/p2I07t5V","tlshash":"ea03f21abbc42a41311a5300a8b5721a9031e1e7e65f58dff12da67d4f98fc322bd4bd","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.88255Z","times_seen":5,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/b2.png?wsSecret=13d48d703e946ded48d67fcd4887162c\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/b2.png?wsSecret=13d48d703e946ded48d67fcd4887162c\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-19c03\"\r\ndate: Mon, 02 Mar 2026 05:42:30 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 05 Mar 2026 05:42:30 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 105475\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 11272700489012587859\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":105475,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 510 x 318, 8-bit/color RGBA, non-interlaced","md5":"abee7a10755e1391a0f42d6136b728c7","sha1":"e5a188358e7f45f937a74bf487008f4af3787267","sha256":"dc49c81393fc4faab50421261701f671230952e2e251bb1809edea256a9f08f5","sha512":"1fc62196d8936fde7b79a76fc1ef7a7086f43603a7e15fa14fd5fe8868cb08982be624308d5187c222adc5d50d692d8158abc8df2b2b3d77e43bfa07709033be","ssdeep":"3072:ootDW7cpQ/oFtCchhRB7NlUOnDRMFTVirBeWk:ootD2IQQtnHRJNlUuOFp2G","tlshash":"84a312cc52cac996096186ff101cc95ab13552f4217f487aa7ac7f404e5f218abf8d26","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.027758Z","times_seen":5,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":662,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/3.B2M_fyvk.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/3.B2M_fyvk.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWyZpq7f-qyi_4fTQsrUBFtmYj0XMBt3o5EdJ72NDY-_8ThCVEtKp-ZqY5lFsncgrQ23i_EgiApGYbFEUw\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\nx-goog-generation: 1772545407081332\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 138438\r\nx-goog-hash: crc32c=6dyE0g==, md5=j8K+zsm7tawGmqNEaLdiFQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 43576\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":138438,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48033)","md5":"8fc2becec9bbb5ac069aa34468b76215","sha1":"8a7dc639ebbfd8beb2ad59fe57b9a63b7a7f18a1","sha256":"570206c6c8ec5a0c0eff5a74a683a6dccbb08a24a5919ffc5be31680c27b4757","sha512":"72dd74a528d7ac7229e3f599a179b34d74f2eeebe24cda1598736c8c8e49e328094a505b12c562e554f5f4784d224be797a3cb95bb794246ed2d9f95cb4b3281","ssdeep":"1536:vgZQUuQC6WDvhFCvB0Hx6J+vXlKAwTwH7nDPWnYlkChX8qg4JklHYD82:vgKUuQPWDvhFCp0UcDOnA5sFikRYD82","tlshash":"fbd3f8e83992f5626bf312b700af5817733c192b280c4990a211fdddb5b845ea17bf9d","first_seen":"2026-03-03T14:45:10.188122Z","last_seen":"2026-04-09T10:49:40.066961Z","times_seen":977,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10292/1767291105045.jpg?wsSecret=cf6e5b811c4acb6bcf003643b8519354\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:05.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10292/1767291105045.jpg?wsSecret=cf6e5b811c4acb6bcf003643b8519354\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 01 Jan 2026 18:11:45 GMT\r\netag: \"6956b8e1-635d0\"\r\ndate: Sat, 28 Feb 2026 18:10:44 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:44 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 406992\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13571853101118087434\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":406992,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"56493e2baf79648b5d8ead02a4155724","sha1":"4d77eb5d4686dc418f9171ec4f31ffedc494731b","sha256":"54c2e321ab74d81422af0b03bd6a934382ec605fc727a7a3aaf772ff5cb98b00","sha512":"336a24c378688ac0b807df38865b1ef2b2a9940fe2b08f3cba599bd544b3a95c258043515396095c62f87d927b82e44866c776dc0c221b6a04b7e91d91e50256","ssdeep":"12288:5vUe5dV32pGCBYRlKyupGYmZ7e/3U+TYS5:dTJ32TuRZuwYmg/jTYw","tlshash":"568423d4c7af305a172bf934b1d55a78b2e764eeaa810c2910dc89d7dcc81117adadc3","first_seen":"2026-03-04T11:45:34.544753Z","last_seen":"2026-03-04T11:49:16.957678Z","times_seen":4,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":277,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/images/favicon/favicon_117.png?wsSecret=cabd45f7d701f36675f04f8431496e85\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:06.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/favicon/favicon_117.png?wsSecret=cabd45f7d701f36675f04f8431496e85\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 11:45:06 GMT\r\ncontent-type: image/png\r\netag: \"6311d300-7b6\"\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 07 Mar 2026 11:45:06 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\nlast-modified: Fri, 02 Sep 2022 09:55:12 GMT\r\ncache-control: max-age=259200\r\nage: 0\r\ncontent-length: 1974\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6158865688632861722\r\nx-cache-lookup: Cache Miss, Cache Miss\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9699af5814fcb90de9d2a1aadd94c2b4","sha1":"856e056f2abbd5fe684403a04796844b5ea1bc30","sha256":"b058e5ef978021c6c750f376cb2cdc302182dffb5b50116c0caf52b771ff4561","sha512":"a7d23d52373c576fadc10ce0020af9812552069633f1abb9f078cffd27132d323206594cc83087b098901e9e9827ff70bacab55ed958d7ab39bfbd385dab81fa","ssdeep":"","tlshash":"aa412ac32ab027a8669231321383896a4f1f99121fd2aaa713d7c0f520f952e90c3ec1","first_seen":"2023-10-24T19:57:08Z","last_seen":"2026-06-05T04:33:26.304494Z","times_seen":6,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":582,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10300/1772376927751.png?wsSecret=cd75731bd21bb7c6f789490f54beb273\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10300/1772376927751.png?wsSecret=cd75731bd21bb7c6f789490f54beb273\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 01 Mar 2026 14:55:27 GMT\r\netag: \"69a4535f-1cbb2\"\r\ndate: Mon, 02 Mar 2026 05:42:30 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nexpires: Thu, 05 Mar 2026 05:42:30 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 117682\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17841036945037075480\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117682,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b62ce44d39d1332e1d18898b7ef075b7","sha1":"fba8c9c3c87a6f677971e93e923acb32a2613ba5","sha256":"5da981c70b04992cc100aa305d20d651a2d075de116533386720f6a204954bc0","sha512":"25b11f79d2ff9943fef47dfbdcf97a2b655200233504c2fc7827d3d2ab4d32ce8e60da5bc2a067139970acc6b67afd49d830dca37cbebe4339b98a0702cb1d2b","ssdeep":"1536:osFJCnVeuD0dkY5UDlxF+oT6t8IXGw7z4eeUf77w6JtfVPCnCARNMv8J60CupgBV:PIeq0rcxcoYr77TJ3beN4264YWM0fBlu","tlshash":"75b312634a0c56037b866dd3b9cba2247c596e7a47d0ec13cc47d9368cb123a6d6f2e4","first_seen":"2026-03-04T11:45:34.55296Z","last_seen":"2026-03-04T11:49:16.828352Z","times_seen":4,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/info-list-4.png?wsSecret=264ad93ceb2ee81ff7d873575a2c2162\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/info-list-4.png?wsSecret=264ad93ceb2ee81ff7d873575a2c2162\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-7d28\"\r\ndate: Wed, 04 Mar 2026 11:44:11 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 07 Mar 2026 11:44:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 32040\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13916283464243986650\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 206, 8-bit/color RGBA, non-interlaced","md5":"8e754d97052be1cd429a6dc0a01cab0f","sha1":"426d4c0db821c77adf48b8d31921d175b16e7c09","sha256":"50329b667a57fd8fd11054b7788bd114f8936766bc82a1119b8ce82e4f961620","sha512":"b46cd80f6ce316217990419872841be97e230ba0bb6fc7f63f26e7061c7bd2e003b8363e7e22170b2c8f8ebe0320e37a2dd7f1a6d40512157e2f6c27a14573f4","ssdeep":"768:W4OUOAsLrjiqer21jkHq6vUG4X73X4SR3S:QEsjiJWjklUG4LXjZS","tlshash":"20e2f195f4c5557aa01f6a4f99acc25717bef0124b28f9285c0f0829c9e09ec28b32f7","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.030823Z","times_seen":5,"resource_available":false,"data":null}},"time_used":630,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/b3.png?wsSecret=580ad9374706cff2b6a5ec0d0012c034\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/b3.png?wsSecret=580ad9374706cff2b6a5ec0d0012c034\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-363e6\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 222182\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5935617406028198264\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":222182,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 510 x 318, 8-bit/color RGBA, non-interlaced","md5":"7378bf591441f2f96dd041c1ae280d81","sha1":"f6c31a67cba238c85e7e79783fc4df465bc5d173","sha256":"ef1de23c48ae63772d1f057e3b2f61d62e70b7bc8d80604fb4fb08743e2e4259","sha512":"4ea2443c3783be7d7f924c29ded95ca4e7e2314f34c5c5dc559ed35f08ddfe7d23bdf7cf059a9d25cb62712dd603517fbc2fa7979915a2c32b938ac82c2050a5","ssdeep":"6144:n8ZnKPfozW0jynPTn/B0iD+fzLjjwrj5Ke2KxIu/:8ZSfPPTn21jsBQm","tlshash":"e024239d1a816ae4738d917886fbefdce038c9ba217a21cddd4d8248858e42c4d47dec","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.901203Z","times_seen":5,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/b4.png?wsSecret=3a7bc26d19fbfb5f40c8ad6a9e136623\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/b4.png?wsSecret=3a7bc26d19fbfb5f40c8ad6a9e136623\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-2e98e\"\r\ndate: Wed, 04 Mar 2026 05:04:22 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 07 Mar 2026 05:04:22 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 190862\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3747743755755097562\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":190862,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 510 x 318, 8-bit/color RGBA, non-interlaced","md5":"9bafb1bcb6d4d5c88bdb49e3adab6770","sha1":"4946655e840b97c5bdb940174550bc8ce4bfcb4f","sha256":"b84585147c8c2d59dca05bca34cc30815cf91da406c73cc50863f919287ec88a","sha512":"665d3f0abf480c69a37ed82ce02b3c2d7657a8dc3110a899f5b251d09cbc5056d96e7582c85a32cc9e2727f5f8ab67d3283b47ecb98d6794155a843af5b1d7c5","ssdeep":"3072:L9n+mlJkmLmuSJL0QQrIlORT3qzJpWuod61vVVfK2xqLf084tKqTdK2/sO4CZYxG:lxTmtL0f0s2lpWne7SGN8adK2UO3YxdE","tlshash":"2c1423566802a1054a1c6cce493205efed187cd548b77e01f570ee7cab7b2e22c59dfa","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.004446Z","times_seen":5,"resource_available":false,"data":null}},"time_used":650,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/floatImage/243/1735610892910.png?wsSecret=02b54ef4bb390ca41c4c92b231949b99\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/floatImage/243/1735610892910.png?wsSecret=02b54ef4bb390ca41c4c92b231949b99\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: \"6773520c-757d\"\r\nexpires: Sat, 07 Mar 2026 11:45:05 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\nlast-modified: Tue, 31 Dec 2024 02:08:12 GMT\r\ncache-control: max-age=259200\r\nage: 0\r\ncontent-length: 30077\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4672002291168967877\r\nx-cache-lookup: Cache Miss, Cache Miss\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30077,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 135 x 276, 8-bit/color RGBA, non-interlaced","md5":"68c43c0e27a7e027e341e5651808f6cc","sha1":"7000d1bb4a074bb9563645a7a28a856c9dc40248","sha256":"5a4d15024b2d7701062bea84180f24e5ad162f1d1193b90ff473682a46f83a5d","sha512":"7d420762bbe09a1ae3c54b30e4089f439edfb7513d7c1895a629793becec74446d2140065683d407574945c54ec995b574de18c7f66ef8e3e8ad9e17e19e2bbd","ssdeep":"768:rUf9S5VXWCuaS05hPqx2l0th1okVNQc8I7XUJ8/cmpY:gf05hJXPqx2mlVNQct3pY","tlshash":"a4d2f1136ec51df4e439cb776df91c72b262476ad05e31a212a3fc77875200c1ad1e8a","first_seen":"2026-03-04T11:45:34.558609Z","last_seen":"2026-03-04T11:49:17.055557Z","times_seen":4,"resource_available":false,"data":null}},"time_used":875,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/themes/hb/css/pc.css","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-b5d\"\r\ndate: Wed, 21 Jan 2026 07:59:33 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:59:33 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11878\r\ncontent-length: 911\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16451589613470979680\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2909,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1da71520b7a0a61526a8fa8d0feb40d1","sha1":"ba1bf69dad8783563328054cae58ccabf1b00829","sha256":"5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d","sha512":"d1cb92160523c231c4942f27c018bd3b30f89fc60153e23eb0a49d0696c896b0904ebe5db7cb97a0686f656d04a58f3ccf8fc0f09f2be703fa8400bd3270dfa8","ssdeep":"","tlshash":"d451dd305a02b1aaf42ffa677420874c2537004373169b3e72fd7ad1cfca9696136ad4","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.189969Z","times_seen":17222,"resource_available":false,"data":null}},"time_used":2046,"timings":{"blocked":1463,"dns":0,"connect":0,"send":0,"wait":576,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/layer.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/layer.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-55f6\"\r\ndate: Thu, 22 Jan 2026 17:45:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 25 Jan 2026 17:45:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 7599\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8108364021318652878\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22006,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21910)","md5":"cb96339625e9d456e32f86cdb3c7a7a1","sha1":"1301165c58bbb13c542cba493b7ab5774e87e31f","sha256":"17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919","sha512":"53083bf4d6d450b1e9402c3f3dc40fb3434a27d47fbabee51f4ce1d3577f2a0aabe90cf5f6dfc22830a3878ec7552a6bf6bff605c82a4f832c79f34f7657ccef","ssdeep":"384:r1dCih92A3DgrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:r1YiV3D+WtXItqF13k8","tlshash":"6aa2b76a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.182072Z","times_seen":17434,"resource_available":true,"data":null}},"time_used":1741,"timings":{"blocked":1469,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7003.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7003.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760b-19a6c\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:11 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 105068\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":105068,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced","md5":"c421c976cf701cd806a7ebeb8575e0a3","sha1":"cb84123cde62bcad60f34b5a5703f7bfafca1906","sha256":"e797e57325c453e7ca7e56e634ada214b51ab9298ba5aea4d183fea859857d60","sha512":"53f7ca78e3d21f514fb295dff701f97780116737b13a3a67ee451af97628ec69b7179e6378be405ccb9fc0c9c6e5b993bafe887b61228d5d44128847e761af52","ssdeep":"3072:e2a9nzdBKrnTlMqXjg1VjDyO7xnqWUu70I4ijJ:2zQRM0Sv7xnqs0/A","tlshash":"e7a3128de8695ddb47e2fbc1808127741003ae97204aec78b66d78b606f1e51c7e8ae5","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.207502Z","times_seen":4693,"resource_available":false,"data":null}},"time_used":1353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":703,"receive":650,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/4.C_rgEAoe.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/4.C_rgEAoe.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWwnXVf_8NbxydJ2YvTMiD6mZpHRWoynw8fGxuarBDncwMTKjAwewuZWbkQ0NlwRP0eMHcgZLviZUjbw\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\netag: \"1771376dc07da48b3f03339d86d57b7b\"\r\nx-goog-generation: 1772545407017531\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 193\r\nx-goog-hash: crc32c=C03sAA==, md5=F3E3bcB9pIs/AzOdhtV7ew==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 193\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"1771376dc07da48b3f03339d86d57b7b","sha1":"a5861ebfff23a92ccd1ce6b8a517b6f877d50a63","sha256":"6e148df31d721a0ff08563f2d676751786e01418c86ee54ee8f0e88aa46ae26a","sha512":"6038efed0774fd61c7bf6558d3ea24ccebfada1041fa2c1606263a19f8700043a18f6e368ed550fc61f644eb7b81f8cac01498f30cc56a103295911b28e436b0","ssdeep":"","tlshash":"afc022563060f3a502bb0ed00033e02af32a402cf0ebfa80a65cc4f020630530a26b1b","first_seen":"2024-06-24T12:34:02Z","last_seen":"2026-04-09T10:49:40.045057Z","times_seen":23532,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/bootstrap-dialog.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-4ea4\"\r\ndate: Sat, 24 Jan 2026 04:26:28 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 04:26:28 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 5007\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7152505188278698216\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20132,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (20132), with no line terminators","md5":"5ce8851dc823429a42ab6147554403cc","sha1":"28f381f0e0aa4f5d56690e65723bd97fb59a38e6","sha256":"dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811","sha512":"f42a4d48c666d9c78fcb6c6061141452899085c504bf15e23749611dda00b6913e75ebbe47ca436a2ed016175d0918f193e474f13974a2f6a5304e18909a87ee","ssdeep":"384:3ai3F3N3VKUINthDa7Vnq86z3JCDKSz1m0hMtkJI2Cg0WEUOv5Dq:T3l3INthDu1YCDKS5flC9m1","tlshash":"6a9261ccb2d9b54c47abe072143f200df03a996951496119bc79e9ebecf060aa077f79","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.127441Z","times_seen":17542,"resource_available":true,"data":null}},"time_used":1742,"timings":{"blocked":1470,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/bg-top-input.png?wsSecret=924aadfdff17fed99a38243e4cec5d8b\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/bg-top-input.png?wsSecret=924aadfdff17fed99a38243e4cec5d8b\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-65f\"\r\ndate: Thu, 26 Feb 2026 07:04:11 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 1631\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12030233886352534448\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 182 x 28, 8-bit/color RGBA, non-interlaced","md5":"0cb0bd97a516e0d6551631cf23fb259b","sha1":"9eb003aaf21239bf2ad9eb1d2aa487d905070a85","sha256":"29030ce6fa26ceaca5e32ec4cc6c196dc3a64ec6e85eb071fcb84d59529491d4","sha512":"1c05053adbdd721a9bdbfa94e70382700e61232b3986b9689e597e0a07c9bee0c284d5b9377db3235dc385e9783fb52963c382b57d1c978b6ced4341dbe96111","ssdeep":"","tlshash":"94318844b611b95162c8da9328f74033654fc880e2f4e89cf9dac4565c512ff88ed9df","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.950787Z","times_seen":5,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/btn-login-bg.png?wsSecret=3737eef937a11801426ccbe0507cd90a\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/btn-login-bg.png?wsSecret=3737eef937a11801426ccbe0507cd90a\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-573\"\r\ndate: Thu, 26 Feb 2026 07:04:11 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 1395\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12899933699381318831\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1395,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 143 x 26, 8-bit/color RGBA, non-interlaced","md5":"31bfad962466adef187e00e190d03ca9","sha1":"d46575984d8232dc59138dbc427295ca5ae266c3","sha256":"f4590bd97ebe18d6ffd99dea439605d3e136ad69c1502bbcb697f3c4e3a42c26","sha512":"33b96cd3711e0585c0f807c9249e43bc4d266c8aff262190136fcaced60528f6477f500f0c50a4c66a0b7c2e1fe7ae41929ac19c1854d0e9658f55a301d9aeea","ssdeep":"","tlshash":"c521636efd74388b21c8938324ff92734c624c4485eca06e6ddec8535da41b5841e6d7","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.951565Z","times_seen":5,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":687,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/themes/gui-layer.css","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/ftl/commonPage/themes/gui-base.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\netag: W/\"64ddd5e1-c760\"\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nlast-modified: Thu, 17 Aug 2023 08:10:09 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51040,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (489)","md5":"858eefc3fa70af7d0115c901908471f5","sha1":"29c181bbbc09a424f7de7cb57629bd8a9e3c679a","sha256":"9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf","sha512":"3731234bfa0b2abf45883da0ab74960a77f167dc158f4eae4f9c58293bfe6ccf322fabdbd4100bd5fdba0f463cbf18ba44d89b0bed695b65b8edce7edc9441ec","ssdeep":"384:RCEe+wekUqKrIQycnvqP9bQmAJS0OuaIHmOKpPg+2fF93sJJ:RCf+wekUqjpqCP+OuaIHmOK6+2fFVSJ","tlshash":"67330d22a16816cd7156eac8705dbab7b7fc8c02e21717bcf8ab304fd28d5439476a47","first_seen":"2023-08-17T12:06:57Z","last_seen":"2026-06-07T06:16:56.153907Z","times_seen":16305,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5003.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5003.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d4d4143-5211\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 09 Aug 2019 09:47:47 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21009\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21009,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"a03861df13ee208fcb22c604bc412484","sha1":"9d5925012e3eb16bb86bbe0b0febd3941847172d","sha256":"a9a4c50c7e2f04fcfdf467f4b3a6697a2a359c84000b8e38c1b5e3ab3115ab8d","sha512":"13d771ae1068d6b0ebb314bab1bfcd6fd881e911640041c15984c897b8ef7f8b96232980993a786e5ae56e6a34896fbb0db1697c9f7083522473009e19cb026c","ssdeep":"384:I6FuA+Y0vZjiTmMImOGEzyhXka81T/4f8hrG6oxdhVgExWJVnqMhkZa2t:bFuA+3tWmMXzESDo/4f8hrG6oXkExqV2","tlshash":"f192df0da2d45d4cb427cbe90bcd251882a2cf92a0b895ba5c3ed718fb5e641bcd443b","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:03:14.230351Z","times_seen":2700,"resource_available":false,"data":null}},"time_used":1084,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":872,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5009.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5009.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"65dd503d-5bcf\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 27 Feb 2024 03:00:13 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23503,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"a838bd44f3219c2da8d802049a368871","sha1":"56a1eacbfcc03256d8890dc8c24d616eaae6be10","sha256":"ae6f7920d6589965170f6995ef03b30cf9148e5cf3c2706dc796af4b4740ed16","sha512":"89309b85c7e746d93b44368079ceed45760d33bab37e5e18afdbe039b162fbe1983cb9bc1dc601d8ad4d824aec93c3c2390d083b6455714f619aa142d9c68d91","ssdeep":"384:XDYJIIuzMnyi/RI72+WAiSUvXNNVWmyquIpJYn6BgR+0jXjSmDUwU/zghA17I:2LwMnDRm2KU1Nkmy2p23R+wOmRighA2","tlshash":"04b2d0e38f1245a2ca7dd9e78ba31d658ca21e20054f7008b8acf0236777905dfe235b","first_seen":"2024-02-29T04:53:54Z","last_seen":"2026-06-06T14:03:14.243609Z","times_seen":2265,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":868,"receive":240,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1772438913332","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1772438913332 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 05 Oct 2022 09:40:30 GMT\r\ncontent-encoding: gzip\r\netag: W/\"633d510e-7fd7\"\r\ndate: Tue, 03 Mar 2026 07:22:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 06 Mar 2026 07:22:11 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 759\r\ncontent-length: 5207\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9859070858699936087\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32727,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (801)","md5":"a55780dc13cbf1a8d375f14ebb659cf2","sha1":"9548cc269bcde0dc48e166fa6bab37af8a649e57","sha256":"35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8","sha512":"3514366118d038da9131739e4557dc5fd92b8b7d3a27af00a7c2d8f4cfd49f4932991cba899fcc8171ac59eb356b25e717494225912f37d65600305ce2d3ace9","ssdeep":"768:WqBveMjZ1oE/eL8hhMjm9a1hI4vhej4pZ:Xpo5GhMjm9a1hI4vheUpZ","tlshash":"cee231166b7701e2916b71e10e4f9a083174952b5a87ce08bdac92e09f18d787373ff8","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.153035Z","times_seen":17743,"resource_available":true,"data":null}},"time_used":2134,"timings":{"blocked":1314,"dns":0,"connect":0,"send":0,"wait":576,"receive":244,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/slogo.png?wsSecret=1968e79a9633a9bb4042cf457d98e137\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/slogo.png?wsSecret=1968e79a9633a9bb4042cf457d98e137\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-38c9\"\r\ndate: Thu, 26 Feb 2026 07:04:14 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:14 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 14537\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4477633739649936120\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 270 x 67, 8-bit/color RGBA, non-interlaced","md5":"de0bdff4829810e9f48d7ea35ef3d3a8","sha1":"f145ed340b815f4db1371027f29b01b42d900c15","sha256":"c87bf613d170581c1640e7f26cdb55dfd45a962704e73887dbefa93221d435be","sha512":"babdfa4e3f3e3a910eef87c4be44e1deed8b1059a3e9e607329a4d0d52c412963b1d2938cd061e40ed6bfaf52ac87d424fb7c9a6dc8a7a959f97ee6efa04cb51","ssdeep":"192:3wwsZLJ7YURIG0GdER4dCzyA5Iovyysraor66Cvb6g1CTA3JA9pRfu2kxstWfAfJ:AndiUR0edy15x6i1Ilkxmf9RgKcW","tlshash":"c462d0ceb86bab57156284fcec686b37010a2f387ab89526763f477d4d21104e3c5d3a","first_seen":"2023-10-13T06:39:30Z","last_seen":"2026-03-04T11:49:17.058321Z","times_seen":6,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":902,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT01.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT01.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"64d9fc50-64db\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 14 Aug 2023 10:05:04 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 25819\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25819,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"f7637fd9fb8b0dd130560efe9dfcc5ac","sha1":"c6a6b30f73923175a88fb0c5685c7943ef934c2e","sha256":"a647abf9fc56228cf6ab783115c113b35479dce89ff1dc4db61efb0bf3234cb4","sha512":"d87b6f9073ace7ada6f23f143037ed21ea15c06e0312ab9c9e20172b330e9c97c0f9142b1b6431cef0c2c5c259466e29d9043209f05cc11d4750a0bc81450275","ssdeep":"384:+CqJZ1yosonzml3h/CojrZ3vXUzFcUj7e0LmcU8nnzFFhoVFiD30j:+CqJ9zml5TrpXSf9U8nBcVFsO","tlshash":"38c2e198417f3ffc8b04cde97114d14e73c43a8cba681895ec9f57a077a275a2016eb6","first_seen":"2023-08-15T12:01:22Z","last_seen":"2026-06-06T14:03:14.259072Z","times_seen":4512,"resource_available":false,"data":null}},"time_used":1216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162003.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162003.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-67ac\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 26540\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26540,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"99e82870b0baf90029a4d62dc4573e62","sha1":"64645c295fffbf0bc19d695c153eeb1e9316df5f","sha256":"28f9aa79b3dc4ac0ceed9e09c33e35e518242e5bd72acc8fd5ccd4dbbee331d2","sha512":"fde1a956eeef151874b308a4ecee040ebe8f1592fcd7d372976c9421010855e5930de8499b6c4fb2d0657f6507b2b805391bfddf9d6e19bf0b590619e10f8557","ssdeep":"768:UvJF+Jn5jYJDv1RudRvNQdM8wtR2oEuSI:Ueh5jYJr1Ru/g1uZ","tlshash":"9cc2e00e4462f798bd6c3a20bad4b6b0630623d5fa086551f2d0764dab1f12764cf6f7","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.26297Z","times_seen":1719,"resource_available":false,"data":null}},"time_used":1134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":912,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/7.qYTqns9Q.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/7.qYTqns9Q.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWyuZvwTLoJs6PziGY6XMSYniDwrve7z-dVQKWf0OuwGigcB6zimX5feuuH2rrBGfNfWGLE9DdA\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\netag: \"d541ce2d754402b833cc65b76eaea2c6\"\r\nx-goog-generation: 1772545407041597\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 40\r\nx-goog-hash: crc32c=jQQqwg==, md5=1UHOLXVEArgzzGW3bq6ixg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 40\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":40,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"d541ce2d754402b833cc65b76eaea2c6","sha1":"c36a92a0f5cef497ce42b1e8b4c72c8d9bd3786b","sha256":"80353503e48ebf6c2ae9f70184d3e758f64bacf48afe147e039df807509200cb","sha512":"f8cd5cc49f9276c580419958bf312ee0a311194fd41d116ee709e56401d769511700031ec9f3e6151f8da6b7e13b16e374a231e31cb00b92413ce5c751c2a0b6","ssdeep":"","tlshash":"f090044530d334753111111c453f5c0551144c4c05d55730c010d5551f514f4571fc4c","first_seen":"2024-07-04T09:32:22Z","last_seen":"2026-06-07T06:28:14.454447Z","times_seen":29834,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T11:44:49.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wnsmm.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://wnsmm.cc:8989/\r\ncontent-length: 57\r\ndate: Wed, 04 Mar 2026 11:44:50 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":731285,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T07:09:49.261984Z","times_seen":16206673,"resource_available":true,"data":null}},"time_used":1182,"timings":{"blocked":481,"dns":52,"connect":213,"send":0,"wait":213,"receive":0,"ssl":219},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/061410/rcenter/common/static/css/gb.validation.min.css","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 05 Oct 2022 09:40:30 GMT\r\ncontent-encoding: gzip\r\netag: W/\"633d510e-2d52\"\r\ndate: Wed, 21 Jan 2026 07:59:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:59:34 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11878\r\ncontent-length: 3788\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7212432845584103449\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11602,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2295)","md5":"12630e8fd95b53f705159b9cd1c2b372","sha1":"1be26841536b82ff280211796e9de339c642795f","sha256":"2c0c712726319f142f14ea06ccdba0ddb9f880571581ab1d0c193d4083a5baa8","sha512":"3084c7d3f917e379235e29b0f641e69f7a9a89b9c30b088292e3b3800cc67e16414b2df9aed1ed144cd2c37bbd035a8f6389d71ace13d17dd32a315c7719a88b","ssdeep":"192:zyzNcfuLLpjyFp291taF4lcrCQ4RFvVhkxP4OKyptj6ZqQ:znmdyF24F6crCQ4R4P4Dx","tlshash":"ed32a673ba220244790d9d442f46ee02bb1b40176a4f8eabff91786cdf825c9b67074c","first_seen":"2025-04-07T03:18:03.798848Z","last_seen":"2026-06-07T06:16:56.157248Z","times_seen":10764,"resource_available":false,"data":null}},"time_used":1889,"timings":{"blocked":1312,"dns":0,"connect":0,"send":0,"wait":576,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl//commonPage/commonContent/nav/images/menubox.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl//commonPage/commonContent/nav/images/menubox.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\netag: \"5f3784cc-506\"\r\nexpires: Sat, 07 Mar 2026 11:45:03 GMT\r\nlast-modified: Sat, 15 Aug 2020 06:46:36 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 1286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1286,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 146 x 200, 8-bit/color RGBA, non-interlaced","md5":"20e476fe9a24d5b07e2caa1fa6d64626","sha1":"94d100fb104053a2721170b2f0b3b64992267e40","sha256":"36b4fe337b2c270b01f3e493f2131d6faaf9ab347f09c464317bdd7cb46165bc","sha512":"341d5320dcdc03bddd8ce67b106f1ca7f299104fde3380b7e5f6a86431ec2a9dd303e5bdf1e63b47fa95191461841fbc135b416ecabe4bbb9acafa6d44d3b798","ssdeep":"","tlshash":"c621db3dbe96180192ebe88dade1e822f523ce4095d0f060798f94110a794bdd9d95cb","first_seen":"2023-05-09T13:58:28Z","last_seen":"2026-06-06T23:54:10.476436Z","times_seen":546,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/lang-cn.png?wsSecret=d8c5358bbd54e0392d3fa69e062aaea5\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/lang-cn.png?wsSecret=d8c5358bbd54e0392d3fa69e062aaea5\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-641\"\r\ndate: Mon, 02 Mar 2026 23:34:15 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 05 Mar 2026 23:34:15 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 56\r\ncontent-length: 1601\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8881027351939191303\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1601,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 16, 8-bit/color RGB, non-interlaced","md5":"4138fbf9235d72ea27883f7169dfd90c","sha1":"e00d1fde9a4cafcc33568f470ad1fa5ff6aa2138","sha256":"d4b1e57188e670d1e3fcc8ea6155f6b8bb5bc59ccf44c7114865912748681124","sha512":"1f891eac95909381c3642854e87f9ccd155875102293e79916f72938090dc45cd257be5784d3a135b02d7f234c81f92405681d1c05ccee6d77e506fa2d3b59d7","ssdeep":"","tlshash":"7c3155b9fb4238528169ac9114f62c139c555fd0e6e9b17ab89f881328700f54bae7cf","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.99907Z","times_seen":7,"resource_available":false,"data":null}},"time_used":787,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":784,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMFP.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMFP.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"69672fb9-612d\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 14 Jan 2026 05:55:05 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 24877\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24877,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"2508da7d7a39b13bbe455afbf953a120","sha1":"9d85e6e2790ca908910c971c1364df89320ba90e","sha256":"5b23c86e973f31120d77ed5e1cad00a7b3513b89665ea9add812598f02fa50bd","sha512":"59aa5cb4b3e783095c460cc5714aaa75e45c92f073cf1f9a011e0ac742c675e91c9f843fd94d5f4a52ee9aa4cf5ba6ffdcd79c8bee0b556a5939280dfcbac187","ssdeep":"768:7Qjpr0FA6QfSFjlu8XxMkVghJq7TXNGwTyQfjIxMCzikmb:7Wr0i6BFjlRMk3NG+nI7O","tlshash":"cdb2e1a7cc28591214badf17854134512fed0c95237e8fc91f8239e657f33d48595375","first_seen":"2026-01-20T08:54:36.778864Z","last_seen":"2026-06-06T14:03:14.240703Z","times_seen":160,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-FL01.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-FL01.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"67cfccf4-5898\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 11 Mar 2025 05:41:08 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 22680\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22680,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"53012688900d15b23996e6f717191ab5","sha1":"7e489d0bef70c513b56444ce40c8020786dd5131","sha256":"694df6d27036b60f3d2418781633c786920b253557f499de928ea07c54e01d78","sha512":"5371ca23e76c073d72dcc07b86d9025cdcd4e3f83eebbbda00012e87add950c4d3ba750d2558e5ad3bf32eeb9f3eb915af474722ff84163142a4d2803dbc1082","ssdeep":"384:59NLl3O2rbAprJ1XlbfZLxWMkNoyWG2ClncXsAnwCA+HChsqR04ks/LuBtR7aBS5:7OSUZLLFkSyWPancH7A+ihsQ04ks/aBP","tlshash":"bfa2d0e9455d4691736ef10f2baaf1b844bdc22b87355ff03a00dac638d6405e37998e","first_seen":"2025-03-15T09:29:35.192362Z","last_seen":"2026-06-06T14:03:14.246567Z","times_seen":616,"resource_available":false,"data":null}},"time_used":1210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":981,"receive":229,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162009.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162009.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6864ddcd-5fcd\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 02 Jul 2025 07:20:45 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 24525\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"ebaa7672ec8aaa38a98c01ada9bfc3c3","sha1":"1e82645853660e935709b177494daa1d985c94fd","sha256":"a84af7ad74e6446a34481bdec96d58589263415e6ed2b1f2486f7698ddfbecf1","sha512":"ce34cd846666ec76a7582c550e2e221d3b9821bcb457ee20e7ecff34eeadcea82717a702d566e0fba2a94bfd15d483ff9297ca1b68bae48d8aea8213ad596eb9","ssdeep":"384:4sNmFwZBLZmMOur8odd2cR98zx1C1IcuEOXKB3lUASG24Y0gdROzBR32WrKJMlS0:1NoEmEAcRYu06Be9G24ZgdULrKJMlS3E","tlshash":"38b2e06b6c92b97bbcc850958408cdfefb175199859316b00fb30327b946769c2e0eca","first_seen":"2025-07-04T05:30:50.977947Z","last_seen":"2026-06-06T14:03:14.16998Z","times_seen":510,"resource_available":false,"data":null}},"time_used":1150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":930,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5002.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5002.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6205f3e8-5373\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 11 Feb 2022 05:28:08 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21363\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21363,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"d73cf218f18362d0a89cb36a4a3303ff","sha1":"57bf03bb562ca33343b19db1fe5e872335cc1cb2","sha256":"691d5caeb173c0c0817111fea711d2685d1e0e4e7e19f6aa7282fc525193f40c","sha512":"d550ce93aeb30b43662145bebae6dd24f834431eef106e412185e0b7eed6d34d6928bedc34e3d92487e613eeeab22b686bad10c82507b66ff85dfe6939ca9672","ssdeep":"384:zs4/1njK8SkPVDo1vSX1VnQpIE6ikTIDoe/3QftBrnpK2f3vO4rxmHcACMPaLZIg:z/9jK9kZo1vy1VsKTwb3YLrnpK2ffOwL","tlshash":"5da2e10a8b9fc39c5b7f08b762ed159cd928fd32191a9d8da4834db1f483e306c980d5","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.193854Z","times_seen":2935,"resource_available":false,"data":null}},"time_used":1107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":877,"receive":230,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/js/jquery/jquery.easyaudioeffects.1.0.0.min.js","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery.easyaudioeffects.1.0.0.min.js HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\netag: W/\"5d848f4f-4fa\"\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 583\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1274,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1274), with no line terminators","md5":"d0b356857d3c9dc5af864b7eff6cd521","sha1":"1a87e231081fe9ae44bf0ea7cdf42a29b8565b97","sha256":"ca6e3078877fd787f646fc33fc225d9b6304986c7a244dd640415af6d76667dc","sha512":"b2fabd77473ee5173f67471290165d834b076560f0263690022dd4c373cde67caa56cb06671406af10d0b78e2373b408b03375fb7c5be5645fad0ab369ab83f2","ssdeep":"","tlshash":"3f21f30cb41ab50dc4ebf5652223a4143b3d81cd58a40ee57291df639bb1d9b0693b4e","first_seen":"2023-07-08T07:14:13Z","last_seen":"2026-06-02T16:08:19.099078Z","times_seen":121,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\nout-line: gb-cdn-805\r\nset-cookie: route=1a7ad16788516453862c0c43d835029d; Path=/\r\nsub-sys: mobile\r\nuuid: 00117-01-00000000-17726247049e46\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 112\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":140,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"5d062bc93ef9d75b27e852ed745d170f","sha1":"1ecf82a0589608b26ee6a29b2cc3229916596626","sha256":"26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1","sha512":"44400ff6867b380b16fdfda60ff144dfcc9bc4d7adc38c84a98f20d2a8911304f694eca3afe2cf9ce9538a7c49b1fb471694b4b68215c6ccc6027571b8b5ac34","ssdeep":"","tlshash":"f2c02b86f21818b38b030bd010e83d41c3fd11b2c0c84848dc4c8e4802b48ffd301837","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T23:51:10.815511Z","times_seen":7427,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5006.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5006.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d4d4143-4fd2\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 09 Aug 2019 09:47:47 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 20434\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20434,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"7769f6a35df5811fbe7fa97b2aea9a1c","sha1":"2875a7cfef0a8a296374aba27f95a8a8d79b8acf","sha256":"855a9b3bb8c24ca1ed6cbf42331ff6a243e03b1452d8c2d371df11d861f8712b","sha512":"c56bc42f56813952a8770bd7239cc06918aa7237a3664906165f2c6d8dc5256cc5f27bda72ab60ec5dc83b9f87931a49aa27d1219bc0d380bff80ba9ec5c236a","ssdeep":"384:FJ+bsL1GT0gAIR+985jPtH7dFGbBkmqhuj/30aDxOSTLSoREB2yKFFvYxm:B1GQgAIR+2DJxFGbzDD3plGoRW2y2vB","tlshash":"9a92d1a0e29d267710161708695addc30eccd91efdee3242e5aa2248451f5da27c9cee","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:03:14.213952Z","times_seen":2935,"resource_available":false,"data":null}},"time_used":1088,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":886,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/mobile-api/v5/origin/getThirdParam.html","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\nout-line: gb-cdn-805\r\nsub-sys: mobile\r\nuuid: 00117-01-00000000-1772624704c877\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 86\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":103,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"9ac55fe189e4f53f37156e563e0f542e","sha1":"18b13b1360ce9fbd973e046d2652be38d58a15e0","sha256":"d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b","sha512":"45b140d1bb3f3f06ff883448128956edda4d8ae0820dbb6b10f13860896cd611921dadb5b11b8d1577f22a80aefdfdbf8a2d54f6076b1e05f69d262df93b94f0","ssdeep":"","tlshash":"12b012816118adb39f0317e120ec380142fc11d180d48408dc5c8e5847948d7a202933","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.191773Z","times_seen":15875,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/2.C0gegXQh.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/2.C0gegXQh.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWw3xnaCQeuzbc19yd7QYazoEkbv15L6aDaO7fW25TXx0Gvn0O9Vf7MVI1EJ4RZNKR6uUGylpwU\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\nx-goog-generation: 1772545407074947\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 442575\r\nx-goog-hash: crc32c=cfKELA==, md5=A8e4ECNESK5k3ZiSpmLkPg==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 124978\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":442575,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"03c7b810234448ae64dd9892a662e43e","sha1":"5ee59572e8d1528976d6e603ba8e6aa8cf4e0f19","sha256":"6e5ea6662f022d5efc56b6bf3d1797674cc7f04eb800db1eac9a49be24629690","sha512":"83e4a67903b7aa07a92139fe3006ef9074bc67e4fa03bda85db98cccb2c932b4fb5bae5f04b72cc7795b06f4eda720237ee07e53f24de7e19ae0eb57e31b4b56","ssdeep":"12288:mx4lCyAjiSkC8nMQiiHkMK1rEdlOqtB5/oS6JxIOfDf+5tqbFmqeD1d9WB9Ff/mS:mx4lCyAjsdzqzYi","tlshash":"47946be07242f938d7e7c19b90bb160af33d3d09b42e9620f1ade85d33954489267fa5","first_seen":"2026-03-03T14:45:10.205138Z","last_seen":"2026-03-05T09:29:13.782645Z","times_seen":151,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10287/1765917555983.png?wsSecret=4e41dd33b61e27ffdaf26c3af6152c65\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:08.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10287/1765917555983.png?wsSecret=4e41dd33b61e27ffdaf26c3af6152c65\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 16 Dec 2025 20:39:15 GMT\r\netag: \"6941c373-5d5c2\"\r\ndate: Wed, 04 Mar 2026 11:44:13 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nexpires: Sat, 07 Mar 2026 11:44:13 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 55\r\ncontent-length: 382402\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 1633701525602614265\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":382402,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ca79310cbb56b034f065c278a9308350","sha1":"3feedac3f74928c8dcc41017f6d6e214ae593a6d","sha256":"040676d13934dd26fcf54ae87a20ca163f535ba6dce54d5fea3c691432448920","sha512":"ba67387eea4f62bc94a4137486205e8cebd0faac71a5c0f61aaa47c4a36aee1acef271ddc23dc811b25581fd9518adccaea89200ede832b5f4d625f752a6cff4","ssdeep":"6144:rowgbAQFnBenElZeg3FRI+IZw/VCvoWrgVs7HP4n5W6SjJBHFAgSJWM4g6Pi8sGT:rotAQFnBenEnZFadZwQvoWEVpsHFx1PH","tlshash":"0a8423932c4d23cfadb90376ed230b29266f81b4f3a0557435e472b2da68653638578f","first_seen":"2026-03-04T11:45:34.577883Z","last_seen":"2026-03-04T11:49:17.038712Z","times_seen":4,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10216/1723201956865.gif?wsSecret=690ddd2de9bd21991fe387ea3448153d\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10216/1723201956865.gif?wsSecret=690ddd2de9bd21991fe387ea3448153d\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 09 Aug 2024 11:12:36 GMT\r\netag: \"66b5f9a4-2e515\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/gif\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 189717\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16419685457901742943\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":189717,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 694 x 520","md5":"899fc0804ed41ccef5032cb0180bcf0c","sha1":"a702b9063e917e34c26002ef8655c5fec989ff9e","sha256":"99806409f96fb30b739dccd35ec7b9dbcde8a1852ab7eda3f04d67782201c617","sha512":"be14679fba8d5f45a71eeac9ed7e064f3f24efdc0260516888a465c04368bd8c61215959886e92d088e77af90d362215d576db080066f4364929276ebdd1dffa","ssdeep":"3072:bdL2RlGaQMKjuaMorpkUJ4H0t0H+K52vZb7UnI6XQ2vbvi8sPeRt/4bRSCeSqM/p:bdSRljQMJsKgY20eK54enlFvD3sC/u7z","tlshash":"7f042303048fcd7603c6d8cd2d67669319606bab54cae0f84b4e99bbf7d34f94ea2059","first_seen":"2026-03-04T11:45:34.57897Z","last_seen":"2026-03-04T11:49:17.035609Z","times_seen":4,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":289,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38001.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38001.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760b-5b3b\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:11 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23355\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23355,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"14f7dbafc1472fa05db8eb17ae826f30","sha1":"991915b5ae07c7a47e93dce0c6c82d0d0b690993","sha256":"7287fcb933e5bf3eba0d13e7312cf5ba90f94c0593310090fdc521f866b0b134","sha512":"c20c75945c3f257e10c5f05befdeef47c94db2aff015645d069bcf68d71a02ccb5a9e0e15b434979530b8590c19ea9fee69f0c6195338f538f7819ccd7f42052","ssdeep":"384:dtxqUXNDM7tp3udWEuwZ7ve2JM+4GsNINH1MpyMS0WagZ+2tGXGfvcK7UeoYU9:dffNDgXAWEuwJew54vy12fS0cA6vcKxG","tlshash":"19a2f157c5e9841c5cf337d101680b5d82723b26e02d5c465b67f6a06f19c0abe63b74","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.253996Z","times_seen":4722,"resource_available":false,"data":null}},"time_used":775,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":774,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT05.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT05.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"64d9fc50-5af6\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 14 Aug 2023 10:05:04 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23286,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"993bbfdbad1c48f514367407a17d2a77","sha1":"7d3db06be9d7912432c768fa5b23335264db002c","sha256":"df044589914265a7b02cca67f876c01d20e5eb0d9e50bdb2e8af8e0994daeab7","sha512":"039753aa144437e5079e0fed41a8d635501a7ef7ca8cb4d8f5e8110439e66d7a83c7062d69470d14a5d26b928952c9f65bf94bfb9287b6a92028cdfa38822931","ssdeep":"384:R1EQWwe7Q16MgKYg5ya/hbHR0SuPu9AZnObEloEO7UXA4oQvAoVf61+nSsfjjNLL:R1E2a2Kkya/EpAA8bEyEOlQIv1+nNfVH","tlshash":"38a2f161edbe1895092d42671c658749fda1c9ba25a02cfccec0770ade02ef58bc13b7","first_seen":"2023-08-15T12:01:22Z","last_seen":"2026-06-06T14:03:14.177698Z","times_seen":4511,"resource_available":false,"data":null}},"time_used":1207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":767,"receive":440,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31008.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31008.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"645b37a7-4ecc\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 10 May 2023 06:20:23 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 20172\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"37070ea9397e4c9bfa4c6fa5e499de59","sha1":"fd2237d48600d3a6acba5c8982c1d594962418d4","sha256":"f3d50d3f597d6a23e42d069971e80a14851d7c996bbce674ed591c6e87b64bda","sha512":"57f33073219953e1d1b4c41e8a2ae0a354c3f624b16cbbbc8a68b8323b3076be37e262c7ababdd538ff92744e5e27fb84eaedceeed60080e992f22c7c94f7d99","ssdeep":"384:eB2uUbTV2AEB0qr/Fcby9AiXwzTGumOXcFitn2hDJ2c/8rnbt4:eB2uUbwh0qD2by9A7pmOXcFitVc/Gb6","tlshash":"a892d1eb72d51f397305165b4998cadedc3b4d2843c3adb04960b908ef3641e6da4936","first_seen":"2023-05-10T18:45:38Z","last_seen":"2026-06-06T14:03:14.241072Z","times_seen":4693,"resource_available":false,"data":null}},"time_used":1130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":915,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/license.jpg?wsSecret=2e183dc15ae941a887be6bb98624880f\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/license.jpg?wsSecret=2e183dc15ae941a887be6bb98624880f\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-2aef7\"\r\ndate: Thu, 26 Feb 2026 07:04:11 GMT\r\ncontent-type: image/jpeg\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 175863\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4261381495012298365\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":175863,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=368, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=693], baseline, precision 8, 693x368, components 3","md5":"eeaa66fb5ef1a0b34fd7df76d0c31c24","sha1":"d85838ee8c9306c8cd0fe9bd9da9f7f7c7f55a0d","sha256":"0bacbf9b8aecd4745d1b582d6aa73a2cd92f7776ee2d3c3bb47b1db7b25ca59c","sha512":"4cc32547215fd0c31cee566f7fedabf666d6b2acd4f4f0d1a0400b2be4dc20accaf73ac982925c031f061c949ba59021f98f9c553167165f14bf35e45090927d","ssdeep":"3072:U+RhXFjBgPYevuSMQZozN5hkGxtZrmU895bvHoHSNV1LIF/5/QGdyi4yrE:zUPYwuSMQZ45u2Z7KtvXVEF5/9dyXyQ","tlshash":"d80412d458678e13f9e99270cbe3cc4e076a5e3e67137788f89dd68ab3206c6502c16d","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.980389Z","times_seen":5,"resource_available":false,"data":null}},"time_used":706,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":643,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/moment.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/moment.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 18 Jul 2023 06:40:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64b633ca-1cab9\"\r\ndate: Sun, 22 Feb 2026 16:58:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 25 Feb 2026 16:58:01 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 26968\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14774284791714964904\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117433,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"36c8f828395a9395549bd6e7307cb7e9","sha1":"f30a4961558e2d3d4405e7d93aa28fdb63245e78","sha256":"5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33","sha512":"40c24a9011e1bbdd98bd95b341c400bdaf48fefd953fcb407368fe3c685ac09196b55e230c03ca9890c35fe9acef2c916bed52423dc1a7b532a1db9817c03a8e","ssdeep":"1536:qOL1yBkBeb9wNoHpH7tjl2Ulwjwaj2BH3fMobEKeYEoZYiMirUw0:qOCWeH70R2BkobE+cw0","tlshash":"aeb35f5a59e31023496362294fdf2011ba388123590dee487d8da3d49f9ed7c47bafec","first_seen":"2023-07-29T10:21:40Z","last_seen":"2026-06-07T06:16:56.193664Z","times_seen":17476,"resource_available":true,"data":null}},"time_used":2312,"timings":{"blocked":1464,"dns":0,"connect":0,"send":0,"wait":577,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-176d4\"\r\ndate: Sat, 24 Jan 2026 06:44:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 06:44:11 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11878\r\ncontent-length: 33545\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15316481107091462142\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95956,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-07T06:16:56.151049Z","times_seen":18320,"resource_available":true,"data":null}},"time_used":3624,"timings":{"blocked":1522,"dns":924,"connect":277,"send":0,"wait":273,"receive":296,"ssl":328},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/js/swfobject.js","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/js/swfobject.js HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\netag: W/\"5d848f4f-18e0\"\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 2032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6368,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"062e203de84bf58ba8a6a90c46f72ad9","sha1":"d324dfe4965c0b56b74e9497cd56490cd1ae5a96","sha256":"4f19997108b3e4e7d227e708162f22a7741fb816237f833310f58f623dca3c1b","sha512":"1f006dbf600b6d5ef9d12e85ad9c2cfa19c74a66cf89076c7b91600298f3bdcb3e9c347cff90e221b86866b66c3c6f352b92fa54e11b73d45ebc66cb8dd76727","ssdeep":"96:jYlsTmD+UEjAt0YDXIBu0wEsZ9ikDZ/QngMkyo2K4RzJ/tXW:jisTmD+/jAt0YAuQsZZFogMkyK","tlshash":"6fd1763a7048b9f41ede11d44c6fa6c4fab5d5126449747cf88ad1c6966cc0b88b3f3a","first_seen":"2023-10-24T19:57:06Z","last_seen":"2026-03-04T11:49:17.063543Z","times_seen":5,"resource_available":true,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":421,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/idangerous.swiper.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 11 Aug 2023 04:30:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64d5b951-b083\"\r\ndate: Wed, 28 Jan 2026 09:15:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 31 Jan 2026 09:15:14 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 11957\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3162624613742257363\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45187,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32034)","md5":"f15409fb02c527ce1f66a2fd3c4aa0e9","sha1":"1e1e1bcc0f49e99e14ba34991cffe0745178d302","sha256":"1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27","sha512":"66a384d6ad5fba862e778e24c43326a718328b6f860469fb5eb69c2687b0bbdc3c2dfa9049b0e3d5509214db1dbec4477f5c3654dc04446a505379a4300d4908","ssdeep":"768:oTFZ8CkWyYzh9MTvl7prcAgQW5ppZ+rPPWRqKDyBuq0t:cZiY9uTJuAgQW5LZ+rPPWRLt","tlshash":"5613f8c1b32031a741f3626e91fecb4271f54966aa05d4dcb5ed84c41ab489a03beff9","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-07T06:16:56.166479Z","times_seen":17297,"resource_available":true,"data":null}},"time_used":3881,"timings":{"blocked":1519,"dns":888,"connect":308,"send":0,"wait":814,"receive":16,"ssl":334},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/gui-base.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/gui-base.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 17 Aug 2023 06:15:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64ddbaed-ee5c\"\r\ndate: Sat, 24 Jan 2026 00:30:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 00:30:32 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 15779\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17632185050309789618\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61020,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11056)","md5":"e6ce47d880d7a50ddf91b074c8572edf","sha1":"6a3657c67209136e5b544859daecf16f2d153b72","sha256":"c49e04c7ecfd07c74b58cf161ef2b58f2bc837a9091ed1ae090a33734cdaa734","sha512":"0946a1cb9d048b485dadf4056a4aa7be685a8906240a828a5ac776a4e1eae2ed5ef238bd0724da41cce33324357ba44704d34a6766430f1552630f9a17b664f4","ssdeep":"768:+lkflKVlvREcS38xHmuqrRO/5IS3oFaJX+mQdudqD9jAXImsUh8H3yALdODRG4eK:6ClKVlvREcYoHz0PszIfoALkMEY16pB","tlshash":"4353c80a72b130a106efb1b6515f460d323a6927d44ac458b97c9ae43f74f28316bf7e","first_seen":"2023-08-26T00:19:56Z","last_seen":"2026-06-07T06:16:56.141629Z","times_seen":16690,"resource_available":true,"data":null}},"time_used":2031,"timings":{"blocked":1471,"dns":0,"connect":0,"send":0,"wait":273,"receive":287,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery.super-marquee.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-1151\"\r\ndate: Wed, 28 Jan 2026 09:15:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 31 Jan 2026 09:15:14 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11887\r\ncontent-length: 1421\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6191527970065265168\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4433,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4433), with no line terminators","md5":"f77d83590bc0a69298f2fbcc5d9911cd","sha1":"1d6aa25d7052f53ad0181385e5efe72f224bbdb9","sha256":"1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7","sha512":"a39dc6c01df32c8f72842af346f4d67e1278d37a74a0541537b8274b421bcfbc547a2f4844f3c4b6c5cdda4c78f0a8f41171c87ffd149ab52526a95bc6c5bf61","ssdeep":"96:nwzrUsI9/8w/ISEgOGXFRNcrc8PQjc3Pb:+rUsk88OnJQA3D","tlshash":"2991252d7290f5d559cf3c3be02b0b050c785123a54e00927a65def279ba379a607e1f","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.156398Z","times_seen":17500,"resource_available":true,"data":null}},"time_used":11787,"timings":{"blocked":1469,"dns":0,"connect":0,"send":0,"wait":10318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/mobile-api/v5/origin/getFloat.html","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:02.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"POST /mobile-api/v5/origin/getFloat.html HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 68\r\nOrigin: https://wnsmm.cc:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":68,"data":"locale=zh_CN\u0026terminal=pc\u0026is_native=false\u0026version=v3055\u0026resolution=2x"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: https://wnsmm.cc:8989\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\nout-line: gb-cdn-805\r\nset-cookie: route=4bf55577ceef236451cccfe77519a18d; Path=/\r\nsub-sys: mobile\r\nuuid: 00117-01-00000000-17726247032ff0\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 394\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":690,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"e27713ca34b5517cbff52b84f280be80","sha1":"dd860422c50e7f6a9412aae7d061e424d9a58921","sha256":"01296d01d8e17888b5dedff1baca93983f9db043f697acf0c6ab8b12d2a5611f","sha512":"3b0d303413ccbd06fa8ecdb24c185a634704e54b296f9818dcc9dfc37705227b264e8ff43bcfd0a6871b8f5ed67e52aa2b11ada219ec596f62a79292457ef650","ssdeep":"","tlshash":"7301fe612e701d7947cd53c658ce3e07ecdd009b53e82c17fd0d8e1406da7a55124a17","first_seen":"2026-03-04T11:45:34.58892Z","last_seen":"2026-03-04T11:49:17.007698Z","times_seen":4,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/117/carousel/10006/1481877525221.jpg?wsSecret=2c4a3115e9a85821b2ec42681d3104a8\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/117/carousel/10006/1481877525221.jpg?wsSecret=2c4a3115e9a85821b2ec42681d3104a8\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 05 Nov 2021 08:40:40 GMT\r\netag: \"6184ee08-487fb\"\r\ndate: Sat, 28 Feb 2026 18:10:42 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:42 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 55\r\ncontent-length: 296955\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14546566924564279680\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":296955,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x502, components 3","md5":"ea2f44aa667b5c20cac4f9661b77150f","sha1":"62d8e21d55ae93fc525122dcf72fc858beb7632d","sha256":"e0aac8fd67b9efee9cacf6f6df205567b488a5df2eaf8ffff41308a28eb33d4f","sha512":"48a28721924c069542e486b83a79773b719e53bc5b63f0bce5dc4e0052df9831d9479df07940e66e372757b9e0e15e4be0463c00e147c0667091315008ab8ca1","ssdeep":"6144:a1QqXFYURcKpQyQcO5Y0rWyWt9xM7Dzt4p4MMPntNxfMmfp65c:aS8YiQkOKiwofhgQPn3xfMmx6m","tlshash":"285423311bc9138bea9e4526cb2a3c366f92d00dc24fcd0267d381b57b24d2da5d87b9","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.831831Z","times_seen":5,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":270,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/themes/gui-base.css","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/themes/gui-base.css HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\netag: W/\"699e9be8-146ad\"\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nlast-modified: Wed, 25 Feb 2026 06:51:20 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83629,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (12023)","md5":"ae436617c02061eb715fce1f6e4d84ba","sha1":"d29e23c56a6972ed8c139be8fd55022e8dc79dc2","sha256":"95be5699e27ae8ba00031ebaad84c414dbe6ab48f6445007513e072c9243eaae","sha512":"614e0041902efc437f9ef9ab63f0ee9e7d1236e0a5d811013dc75509c0669ef44b24ffefec0cf367ed241b6615b506b27a951cc17f168e7ff97f09b9564c4137","ssdeep":"1536:hh/EEJVfpLdXYSN4H1Y7B/Daf4ZxnVXCg9bI:VXYSNE+RVXW","tlshash":"0a8385b2e15824e63373c856a381fbda2554b122c5134efdf89f655c8bc738612a2f6c","first_seen":"2026-03-02T15:35:34.435383Z","last_seen":"2026-04-17T08:01:36.591141Z","times_seen":1009,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\netag: \"5d848f4f-1ad7\"\r\ndate: Wed, 21 Jan 2026 08:09:20 GMT\r\ncontent-type: image/jpeg\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 08:09:20 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 760\r\ncontent-length: 6871\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15825671357697859159\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6871,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3","md5":"99be4bfe275809d4e436b77c991b1381","sha1":"54eadee77394eb62ccf377ae68d9f49acb5b6785","sha256":"4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d","sha512":"452a79b02619ed5c1e4f81fc5a4a209cb8a11d03aadb1841ae9be18fbca088652cdb54340329c1bf57771abfb02ffed4bf75b61f4df96866b7f2358c36ae75a3","ssdeep":"192:p7FikLUR+6X7MCy5nSb1jSG99DX8yclWGo2yscY8:pfA3+gSGjX25+Y8","tlshash":"4ae18e26da8bdb85c4a4f2713f7d881a5551da1a5bd3f02160f8c41b3c9327c15e7a8f","first_seen":"2023-04-30T20:28:22Z","last_seen":"2026-06-07T06:16:56.128252Z","times_seen":17411,"resource_available":false,"data":null}},"time_used":2151,"timings":{"blocked":1288,"dns":0,"connect":0,"send":0,"wait":848,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:02.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWyWrbSX5ljRYd-t8n8OR3YaNRwP2_SyIkoCZ4se3Bbl2CdCJSMe_XrV3pyMGTUqcSfSHH1oIao\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\nx-goog-generation: 1772545407135476\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 100997\r\nx-goog-hash: crc32c=0C+lAQ==, md5=LTKjnKToEIsdtAHlBtmPGQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 32759\r\ncache-control: public, max-age=28800\r\nexpires: Wed, 04 Mar 2026 19:45:03 GMT\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":100997,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"2d32a39ca4e8108b1db401e506d98f19","sha1":"ddafeb5f3def94e42c1c5c9f4f89804ea2d26736","sha256":"a1d49f8e5be67da4b3921d0f7cf628b007871101160e6eb6d746bcb440da9a45","sha512":"142665a3e052397ebfafc0b60c203aa3e1dd95905ad5e8708272bd75639cc9dc8d5ae9b4896bc7836199c3ff12aac2d390bfd3fdebca440681bf07b7c09767e2","ssdeep":"1536:E5hboeri/BevgjTcAhWeypynDx4Wwwpw84Io6eFlIUYow8:Evboeu/kYHyp0DPheF4oh","tlshash":"e2a34ada7282b03453f786e7a17fa216b3392818340d8420f17cdd6a395a9c79177f6e","first_seen":"2026-03-03T14:45:10.225758Z","last_seen":"2026-03-05T09:29:13.614557Z","times_seen":167,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":61,"dns":39,"connect":1,"send":0,"wait":3,"receive":2,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_6.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_6.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760b-5476\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:11 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21622\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21622,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"18fc529cc0b071eee9ab764c7b3cebf2","sha1":"e79958322824752ee3be995515d242f3a65dbd15","sha256":"7dc7c033a2391b021f70e5576b15806c1e3e73b2bf5a0beda751bbdff7513b7b","sha512":"6c3e18d72657713778d833d7f47c46b63e79f11260aec13189ccd8a4df2e58c78d5895e929d48b9f9717aa2698fc0091ddb9924b36a138afd0e25285152c9144","ssdeep":"384:a811BGMmh1dJT1q+gjV3FCf8luupVuMDBWnO6aGpRhvKfhIuQvIOLavUq+kG3:ai1UzbXGCEluAVuMDqtiqIWGm3","tlshash":"7fa2f17890ee7c3312140e6a4ff685c179d017a0396ea054b10ae9f8d1f90cae51b5ef","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.253499Z","times_seen":4721,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":775,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMSH.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMSH.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"613c72be-4c8d\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Sat, 11 Sep 2021 09:11:26 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 19597\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19597,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"82c905f14c36be0d2fa670516edded31","sha1":"437546d720284de3982ff79df6a946b81e923371","sha256":"f3cdfd33e75d6f3877e1e0da0491c2b2a65c66f95d434c6b08950b0b5d5b9cc6","sha512":"1a376a8537ccd8281b2202299ab663dccc63ad83efb1d05c13458bcd39f714362dafecbcaeadca26564496035d0f2eb9a30cca4bd590b808686253f07313c938","ssdeep":"384:RjFb3CPIlxEsPQ+AQ3L6MVLkpzvfRTvvqEV65H2UFr:rCQlLPPAQb1VLkXTvCoq","tlshash":"6192d0d0b15bd8a44035928e413a6bdd9bc6ed97dec05c0fa226f1629e7a1c0f18935e","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.249865Z","times_seen":4722,"resource_available":false,"data":null}},"time_used":774,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":773,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_11.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_11.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"613c72bd-4dfc\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Sat, 11 Sep 2021 09:11:25 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 19964\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19964,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"d495fdd61d29ff61ff34fdccc5597d0f","sha1":"95a2b5b377a239ccf2d5e5cc81534f79dbbbe033","sha256":"08097b5ebe2de4f6d295aeb64fc72170c766ea81851e9baf96ff4de926fc678b","sha512":"820c2fdab2bc8fda5344de41eb9cd61c7bb3f9bdc63f2451bfb0d98625c914a968a4b88e3b707132fc72578d24d2497887d14f27e9c50868d9460a348dab06e4","ssdeep":"384:ZmMS2t0dYuIczohE9gm2sX7IJg8Nw/PT2yXO4tRtScwfrnia3rfS1soMtDy:Zmp2UR522sgJ/PCyeCrSDfjHbfSWzte","tlshash":"9a92d0fdd3f0eaac24d7295124cf21c28e209fd826d83b454d62d4ba70e9a6b16e5153","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.225391Z","times_seen":4691,"resource_available":false,"data":null}},"time_used":1144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":928,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38003.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38003.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"66417a39-51cb\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 13 May 2024 02:26:01 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 20939\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20939,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"86275b4fe044aadde009a033fe57359f","sha1":"ebd0bf57e8849c6374d5475110d0a8294023b204","sha256":"df3c41c9e61e1a2f85426ff323c2ba1e36b10fb29ed546a29179f31b9e9c525d","sha512":"cb692fef883f5f2c94c1b71b294175c76be857c376a72df17b6422e6f1af14b29fb4493f0c3193acccf0718e7b401213806dd5ed9ae58ba1433b665a3b67032e","ssdeep":"384:F1NROi3r7omA3+xzLnxHBJB9GziNiDpePY7ObGJm:tT3ndLDTc+oprm","tlshash":"bc92e19c61d2d6bebb14b9b0087ccf2910ef55416b7f34236eab70c096d76a4e31a1d8","first_seen":"2024-05-17T19:49:38Z","last_seen":"2026-06-06T14:03:14.175052Z","times_seen":1904,"resource_available":false,"data":null}},"time_used":777,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":774,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO02.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO02.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"61c42865-55c1\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 23 Dec 2021 07:42:29 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21953\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21953,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"12f4870c1a8e51e39a6c8bfdd11ed804","sha1":"47eb5ed8af8ae69595b8743e7a61d3fe825cc048","sha256":"1f6c135cc810d561e52ad5ba9ca5cfda82897c82db0863ab366e62d5970b3883","sha512":"374e01c76bd6c0aa0095ce82f356491c35d19bab66b99d724da0d33484ea782825c0d9c47642a9a286f8dd29d12c8497f3e4a87bbefd9bff16a3e140bdaf53ca","ssdeep":"384:Q7colNqMUmD0dZSiuMIjBO3DJcVaAPP6keJGp7CWADulyzh5EhD7cDnE/hALlQt5:AzeSD4ZSiPI9SJKDHpCuly95EpcDnE/t","tlshash":"eaa2e08a1906ecda9c23423a480ff9a68ec1f09b845f71b80d85e5ecbd462d73647597","first_seen":"2023-08-15T12:01:22Z","last_seen":"2026-06-06T14:03:14.238573Z","times_seen":4512,"resource_available":false,"data":null}},"time_used":1199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":973,"receive":226,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/commonPage/lan/i18n.js?t=1772624690.71","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /commonPage/lan/i18n.js?t=1772624690.71 HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\nout-line: gb-cdn-805\r\nuuid: 00117-01-00000000-1772624691306d\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 813\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1310,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1217)","md5":"35a2f860dc46fa84d6727c4882752ee2","sha1":"5f18ac1a514559400fc271e3c09aef7bbfaa6fee","sha256":"e245b50027c1fb8ac97b86706a83be7397a924e33acece7ced9fe1d62ac5565d","sha512":"0d60ee9e490e7a8b571c3c5a3718e0103b7d82bd579cf59bd4c598a164208fdc837480a611b0eed2f7f19ac138bb1aa76b330f3ea13bb01ffd7d051bf90ee817","ssdeep":"","tlshash":"9d21fe68f3e061e32d5e8aa3eda63f6f11754abd00973407437831ce11797a79cac408","first_seen":"2026-03-04T11:45:34.597859Z","last_seen":"2026-03-04T11:45:34.597859Z","times_seen":1,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":455,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_10.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_10.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"613c72bd-53fe\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Sat, 11 Sep 2021 09:11:25 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21502\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"548f74b6fbacfdafac2d13982ea01f5b","sha1":"62056e33bd99fdb7a26ed1eb6e0d34baae75ab4b","sha256":"8d23af5f64406af80c5f00bbe2806c0a696eee1b9fa144135a679cf7d15c27a9","sha512":"8f00e1f684d16d7c6429dcd1c2d8174cf732b9d50dd1a5ca9d18aa70e11f014e2c2b117133fc79fec99348e6e580e844af5ea2f74a428aee210413a458c2711c","ssdeep":"384:Y0wcokyEQla2d2ub3bbLkkVWaULKun+cwTtLRBQrgHf2kxKPllXqbtBUkwk:zJjyXa2f3DX8/N+cwTj6rg9gPlstBUkd","tlshash":"25a2e0317dd8fe229895ca7c931f453f5e18fc610d4eac2b9828796e26fb64844c9bd0","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.184928Z","times_seen":4690,"resource_available":false,"data":null}},"time_used":1156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":713,"receive":443,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/venetianVideoCover.jpg?wsSecret=1faa5c3f2a99e20433310bbf995ef0b1\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/venetianVideoCover.jpg?wsSecret=1faa5c3f2a99e20433310bbf995ef0b1\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-22e31\"\r\ndate: Mon, 02 Mar 2026 05:42:30 GMT\r\ncontent-type: image/jpeg\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 05 Mar 2026 05:42:30 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 142897\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14544324631076016422\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":142897,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 665x375, components 3","md5":"24da16fd39d077f68a0f2a440890ac34","sha1":"7c217a14ec30499a4a12278fa636d4ec0c96d9f2","sha256":"633e36e2bb9feaffc8e03874d7c97f52a761dd0ef107824b284e69b577a07b16","sha512":"44e00a493db8ddcf8a29256845df1b8ffafdba285353029f5d395ed7afa73f021d7267ec99aafd1f380bef812a42ffce121cb08863972a620e549d74b992cf2f","ssdeep":"3072:INzACVrArNCuIFZQuknnPvbSEhgwDyXpaDFbVHNxk9:IN/tArNCuIMuGnTepwFbVHNq","tlshash":"91d3125d14eb03feadd21ea663d2781f9f5580f748f1d33ca4808d2559f18ce2490574","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.937587Z","times_seen":5,"resource_available":false,"data":null}},"time_used":656,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":620,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/icon-close.jpg?wsSecret=651685a3a91fbba013f18f0a47d0d4ee\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/icon-close.jpg?wsSecret=651685a3a91fbba013f18f0a47d0d4ee\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-5ba\"\r\ndate: Sat, 28 Feb 2026 07:54:39 GMT\r\ncontent-type: image/jpeg\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 07:54:39 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 1466\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7646799191838779854\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1466,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 13x17, components 3","md5":"c701aef4b8ba03d2e50e5508ad8cf86d","sha1":"38216ca25b1c77c899c4649fcc06c64e8a8d7a7e","sha256":"da6d070153d36cbb7f1caf8c74727a364636dd202595f437401bccc3cc92fcbe","sha512":"7025c8ab06b1f9e42ac5572275dfde03aa6a29531f156d0aa697015a749175c16e11195a33a84bdef3078bfb990ce16a8525fca319ac4661dd5111c876962fde","ssdeep":"","tlshash":"6931a50cf6931080c094edb21cf7843b0e171b49e987fe69b8de8027c8210f3555a5d7","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.060424Z","times_seen":5,"resource_available":false,"data":null}},"time_used":718,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":716,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/footer-bg.png?wsSecret=4030a05a36f127e6d27159afb6d53c3b\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/footer-bg.png?wsSecret=4030a05a36f127e6d27159afb6d53c3b\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-14a8\"\r\ndate: Thu, 26 Feb 2026 07:04:11 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 5288\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14947945012822638246\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5288,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1046 x 49, 8-bit/color RGBA, non-interlaced","md5":"d397aae7c67fb547a1c833b75d703e9e","sha1":"442cd3d9621718bfa592299c3b3fb5c10f73c5a2","sha256":"20c8ed013d31417f530a5ecddd4e6eaaec87f9ea60b695bd2b156938546e4684","sha512":"35498f1e38bfe765137c1d025ba6837285a7aa539a2520b52f4105eaac289fd8afbdff17a67b6f39af2266c196e51b01b791d961f26d15d4cf1827053c427f36","ssdeep":"96:/SMllcHitlIxv9vk7C1+I4wWHLihk/xlWFCfXOZpXFZSR9QEFEVyW3Rf/GGGGmc:/SHIIHUCD4waOFqXkXfK2Ee3Rfic","tlshash":"5fb19e49e84d40cde45c06b8547eba20135fdd61424eaf2cdaff435ed602c62d830b8a","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.824064Z","times_seen":5,"resource_available":false,"data":null}},"time_used":826,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":826,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T11:44:50.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:44:50 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nx-html-cache: HIT-3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"SWFObject","description":"SWFObject is an open-source JavaScript library used to embed Adobe Flash content onto web pages.","website":"https://github.com/swfobject/swfobject","common_platform_enumeration":"","icon":"SWFObject.png","categories":["Miscellaneous"]}],"data":{"size":731285,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (491)","md5":"996dc644bb4a362f97e4ee6e099eb172","sha1":"25a110ddd02f80edca845a2d042cd06aa063bfcc","sha256":"04fa9a1c8265ad7d25a16991ab22c808e6ed7c5257ee2ace89ae8f5a671ca8eb","sha512":"43a3b53483d2382c89a9cdffa56640bf195c9b0f51ab9fe17818410e1250b09e83789a4368b1a229739b8e54ebc6e8da2873c01c2bc3a53bfadf24d16b4468f7","ssdeep":"3072:ZaAjJi1vv7+NH7SruSEku/XQgyEzwd0n/bddfLsnaq4VgnY2P15MD08watu21QS:ZaciswdWbddUavVgnBPPMD0Datu21n","tlshash":"adf4fa113af2326622ab70b94e7e77047971a147fd09cc047c9d16c4af86fa1a973b9c","first_seen":"2026-03-04T11:45:34.604377Z","last_seen":"2026-03-04T11:45:34.604377Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1129,"timings":{"blocked":446,"dns":1,"connect":218,"send":0,"wait":236,"receive":0,"ssl":224},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/style/common.css","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/style/common.css HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 08 Feb 2022 03:17:38 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6201e0d2-c35c\"\r\ndate: Sun, 08 Feb 2026 07:48:48 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 11 Feb 2026 07:48:48 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 49\r\ncontent-length: 13995\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3762319840317112763\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50012,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (4644)","md5":"e0077c0e0d0820e9f847c24e97896e91","sha1":"b4a855f95a81d4981d7916612c04d3c16fcb3b59","sha256":"c5cf6945f43a5743d6201cdf76bbe245d54a9c8a9c9569078a8a05c84d089ff1","sha512":"476915b0ce8de5656dc159d96f9d54907064868d6f9cc0e36071426fec1ef1aeed8553ec415001df4ffe06ac293778c237988492b9466919738dd83f61639ba7","ssdeep":"768:q/UqVGIczjWkm/3otEZBrpdA+tUqVGIczjgELyqIUhKNl8:q8qV5cf6bBr/A8UqV5cgu5IUA/8","tlshash":"0723f721d540201fb563d2bab8a1eb982719d113d5171fbdf8b63579eb872cc1a33b88","first_seen":"2026-03-04T11:45:34.605424Z","last_seen":"2026-03-04T11:49:16.961608Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3977,"timings":{"blocked":1533,"dns":970,"connect":262,"send":0,"wait":845,"receive":16,"ssl":347},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:53.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-176d4\"\r\ndate: Sat, 24 Jan 2026 06:44:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 06:44:11 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11879\r\ncontent-length: 33545\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3559552824261306031\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95956,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-07T06:16:56.151049Z","times_seen":18320,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":269,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AB3.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AB3.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"64d9fc50-12c0d\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 14 Aug 2023 10:05:04 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 76813\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":76813,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 249 x 215, 8-bit/color RGBA, non-interlaced","md5":"4efe93bd780474540b29c662acef4d68","sha1":"2d588f15315c28feef52d101bff05d5a2071929d","sha256":"e52983bbd04e43f83dccc17ccff1064098ae925ae651f753e59b1530a0e4d733","sha512":"a671f6f778136d5177777d547405391c53e7d0e90bba65e1a6faaeff38177b66dcfd8424336a59338091b1ecb1be850d36f8cd01326b0d2a90585fb5a6a85cfd","ssdeep":"1536:yktUzCR6AHpeP9sKWZQzia5LNuVaWpFjHGNusN5XCLesk:yktUezJOMQzia5oVDTjC2CH","tlshash":"7373027c2341dfb0d4b88c5d36468fb64f010f16567c8da9e186c3a3a6875b13c95ab6","first_seen":"2023-08-17T12:18:46Z","last_seen":"2026-06-06T14:03:14.213444Z","times_seen":4366,"resource_available":false,"data":null}},"time_used":1414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":431,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7004.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7004.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760b-18f10\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:11 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 102160\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102160,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced","md5":"18b9c1ca12b579e3be9de7f0b3d765b7","sha1":"cabb9ddce1222608668401769754241d2667ac59","sha256":"81b7527eda1e9db86dc9704173b4e9aa50932eb8c80ea08b23d969899bca9656","sha512":"d5ade65bb5c370db13054351ace3e769a15b035e2209554402dd80ff0bfb4a0565224f91db56a2f85e654afd90d3425a8739e92a203bd8b283de0920e5527e46","ssdeep":"1536:DLVVsnnR7e7SgofhF00sUz4W3H9zX/NRnIA+lFXAyO2fNdJk50FU50+wH:8dovof3ts30z0VfNdumFALwH","tlshash":"f5a312e486384f54f4a175afb3e0312227576a2e5fe6d79c6007805192e98acce9f9cc","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.180112Z","times_seen":4692,"resource_available":false,"data":null}},"time_used":1164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":927,"receive":237,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7009.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7009.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"66825c40-6416\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 01 Jul 2024 07:35:28 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 25622\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25622,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"662d8356e6dceac75348e0114090fda6","sha1":"bfdc3c29c25969216c141634c6fe048df9ee4240","sha256":"712fb463f9d32f7c8e9d9b0e963336550470e37e40488939ed46ea823d89880c","sha512":"3aa2d4633350c2894f5a5f370c5ce61409fc79904be966ba486c3dccc9cdb51884ba4fb1ae6044395db53d6d637cceab6d0322cead96758603fcb786bd854cb9","ssdeep":"384:ycfIYR1b5uvAondqL5CARqhgeNcfS/m++KJdGtF4MltBXSum40msiJ407u:ycfIuuLdqLVE7z+g4f4yP0vcu","tlshash":"ebb2f2b0fe65e6735eb20db9e80c2933643b8174513ec8435339930639fc99bae048a4","first_seen":"2024-07-01T23:20:03Z","last_seen":"2026-06-06T14:03:14.204984Z","times_seen":1554,"resource_available":false,"data":null}},"time_used":1139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":917,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5008.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5008.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"65dd503d-62da\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 27 Feb 2024 03:00:13 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 25306\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25306,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"fe68bd976f14eae2ff73e6a8bd15cf21","sha1":"87d088019e1519543a97ed7a4434811af556fc99","sha256":"252e31e22c89ef440f39bcc016264c6917b141c78f82152a678038365b50752e","sha512":"7fd71e023d40b7f24c59404f745a6c79560e87f45f2a555963ccd33fe5d86b7e8f0997b0cc029e567b18adc9df90e114cddaf6e9dbd898a347e96e2e801ade44","ssdeep":"768:IpwOqVBeuec3K9NnZ0sqLFUrv4zv2bO/yUFjM1yyqBPnVqtmzVy:abqHePEWKskqQzeS/rjM15IVqtSc","tlshash":"f8b2e1c41a83d2c7f7c3ae96efe8469220628fe73aed9cd185e075bd063b0d62414695","first_seen":"2024-02-29T04:53:54Z","last_seen":"2026-06-06T14:03:14.250402Z","times_seen":2265,"resource_available":false,"data":null}},"time_used":1094,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":876,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=14950425\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fwnsmm.cc%3A8989%2F\u0026group_id=2\u0026channel_type=code\u0026jsonp=__dmoa1a8me8s","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=14950425\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fwnsmm.cc%3A8989%2F\u0026group_id=2\u0026channel_type=code\u0026jsonp=__dmoa1a8me8s HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-security-policy: frame-ancestors https://wnsmm.cc:8989/;\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nx-frame-options: allow-from https://wnsmm.cc:8989/\r\ncontent-length: 398\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":398,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (398), with no line terminators","md5":"50106a9c36f5bb1f99cb8e914118af9e","sha1":"3ec0581ca0ba4af2edb685f917ecd2406a742dce","sha256":"5cfd1fab810e4c19d7eb859af5ba07b57be4196fb18f8d06bb9293d10719a591","sha512":"d358e0e58134b170ba055e953599b825bed6f8be03f5b9f14656dac5745f07881650b11aa521047b8fe54d551f6c80f5a47cc29b96507649b8ba35adf033feca","ssdeep":"","tlshash":"17e02be6b6054665a9d593659504fa12ba7501f25140eebcb0a50204221f38dd224607","first_seen":"2026-03-04T11:45:34.60971Z","last_seen":"2026-03-04T11:45:34.60971Z","times_seen":1,"resource_available":true,"data":null}},"time_used":412,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":411,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/venetian117/themes/images/bg-menu-active.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/bg-menu-active.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d2c760e-3d0\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 976\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 60, 8-bit/color RGB, non-interlaced","md5":"2c32a172fa1ae3992482ab167e498ea8","sha1":"0db980b89936d1a7bc2dbd623bf148dbbc584777","sha256":"0c64f417a7b559b2d004aa79b4f74bcadb17e771a5a475a73547a318a6313a05","sha512":"a1350b3570ad1efacf48a427c093350a36546d46868e453a24c8635cc503aff2f9809b07553d45a4e9efa22224666c7c3344c16b6d68d895cd76fd21bc1f2daa","ssdeep":"","tlshash":"9911144cf6d0ac81514dd5c268f6502bd5121b40c6d0e166f9dfc5565d651fe482ccc7","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.973857Z","times_seen":5,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/websocket/CometMarathon.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 21 Apr 2022 04:30:12 GMT\r\netag: \"6260ddd4-2f13\"\r\ndate: Mon, 26 Jan 2026 01:42:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 29 Jan 2026 01:42:58 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 13150\r\ncontent-length: 12051\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6696517296386760098\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"466a7ed7d00986d45375c0cbffb5233c","sha1":"68845ead668e9abd29c24b491dbf97b219226c08","sha256":"7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123","sha512":"752801557c12ee7830f1f2e55352ab9c033aff01ff79abdffaee1601c54cdfc85a2041facfc5a7e180706812be5ad08668eada116544197fd2a784bac1903ea0","ssdeep":"192:0Pf+0Sn4NyRSTTPhvygOdWuTdC3d7QPXLHOm8cSCl1Ej3m7YAPzhsoqFncJ0j:0Pf+fnwfcXSaGLj","tlshash":"9e32314b6cf75085592b32b50f9f24447239d8572605e81c7dccaae48f98b6c0b6bfb8","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.163137Z","times_seen":17445,"resource_available":true,"data":null}},"time_used":2040,"timings":{"blocked":1478,"dns":0,"connect":0,"send":0,"wait":274,"receive":288,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl//commonPage/themes/images/hongbao/icon-close-1.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl//commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\netag: \"611369ee-17c7\"\r\nexpires: Sat, 07 Mar 2026 11:45:03 GMT\r\nlast-modified: Wed, 11 Aug 2021 06:10:54 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 6087\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6087,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"30eb0e841ea47a1f05854ebca3f9e9c1","sha1":"0cb9874c32ff8837c1ffaf89cba502ceb3483b2b","sha256":"382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183","sha512":"fd47cf0bb2d3596a715a7ad2e2f7f6437cfb93f341cbf24b9b8075149fa133c73abe01bee306ad60dc35fa0ce5a107ba622fea5e7ec6a72bb0722d984a25c1fc","ssdeep":"96:/2URCIOJqXmd2krCPBxOw2dzdZuNX5wxbx9sE/nK+/zGhVkLDDH/G11IXhI:hCIOJPdjQx12dTpxrsA7uMfGvIXu","tlshash":"48c1afe2285f7cacf71ddc65620a0b97da21fc570423daa4783952f9cac2604e5c1f8b","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:54:10.485567Z","times_seen":5825,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10182/1711606055060.jpg?wsSecret=f5bce5542eba924f2b12affb53801cb0\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10182/1711606055060.jpg?wsSecret=f5bce5542eba924f2b12affb53801cb0\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 28 Mar 2024 06:07:35 GMT\r\netag: \"66050927-60b73\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 396147\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12737542036532630162\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":396147,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 694x520, components 3","md5":"ea05613482b37c972203d296a8302d49","sha1":"29ad4407f037a0897e442558fedb6cd6f93dc76c","sha256":"fad2b22d39027dabe70f66a2896e8e37180d22182060a9568b5da06cfca8f893","sha512":"d834852f6ec6ac5e155354469976d81184e771a1f66dd569a05d7b0b8dd60c1b9fc272389aff51193052d407490ae9a4226651e004e97b0776321f08cca06600","ssdeep":"12288:opc7fHmD37KD2cgZE92aOzzsjCQMdCAPLO2r9:oBD37E2raVOz6CZFPhr9","tlshash":"9d84234b946f8d3a884c6d55d9f28d902b1b996c178bed60ade18c9b73ccc7f23211d2","first_seen":"2026-03-04T11:45:34.613158Z","last_seen":"2026-03-04T11:49:16.948295Z","times_seen":4,"resource_available":false,"data":null}},"time_used":736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/ftl/commonPage/themes/gui-layer.css\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d848f4f-529\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 1321\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1321,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced","md5":"a2e938202c0287b9c82461a6fd94dee9","sha1":"b5e2adc7cb07c18a70a88af314e56b946ec1a1b6","sha256":"df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936","sha512":"2c035017e6ef6d6be24cf26972434ff7b16760ac6f5418d83652e745007a117cb79f4f9fa542cf4098b9141d4851f748c5151cb1055ea2b1f42eb70eb72a809f","ssdeep":"","tlshash":"1321830eea4368009648bdc114f3a457f7165f80acd8e2f46e8aac5d2d103f96abd6d7","first_seen":"2023-04-30T20:28:22Z","last_seen":"2026-06-07T06:16:56.123492Z","times_seen":16452,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/info-list-3.png?wsSecret=66040e508cc0b6481fb7077a6ba1dff9\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/info-list-3.png?wsSecret=66040e508cc0b6481fb7077a6ba1dff9\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-91c0\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 37312\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12156347060583317746\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37312,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 206, 8-bit/color RGBA, non-interlaced","md5":"6b8782e3801b39d754bbf2f5cf21db6d","sha1":"8eda8a43c128b0517b0d439af57399da03daa601","sha256":"b961305409d939ee0c6c6d0fa27f67dc8028153d6fe600d1d8d16108d67c124f","sha512":"a45f73edbda484513f6d18c8663be46cc9163bbae5e77f4e5e50ded7d3b0b5bfa3d6be312a6aad317c4360fb0149523839216fb52bb59f81e81e24d270fc60fe","ssdeep":"768:WYiGuvIgevYkbRDE+txIA0oQUia+KpZF9xpgIemVdxg+t6ClJ2Rx:034vZJxZVQla+KbFnuaxg+t3JO","tlshash":"8cf2e154bc73a0840848729d612ced2e8d131cc06d957e86fd9fa841cf269b7b915efe","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.896192Z","times_seen":5,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/b1.png?wsSecret=b0bf9881858cd43731430a037f1857f1\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/b1.png?wsSecret=b0bf9881858cd43731430a037f1857f1\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-36eb8\"\r\ndate: Sun, 01 Mar 2026 06:05:46 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 04 Mar 2026 06:05:46 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 224952\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15985928675532928688\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":224952,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 510 x 318, 8-bit/color RGBA, non-interlaced","md5":"3beb83f3caf30535fe9fee4bbf6a862b","sha1":"8ab0671ee68daa108a77ed65714b2b21e54e8ec0","sha256":"f551b94fa3448ef1ad6a43f43943bfe7e0f11107ccab6966725e0f987316d8c2","sha512":"09a00fa1e2f11c8abbc5fcebfc0b99d9a8c15a9197ef96343e988c8410989621581171c16bda0ff766d0b97b465d1d6bf6d7e945bbcef6b383da49d4a17cebf5","ssdeep":"6144:NwUdXgfnAP3ghZslcgNH8LArym7iEUisxPQu56:JdXgffhZ92pryAitieoB","tlshash":"c02422dbfa7748ddba8a2e0801c0e8cf5d3112a9bf913068ddd1e8047598fb69119cde","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.024235Z","times_seen":5,"resource_available":false,"data":null}},"time_used":734,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":664,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/themes/gui-skin-default.css","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\netag: W/\"64ad1569-7b6e\"\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nlast-modified: Tue, 11 Jul 2023 08:40:09 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31598,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (7014)","md5":"1d6c464e8e5800ca483689206174ec6e","sha1":"d5ff05232c516152a711ec5c6d060a2f2cc791e3","sha256":"08d29322d883091252b3348e9514dac589896516374e8a319fd1190dd67f8e30","sha512":"4e259baddb36f5a8894c26f0f50c453200cb738c5e9d8131e146288a0d25ed3d4dd42f173392f8dbae521fd8344425b2b6e1ade92bd08edf7ab010cb577f775e","ssdeep":"384:/FboUEeh9ScJRfc0uGWw8Ms4N4muQh8v8brn8w/NtSmdz:/FbPSVGmNQjLPFtSi","tlshash":"7be29834f20022a9b563c7a570d1dd4a362de592d2170ebdf26b319c8f425ce263bb6c","first_seen":"2025-04-07T03:18:03.900415Z","last_seen":"2026-06-07T06:16:56.14072Z","times_seen":10699,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/float.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/float.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 26 Aug 2021 07:50:18 GMT\r\ncontent-encoding: gzip\r\netag: W/\"612747ba-1b2f\"\r\ndate: Sat, 24 Jan 2026 14:12:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 14:12:30 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 760\r\ncontent-length: 1929\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16149785004609898838\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6959,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"829af863b0cdc4a603919824ae046299","sha1":"1d417b1553e4ecb7125ebf2005b74255291fbf73","sha256":"1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271","sha512":"e1202fa26fd353dfb2f989d3d45512e0691c062076297399f5fe62f63e7f5b194fec4a3d7fe2f09be1a6a945e197e7d68445d33dcc6f80b23a315112d9ae5b6c","ssdeep":"96:G4SXFXVXDL+R5NxuHie/moRUgIm/Kv3RKXg+Iw3qCNv5IC80b7Yr+HpH:G7xhDL+jNxzeBVLKJ1LeqCwCxb7YspH","tlshash":"04e1506e03b1212195aff1beaf1e424c6631905b2507dd057e0c87c46fa493c4636fee","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-07T06:16:56.198753Z","times_seen":17477,"resource_available":true,"data":null}},"time_used":3847,"timings":{"blocked":1493,"dns":889,"connect":280,"send":0,"wait":842,"receive":7,"ssl":332},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/message_zh_CN.js?v=1772438913332","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /message_zh_CN.js?v=1772438913332 HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript;charset=UTF-8\r\ndate: Wed, 04 Mar 2026 11:44:51 GMT\r\nexpires: Sat, 07 Mar 2026 11:44:51 GMT\r\nout-line: gb-cdn-805\r\nuuid: 00117-01-00000000-1772624691dde9\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33499,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (15759), with LF, NEL line terminators","md5":"5e29a736bb07482814f4fb40f94618e3","sha1":"95031dd994aa15757b741e35e8165e6e54b396e6","sha256":"9cc0606e9e078be2bd4a7f0128364ad8a989ba363258d3d6058d8cf79b1fd3a8","sha512":"6df469c4d40670119fc0071f8339fc104ef3f9b8e96608462fb533295ae361da6c177d7d67a3ea50bb2da87e8c27cab6f4a54019f8feb61c5a846350d315c8c8","ssdeep":"768:IIy92nyfB+vODR01IRBG3Jpf3OEg7/wiwL38:Ib9BB+vF1IRBG/Op","tlshash":"05f24c8746fecbf68a4a0af99c5301ae22b557c8c9ec79147f90ddd92b457c900a7383","first_seen":"2026-01-15T08:15:21.544222Z","last_seen":"2026-06-07T06:16:56.131492Z","times_seen":6767,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10146/1749192478721.jpg?wsSecret=fc17eecc32da879463de63175250495a\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10146/1749192478721.jpg?wsSecret=fc17eecc32da879463de63175250495a\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 06 Jun 2025 06:47:58 GMT\r\netag: \"68428f1e-4b566\"\r\ndate: Thu, 26 Feb 2026 07:04:13 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nexpires: Sun, 01 Mar 2026 07:04:13 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 308582\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12233715278043025194\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":308582,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 694x520, components 3","md5":"17716f06195fc93790bcff73edc52d95","sha1":"a9a12855c383735c512209a86f93d2ef1c57ff60","sha256":"2bbed64747172502282c4bff236ddda683a3f378b656f7df9425c2b611e2ceb2","sha512":"d7ad4c94cf4a9860ff10a5a8505690d2bb70409dab6a71f572a965a7205adc9616584298264486aa241269d7d25eb83149077598c112f24301416d36c3dfecb9","ssdeep":"6144:A6fD+akMXi1m0Gg+azIWA/9hRWXDFOHgEJAMfYx7I8JXnBd+PPi4dS:A6fDaP/48DwHgEJjAxlRwPi4E","tlshash":"7764234ebf75edf8a86885386a1230205d2932f484d57b712ea50a31683e7d7cedd38d","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.026149Z","times_seen":5,"resource_available":false,"data":null}},"time_used":703,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7010.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7010.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"687893c0-699a\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 17 Jul 2025 06:10:08 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 27034\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27034,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"e2fe3030f6e191589a6bc1af7481ca11","sha1":"a88b30608eeb7bec842d6d209ecc6d7ed32935e3","sha256":"ecb0c48ad7a944eede4cabb0728de663f9d3532c401fef476df328851170b7cb","sha512":"3c7fdb8d352c1bb7dd2ea3bf0f4832b9af52360daa1c04d844faa85cf01fc6a9b2fa5516400b331858b37bdc107d72cad5fbaf169880770eca89432c2455d844","ssdeep":"768:KAuBDeaJpGiCKkwkgxX1ug7xmk5T61FFbuX2coYCK0LncC:RYD1EufZyOxh58FFbpCpgncC","tlshash":"5ac2f1d8a35383bd31dba688c9da57b3cde1afa21201b451ffb03684903726625e4289","first_seen":"2025-07-19T19:36:45.365769Z","last_seen":"2026-06-06T14:03:14.21643Z","times_seen":497,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":896,"receive":228,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/b5.png?wsSecret=7d734e43e2193580b097ed324b0ff9a7\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/b5.png?wsSecret=7d734e43e2193580b097ed324b0ff9a7\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-28cd9\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 167129\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6076930528636704437\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":167129,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 510 x 318, 8-bit/color RGBA, non-interlaced","md5":"8d48f3bb256ff7476b795836773e663b","sha1":"a823878c20c3185ddf5e8e79db414d0decc1faeb","sha256":"5b992db9c4c8cd7898ec1cc3f14274ac70fb639f6fa381a5bb4f0d155c103aa9","sha512":"4c5117d214b4b49b8240442a152427a9ec34dc41a7397700fc4721ac32395e14a61c9f5539452396771870158905d26a3f62420be99e708458c500e1b301a973","ssdeep":"3072:n15Exf2x5MGzB9Swp6Dr4oOPq119h+L1wrp0GP92Mp5zKGVYz:L+28GzBswp6f4VPq119hC1wN/P92iVI","tlshash":"55f312dbdbee07dab6d094876ed00b382cc285b1fb28526da3999e54c3144a18e5d1cf","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.031803Z","times_seen":5,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":722,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/1.CQtGlTmN.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/1.CQtGlTmN.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxsOa28qQEt7tOSzJD9XEfLcbJdg2jXltav00tfD-CTcm4N2W2rRh9oRHB4gHK4wFxutjfNerf8SXLMQA\r\nlast-modified: Tue, 03 Mar 2026 13:43:26 GMT\r\nx-goog-generation: 1772545406947937\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 55065\r\nx-goog-hash: crc32c=IRlKXw==, md5=ShDH/2edWmKWs+Fexx+l9g==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 19889\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":55065,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37790)","md5":"4a10c7ff679d5a6296b3e15ec71fa5f6","sha1":"7b6d3653a318fe95570cce84c6b5ba72a4bf5015","sha256":"67d420b46de773221b02141e8c7134fd015b59b5e5f745ccb29b3c92468be0e5","sha512":"89efa657bfefa3013105dcc1ca62f63a2e77067fc7068ded9f25e6e206602ea1adc9ce6c0788740a8b757c83b57a6f53a47c26f9ba10cd8f8fd966736fa3dac4","ssdeep":"1536:M51K4Z4zJvuhGqG1Qn9TtKP1V7g6FkE3cJbvM:AdC2hqw9TyV7ggkEMU","tlshash":"21334ccef14174315bf315f2a06fa106b73a2a2d384c81b0f629dd9925de44ba227f6d","first_seen":"2026-03-03T14:45:10.161206Z","last_seen":"2026-03-05T09:29:13.692326Z","times_seen":151,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.livechatinc.com/v2/customer/d6905650-6f69-4b9b-ad31-8dcbbcb50b41/2/token","fqdn":"accounts.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:06.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"POST /v2/customer/d6905650-6f69-4b9b-ad31-8dcbbcb50b41/2/token HTTP/1.1\r\nHost: accounts.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 225\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":225,"data":"{\"response_type\":\"token\",\"grant_type\":\"cookie\",\"client_id\":\"c5e4f61e1a6c3b1521b541bc5c5a2ac5\",\"organization_id\":\"d6905650-6f69-4b9b-ad31-8dcbbcb50b41\",\"redirect_uri\":\"https://secure.livechatinc.com/customer/action/open_chat\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://secure.livechatinc.com\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\ncontent-type: application/json\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 201\r\ndate: Wed, 04 Mar 2026 11:45:06 GMT\r\nset-cookie: __lc_cid=a079f926-9cb5-40c7-956f-f67b331996ab; Path=/v2/customer/d6905650-6f69-4b9b-ad31-8dcbbcb50b41/2/token; Domain=accounts.livechatinc.com; Expires=Sat, 04 Mar 2028 11:45:06 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cst=1b5150e620bba6d7e89fb7fde762db695976b92789979f3c18725a1e9b0e022339d4ab0a1ecc20d2458c59073f5cb1ff701d0cabae1a20276d3cf5d6c232; Path=/v2/customer/d6905650-6f69-4b9b-ad31-8dcbbcb50b41/2/token; Domain=accounts.livechatinc.com; Expires=Sat, 04 Mar 2028 11:45:06 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cid=a079f926-9cb5-40c7-956f-f67b331996ab; Path=/licence/g14950425_2/; Domain=accounts.livechatinc.com; Expires=Sat, 04 Mar 2028 11:45:06 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cst=1b5150e620bba6d7e89fb7fde762db695976b92789979f3c18725a1e9b0e022339d4ab0a1ecc20d2458c59073f5cb1ff701d0cabae1a20276d3cf5d6c232; Path=/licence/g14950425_2/; Domain=accounts.livechatinc.com; Expires=Sat, 04 Mar 2028 11:45:06 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__oauth_redirect_detector=counter=1\u0026t=1772624736\u0026tag=b86e09bea999ccf1f62f2d2663496902945968e4; Path=/; Expires=Wed, 04 Mar 2026 11:45:36 GMT; HttpOnly; Secure; SameSite=None\r\nstrict-transport-security: max-age=86400 ; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2ce492577ab745e7bafa9648942c0fff","sha1":"7b33a0c99f20ed791eb7ee18c49183bd8b7cf426","sha256":"17f090f0ac9ec079224644685db30e2cd9d0ac1b6966b42a14db3cdf80ac67d0","sha512":"ac0fdf168ca9029ecf1c705d1cf28838d99ceb23d3a992b6fedd16f140f63157a1a5c10a6e079de5efa86e842bac76941c0e4b753dbb9bfd68ee400e46a5408e","ssdeep":"","tlshash":"3fd022daa36abec0c9ea1f77d3490648a4120872a2c084cd10b5c4ae0588911634e351","first_seen":"2026-03-04T11:45:34.624365Z","last_seen":"2026-03-04T11:45:34.624365Z","times_seen":1,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/iframe/logo.html","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:53.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/iframe/logo.html HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 25 Jul 2022 06:30:12 GMT\r\ncontent-encoding: gzip\r\netag: W/\"62de3874-17087\"\r\ndate: Thu, 26 Feb 2026 16:54:27 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sun, 01 Mar 2026 16:54:27 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 48\r\ncontent-length: 51954\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10061566288151759349\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":94343,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"3dd81343979faa03a8bd956b884c4645","sha1":"19d44f0ade05c0c74ad7e271d0a0620e7f1181f7","sha256":"da94d7eeb0635b756e9c0d64a90e39bd56a42d121f0b54d5e122d2b01c32cdc3","sha512":"f9e1c6593b4277f8873137cd2727584c8581bfb8969728ef72e457c5d9faf95a7342a0a924cbddf2f7183ff3170e815302d3094401d2959dbed08adc7b096206","ssdeep":"1536:r6xa7QtFR8OnIsjkcYf2HGauJueZZVrVuxg0LbogebW7vwp43vvK2gK2HQ:Wxa7k8OnIQkn2HDuZVxupK2gK2w","tlshash":"889319399a5192effc425fc238e31172e4e64aaec7a4ca44c3e19d6cec160d0d52f997","first_seen":"2026-03-04T11:45:34.625569Z","last_seen":"2026-03-04T11:49:17.011512Z","times_seen":4,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/themes/fonts/gui-fonts/gui.ttf","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:53.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/themes/fonts/gui-fonts/gui.ttf HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/ftl/commonPage/themes/gui-base.css\r\nCookie: sticket=kRjeU1TMDROVFEzTF\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: application/octet-stream\r\ndate: Wed, 04 Mar 2026 11:44:53 GMT\r\netag: \"68b9576f-68cc4\"\r\nexpires: Sat, 07 Mar 2026 11:44:53 GMT\r\nlast-modified: Thu, 04 Sep 2025 09:10:07 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 429252\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":429252,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icomoon    ","md5":"791bc072a3e361510b60c0994a742bf3","sha1":"f08c63ea64126c0f3b24c67fd0e0c5ae5df1b08e","sha256":"7a8e26265738d3cb0f201a53fb168cd59bb721cf0407f00bf25f720cfdcd760e","sha512":"d5548476dd786b5d0d77b02d36199c32d7895e0be8084be18a682f02303971b4c85f6d48e1faa94f51b2eb5ebe61cf91f97299515bcde23fb654a94cbd445509","ssdeep":"12288:pI/XwKnKzir7YTsVYzb/nb/X3M1MP2EF9PpKHQ:pIjnvrsoVK/nbPOAlvP","tlshash":"0e947d07936def8e9451a2e24845d0235ce2e104df3ed366eece7c5cd0258e88d79b9a","first_seen":"2025-09-06T05:10:02.121568Z","last_seen":"2026-04-17T08:01:36.639999Z","times_seen":1267,"resource_available":false,"data":null}},"time_used":1105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":885,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:53.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 03 Sep 2021 08:10:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6131d862-48e4\"\r\ndate: Wed, 28 Jan 2026 09:15:16 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 31 Jan 2026 09:15:16 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11878\r\ncontent-length: 3111\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 18128011072617656949\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18660,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5cf9259b7dd27aacd46161ec23d261cf","sha1":"ba0c399616a5ae9cdd8aec5b76ba4aae4822367c","sha256":"7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc","sha512":"834ae73090b76f7dad48a5efa850a0009d5104cfcab402b7c343ceb49410584c3a60a4eea800d366f380dc8364f5f00e3d38101c379fd5fa19f9492781d9ada1","ssdeep":"192:99OUf4PBsPIOpyNYpyBVpkgdpkqg60yQG0yrGlwSlyDXLIXiYHIli5aT6XeFTfb1:C4CyFP/FgkFxUE6QS","tlshash":"b7821de599a31584751b8214dbee267232f85c83e40fcc6cf7df354f4f086a592a1a4b","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-07T06:16:56.112604Z","times_seen":17708,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO05.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO05.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"67fdc95d-6cbd\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 15 Apr 2025 02:50:05 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 27837\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27837,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"505b366063197b984757aaf0e3315017","sha1":"440637124feb2c6590edd326ea2b34b45a411b53","sha256":"09a4e892c6eb0af7b5938386c111af59360def5a81cc816123962ac5782d3954","sha512":"3976ae1a73f1aba64bc55f837957fcd3beb074f5949654607b82082919aba252446933e2995959d9f174c2b550c9efffa9d9ec455f84709ab4ce2d93fe7c3105","ssdeep":"768:hS/TWcPyMP/j61DTzJdakqnlB1br00s6Gz/7ohRo0XTQLpoMX:gFaE63zJdalHbrr9GzDofo0DKPX","tlshash":"bfc2f1df89a4b9ec365a50d0f9326ae3d7404d607b22c52b333a3415ee334da7650a72","first_seen":"2025-05-09T18:03:37.940948Z","last_seen":"2026-06-06T14:03:14.227089Z","times_seen":538,"resource_available":false,"data":null}},"time_used":1217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":982,"receive":235,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5012.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5012.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6875e779-557e\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 15 Jul 2025 05:30:33 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21886\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21886,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"07e20da3421cdf6058128d90181f83ad","sha1":"b17523f8875a7746c92e8b1f46b11c54b0e67266","sha256":"f37d81e941a32d42988c23bb76192989b0309ac0045ca0fafb5ab7762776e69e","sha512":"b53d28be2b8ac2e5d4c663c307904086d695a900809bd80e2f10cae99dbc59e05f1df642dbc3220c2e3af4dabb487b7b23298ff96cf007f7c8141bb045e8891e","ssdeep":"384:ZRya9qKN3fZON7ePA2zVMXByUAxmiTKIo5WTOQ+RtMT:Zp9pf4Sx5q7A9Kr5WCpwT","tlshash":"85a2f17b2766a858dd37cb90fce5369123b1c3678c56233853a8d74f5b3703296c2998","first_seen":"2025-07-19T19:36:45.30339Z","last_seen":"2026-06-06T14:03:14.19606Z","times_seen":498,"resource_available":false,"data":null}},"time_used":1075,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":865,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/0.D0pe4iQO.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/0.D0pe4iQO.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWx1M9ZhFE4mbeQqHB4fYMmPEggmuQ2F2acnMvq4eKI_LZRC5EU-JSJXAc6RylIyBOx0yKW_paY\r\nx-goog-generation: 1772545406947247\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 75439\r\nx-goog-hash: crc32c=tH/a0g==, md5=5iLVgrux1eGO2Hjq0y+1bA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\nlast-modified: Tue, 03 Mar 2026 13:43:26 GMT\r\ncontent-length: 23505\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":75439,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e622d582bbb1d5e18ed878ead32fb56c","sha1":"5f032bd2186d9a3ae7c08ec3b382d80c0c5aba37","sha256":"ae6cb07d09fa8f1ef60e3a5eee77e099674cec854d36dfb69bcd2f3cda4a878c","sha512":"a2bad043043ecafc0a33ec9b0b938413d284fb2fc698bb4ccccf3263ce201c7d96876736fed1648e01cc2a5edb57b5a14c920cd3e47f71f37239361399d2269e","ssdeep":"1536:oA1MU0ZmifmtX5KJBZLbNNl1lvz9iRQA0k3hd42XRCdCEQ:H1MU+fQX5W7vzY2Aj5XRCdzQ","tlshash":"9f7309e1f296f5399bd7a8e551245103fa363a18b86c8270f31cce14219e5c2b1b7f9b","first_seen":"2026-03-03T14:45:10.145234Z","last_seen":"2026-03-05T09:29:13.553508Z","times_seen":149,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/9.xhyEK0_l.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/9.xhyEK0_l.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWx84yCfsifW97bqXiJFQl8APv_96Xk4silfpuTaGPPDHM8Rxoe6SShOT81DQT9jMvRvJUkH8tw\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\netag: \"c96a39460d2b0a92409b2b92f3da88f9\"\r\nx-goog-generation: 1772545407047468\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 74\r\nx-goog-hash: crc32c=pjIEnA==, md5=yWo5Rg0rCpJAmyuS89qI+Q==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 74\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":74,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"c96a39460d2b0a92409b2b92f3da88f9","sha1":"c1ad7e3c7f38743ebadf589676726dad6799a9d5","sha256":"af2012b0cdfa449f186df2f8dc9b3e64b48b8c5c630cc8d3c4df61973499e7c4","sha512":"c6a642b4f09c7dc0b2679c972cc99e4c1e00e268d309aae062883d3eeeb7d3e39bef53388dd20aae7f733da57ed2374c1b12ded0997cbca2762b4b03c332cbfd","ssdeep":"","tlshash":"27a022ca38ca32ae020230300f0f20c0e0b8c02c030e0328800a0200b2300a002ffc3c","first_seen":"2024-06-24T12:34:03Z","last_seen":"2026-06-07T06:28:14.406595Z","times_seen":18418,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/10.al-9NYxR.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/10.al-9NYxR.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxA0E09cGv5He0TY-V8rKYdl9X0ZTj7W6nzl9At2eTU6lkkW9Gc8A3FDxm27resCbYjxK1OHO3rafmzUg\r\nlast-modified: Tue, 03 Mar 2026 13:43:26 GMT\r\netag: \"4a073c5805819d74eabd3e843372d502\"\r\nx-goog-generation: 1772545406961121\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 236\r\nx-goog-hash: crc32c=6eM7Vg==, md5=Sgc8WAWBnXTqvT6EM3LVAg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 236\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":236,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"4a073c5805819d74eabd3e843372d502","sha1":"cb12e953dbee2d3ea08d35d86bcd2476a490bda9","sha256":"0cb3247cac5de8fcdfb226ebe2dc4960b6ed473966359f73ca13ca286309122b","sha512":"036da8fb3959ebbef26b546019535a9edb7a99227a28252878247a756d3a7ea693f48e9ffdaf5886faa7fb2cbe56292bbf9552db5dd1d26e6574d8034ee183ba","ssdeep":"","tlshash":"ebd0a78cb643b0b16276b138853f801fb035e984a44404f0d13ad9c03d7c1a97597c5d","first_seen":"2025-11-04T08:39:27.95245Z","last_seen":"2026-06-07T06:28:14.425679Z","times_seen":16277,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/style/bootstrap-dialog.min.css","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/style/bootstrap-dialog.min.css HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 08 Feb 2022 03:17:38 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6201e0d2-ada\"\r\ndate: Thu, 22 Jan 2026 15:03:37 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 25 Jan 2026 15:03:37 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 49\r\ncontent-length: 629\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8634617096214029247\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2778,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1de530f14c3434d341840e454f9d907e","sha1":"344769c49f4cc6a6f33103300b225285148f8ce9","sha256":"5ce4dec3c61fc8df48e7129de5aea96abb161b1bcb72c602b6b621805b64a1c0","sha512":"b53258d4469e9bfd86e41c4806c13668262d2d116349ca1e5b7bd46411b7a7347a613de587a6af84c367b92775389edff55261cda5f4e55a24a023293ffefe16","ssdeep":"","tlshash":"0b519b0c0eaa0891e15f45c837ee6f3164b43093444eae9937ef332c8f85466b9f6b04","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-06-06T16:12:47.988822Z","times_seen":23,"resource_available":false,"data":null}},"time_used":3946,"timings":{"blocked":1530,"dns":969,"connect":271,"send":0,"wait":574,"receive":260,"ssl":339},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/favicon.ico","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:55.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:44:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-06-07T06:48:59.099938Z","times_seen":36058,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_13.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_13.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"62665402-6643\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 25 Apr 2022 07:55:46 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 26179\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26179,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"1ac91d4dfd52f26f9c5682cf67ac3f49","sha1":"6ca58050b81ce1be80d3b0c749b60a79d8413b98","sha256":"021c28d7d369afa39f3aeac128f91dd3f377fc910a35d76a2e9d2463093e3b44","sha512":"3fd83a646a48702e093f435eac29211bd527844f2645db029f753c2afcce607fccb4a462870f86930fc54eddb2522cb7314322368ae88cbf2489f60a7f7f3487","ssdeep":"768:aeMtiQ2TCV9WNuqri6GG5ALMRiB21FJ/WuqfoS3JhpKCBey8Af7V:nMAQ2WVwN7riFyiB69ilACBeVEV","tlshash":"50c2e065e22c92fb967be2ba77492e6e473d2218031e1a1d2548d02c910b0f6927bf80","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.248368Z","times_seen":4692,"resource_available":false,"data":null}},"time_used":1147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":927,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5001.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5001.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d4d4143-4f1e\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 09 Aug 2019 09:47:47 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 20254\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"45d0f5934f7f664e4fb397fbe69c0bec","sha1":"72a5c4e823954ec0111709b6aec71c1f0b08fe43","sha256":"3e9fedb5bbb6caac2dfc16278ba5d0c26483aa3efb5508374eeec9de7b9f9cd4","sha512":"cfec5459bd7ee7c65522e92edfc0a492039453ae291b895bc1c66f40f755ff9815bc8caf3b130ff1b79b2a3e0c14ee58caf6d75add39c0e42cabf77f3693173b","ssdeep":"384:PEl2tlr+nZWhleCU6qBwir1qctg6YirEkTPsnCD5/vHfliOMQpA83Cqza+:Pd+ZtNk9iwkzsnCt/v94QpA81F","tlshash":"6b92e1b057c9ff47cc2f1add47c828118e0ea8db6591cd1b1909c0a7de659b683a918f","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.188474Z","times_seen":2935,"resource_available":false,"data":null}},"time_used":1095,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":887,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026version=1250.0.2.219.518.1715.3.3.3.1.3.11.10\u0026x-region=us-south1\u0026group_id=2\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:05.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_configuration?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026version=1250.0.2.219.518.1715.3.3.3.1.3.11.10\u0026x-region=us-south1\u0026group_id=2\u0026jsonp=__lc_static_config HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=600\r\nexpires: Wed, 04 Mar 2026 11:55:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 2269\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6400,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (5629), with no line terminators","md5":"9ebf901b97bb6fc5d03a94d67dd4b59e","sha1":"b0c639e46879b0de71a78ecda4770572f9265435","sha256":"9a7a84cc44b8a27405e8b6f23ad723f4a8cd64c72c9474ee9c2e360806b7f9b0","sha512":"36cf288372373e92e5af81cbf569324eeacc3de5f8401d78dda24685c9a230f5215f623ec9a9efdb0dc8ceeda289da97cc4b5f6720b3b30a2392fa4f5c800117","ssdeep":"96:ZskKJGEeT4/3xI9ujUPr93t01Twr1wP/wGtJuNHqGUmTGEP/vCaq:ZsNJfg4/xgu4PG41aQ7Um6uKn","tlshash":"c9d1852a835fc8bb6277819933ca720f34496138f1fc593fd564de30a15a287d107e9a","first_seen":"2026-03-04T11:45:34.634688Z","last_seen":"2026-03-04T11:49:17.008769Z","times_seen":4,"resource_available":true,"data":null}},"time_used":428,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/sprite_logo_h5.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://7ngdqc.ntbnaq.com/ftl/venetian117/images/iframe/logo.html","date":"2026-03-04T11:44:53.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/sprite_logo_h5.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://7ngdqc.ntbnaq.com/ftl/venetian117/images/iframe/logo.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-559e\"\r\ndate: Thu, 22 Jan 2026 15:36:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 25 Jan 2026 15:36:40 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 46\r\ncontent-length: 6458\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15927194730845316983\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21918,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (532)","md5":"01a7a44d1e991edace3178d8adb28462","sha1":"abd4e088c6cf974c0e468dfd3673c9a02d4aefd9","sha256":"8b6d4a810163ac6f3b848425af836c2356283789e16e4dc3ca64ed62baeb4c12","sha512":"8a0300e2b8f19329e77cb7f458fba139c78b468ad6b930b829c80eccd24fb2cd3d3f0e37f7fe8c3dda4f4064b9ce98f74c2ce9f23568c11291bc0142486f6adf","ssdeep":"384:5AlUE7v7hB8ja+MZhsw+gRP9Gg481ZOzotgSV:0UE7vz8XMrtTbHgQ","tlshash":"4ca2977e36672732a98a61d59c3f66d16af124349c028d6c3a5ccdeb8a6cd0424b7f34","first_seen":"2023-10-24T19:57:06Z","last_seen":"2026-06-07T02:18:31.060343Z","times_seen":113,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_6301.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_6301.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"683805fb-5bd1\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 29 May 2025 07:00:11 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23505\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23505,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"f69896dd1326322975ec838d99a373f8","sha1":"a275b014576e0fbd9f3d232f037b676d19b7e24d","sha256":"b33639aa140c02dd343aaa939247c380d584ea1f9358983c1c38664903aa3c7f","sha512":"6ce922d48a991f6f04bc8a6808aa47bec3dca63b7b59bcd41a8a2c753707f9084958ddc7a17b5b6764225876b14025213e0afdd585b7e15ee188d1d0587777c2","ssdeep":"384:MEGtheXgcIkTqu5idhhFZVzclJSCmM+YO8XoZCyMAPJUpjhcnk1tYxPa/jqOvFQk:MXyIkTR5ipFol7BXoZCy7PJQjunkzYx+","tlshash":"f3b2f1d22d6b00158bc06d0caadf6c27fd9b600ad853ef4aeb549049415d613bbd2ee2","first_seen":"2025-06-01T09:58:33.096661Z","last_seen":"2026-06-06T14:03:14.165043Z","times_seen":535,"resource_available":false,"data":null}},"time_used":1222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":995,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/ti-vidio.png?wsSecret=95c117cd4aa26ac1a7e5248035cd8309\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/ti-vidio.png?wsSecret=95c117cd4aa26ac1a7e5248035cd8309\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: image/png\r\netag: \"5d2c760e-59f7\"\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 07 Mar 2026 11:45:05 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\ncache-control: max-age=259200\r\nage: 0\r\ncontent-length: 23031\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7308606730729667889\r\nx-cache-lookup: Cache Miss, Cache Miss\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23031,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 262 x 125, 8-bit/color RGBA, non-interlaced","md5":"0084589b4849012d86fe0beea8a53999","sha1":"52cc57ab7bdd9aea540394c0138f85812ed6cae4","sha256":"ef1e233694eacd5d2f6e5ec782f6a522eda1422dde62d05818547e7496ca9cac","sha512":"ce828aebd2237a36f3c6dc6f974ff9afc1b5f50d3acfef2c8c911f06e506ab1a71d2a330f43bbd000089ea713ed79c68d3d112a8a1b9f07c5cbbffbdca04143f","ssdeep":"384:K0wacLHi9meOOd7001exB+EQwlbfu4U9EIQNlXDo22HqFPrYsurNjm:KTHiO5bW4gEIQDk4E8","tlshash":"f8a2e197d34502551405991d2ca2622f90335cf0a63bede52e9c82d62eccdb2dc6f2ef","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.841Z","times_seen":5,"resource_available":false,"data":null}},"time_used":929,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":918,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/sounds/chime.ogg","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/sounds/chime.ogg HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncache-control: max-age=259200\r\ncontent-range: bytes 0-24427/24428\r\ncontent-type: audio/ogg\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d848f4f-5f6c\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 24428\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":24428,"size_decoded":0,"mime_type":"application/ogg","magic":"Ogg data, Vorbis audio, stereo, 44100 Hz, ~128000 bps","md5":"969410a9248d7041c21eea9ad83372cd","sha1":"6ea9d37de222647eb0f7d1623616a1ef20cf249f","sha256":"fa3c6a1be596748b3877d05ae1fa881186a0407eb4101bec435a9e9df9f232d1","sha512":"148f53629585ddf7ae874899d6dba3192fd5c7b50837e198fa1a9a6d668ac49fe07b6deef8dfa4f457011daff563f631da779071a3dc8a5c278ad0a559736b51","ssdeep":"384:KwToVRxoQjSijy0AFnLqAByl2v4r3A+QlBCDdOSmGzghr7+MkJO:2oCnW5ZLqABy9rmCSMgxT","tlshash":"87b2e0cadbe191ebf82ab0f945db570d07626959767003f29bc403682cefa271c22745","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.824898Z","times_seen":5,"resource_available":false,"data":null}},"time_used":983,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5007.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5007.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"5d4d4143-5575\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Fri, 09 Aug 2019 09:47:47 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 21877\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21877,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"feaff8384a2780bf50a660b657928245","sha1":"eb492cee9a7d13b8114aa1c75c6db75742d7ef4a","sha256":"ec33d957ba07daa21a098bc096b1c643ae64420e1924f0691b6b75fd4e8707f2","sha512":"35f36a1e3af4430128737602003d97f0c927cfdeeb8b23d29631b97e0afbac4f49e4120f5d81531082995148f90fc17ac51cc218e448c28b2ed501c4bcd8fa6e","ssdeep":"384:NktJoxbHCpbg1lcXPOtjQR+2A/3SZrbpZh93tv1qTm3UsT61I7lJjr89b:6foqc1iX/E2UiZrLDVWm3KCX/ob","tlshash":"cfa2d099d4219847ffca0656af6ab05c6e4b06071b9cb5f31e2ff8206da94d1c3ba049","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:03:14.187935Z","times_seen":2935,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":230,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5013.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5013.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccess-control-allow-origin: *\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-06-07T06:48:59.099938Z","times_seen":36058,"resource_available":true,"data":null}},"time_used":868,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":862,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/index-about-bg.png?wsSecret=3c555cfa615fd7c8b9e436e6a9d372ea\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/index-about-bg.png?wsSecret=3c555cfa615fd7c8b9e436e6a9d372ea\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-30dd3\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 200147\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4086353509521443214\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200147,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 364, 8-bit/color RGBA, non-interlaced","md5":"28f5140d29eac7960a64df2d4ba8833f","sha1":"4277aba3cb5980e98c9142cf57b5b090f17ef9c9","sha256":"ce18d44e1bb674686ba18ed0726b663d23708e989a60ceeafd255cdc51e36d3c","sha512":"229083da895da2d6ec20d948362c4d76525862f2fdea869e33cb0bfeadbaf8719fbc54e6455595538c640c176646eb3c5ad6b927d62a42bfe32e21cccdd02b1a","ssdeep":"3072:F7cJHnDB2VhhBjaKLkmj2vWKKC8gSo2vDCPogFhf66tzm1p/UPmF5iiWXub2mz:F7cJHDBGXphr6vWhESxvDLu6Gzfw5xz","tlshash":"7c14233ee9831d5515befd274462c34c2853c84026c65ac43d4bacfc55bb6b76cea48b","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.028515Z","times_seen":5,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":670,"receive":170,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_localization?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026version=4940c52ca0caf914a8b155bf4411bbe5_6aee3e71a91649f6c7519214e2118423\u0026language=cn\u0026x-region=us-south1\u0026group_id=2\u0026jsonp=__lc_localization","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:05.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_localization?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026version=4940c52ca0caf914a8b155bf4411bbe5_6aee3e71a91649f6c7519214e2118423\u0026language=cn\u0026x-region=us-south1\u0026group_id=2\u0026jsonp=__lc_localization HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=600\r\nexpires: Wed, 04 Mar 2026 11:55:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 5913\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13751,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (9191), with no line terminators","md5":"96f508caa7e2135b9fa98dc1edf67080","sha1":"ea426b20df6aa0b5502efeb09a721224982266fc","sha256":"4d21be17a8ad6f2a2c09c1850315da12c3ed77719ac53c1a54ec23cba667f8af","sha512":"64802a0ac99f7b0df652c9b76fd697ad50ac335f74e02f86c6526539f6e488e0d7994acdd92aa725a6ff2584a418ec811fd63cecd82f5c6a874588ba2cf3c285","ssdeep":"192:THXlChwBLXHjJ18GuajmiVdOFd79o5cKJmvmztlIQFxe2sHLUeaevz3hwtjIzso:THXlu8LXDJzui/ascHuLxteaevtnso","tlshash":"0d520a2807a9edbe02076ac4fa7b540a70d4268ad4d04c6bfea9c51c5745d8b738fb1f","first_seen":"2026-03-04T11:45:34.642565Z","last_seen":"2026-03-04T11:49:17.013255Z","times_seen":4,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HM3D.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HM3D.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"69672fb9-5af7\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 14 Jan 2026 05:55:05 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23287\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"3af6ca242db1495585d6ed26e8b030a4","sha1":"2c6997794f5b938d717c722a9b11afc4ef4f2ddc","sha256":"7f17a878e2fa1b34c34db2fd1f277b7196a9143c6690b0a76d5017fb924da0d2","sha512":"0b1dabe9e3d9df14fdafbb99b4bb6911bba583c2311f90bf4f74aa7cb2d7fa3520bff75ab7b693fec73d97a6550afc4425a7c4d129d681548561c9b7bd60dc3d","ssdeep":"384:YWsJH9oGt0SE7YgbMS/2cLYAK24ZWN+oYjRJrCNilYUeIIn3B+O/NmsKHUHxlBq/:YrJHSGHE7PP/2Y4ZWN2PxXI3B+WNhKgE","tlshash":"c8a2e1b959b51260cae284b56c4d3e2ee763cf0fed0be0aa8594d3433eb8319454c653","first_seen":"2026-01-20T08:54:36.730823Z","last_seen":"2026-06-06T14:03:14.172958Z","times_seen":160,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_802.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_802.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6864ddcd-4d2a\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 02 Jul 2025 07:20:45 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 19754\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19754,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"33e2e3ee8287b96165d28581f1d38680","sha1":"f97ddf03fc67408042c28239c094004c8cc877f3","sha256":"f1050f5509e7c327425f9f477ea2fd980f3b7821c590b9687bf906e3e016d95b","sha512":"1c0da2d3b57cbf0f01119e06a06432a90e5d8f34096e1dd06075d4ca956a990cfd167f36dcb6e288ad9d795057d9ca15a5338667340574ea6db8649304d92375","ssdeep":"384:3WEUshRC4FFmj1kbgdT3xmCaCTpJx29TaRhjg/578Ey:mEUshDFoj10OT3xfzpbMwjA8B","tlshash":"eb92d0166da9b1cd33be6621013dfd0e41e06afc2b89c176e6445e2167ed6a18ac4374","first_seen":"2025-07-04T05:30:50.967892Z","last_seen":"2026-06-06T14:03:14.26237Z","times_seen":509,"resource_available":false,"data":null}},"time_used":1142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":919,"receive":223,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162006.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162006.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-585f\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 22623\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22623,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"ab77d08744d67a5999df28994a7a273f","sha1":"7982eb6c33f80b7eb36e390dc343ee64ca8c93fb","sha256":"9d52c08d2f70d25ae57cbe112ac4b1fca3200988978a039b17f4570383bd090f","sha512":"01e6b278e6ac0413b0c5a6e6d306c096d163b477a0672ee859f3a55f7040b3365b7fa95a3421f26822dd6ea77927074b6a27b15569b1258e21dfa55a8d7efffa","ssdeep":"384:fNyBjr03cikv+IUEwgYyp5DfuY547D4QTlGRbYPjWZ1gvBomUYah5jRm:F6r03cLmNlODuSQ4QhKb6q1cBOYw5jRm","tlshash":"e7a2d0e7c8665e434bdc9c6cda2149a3a96e7e54700e360f8fb739b71b721adb540008","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.24179Z","times_seen":1782,"resource_available":false,"data":null}},"time_used":1120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":905,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162007.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162007.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-5b0a\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23306\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23306,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"cb6db8dc76ff2b878093da4620ce4937","sha1":"c3a99e6c914cee83d27693f36dba32f48a913d3d","sha256":"3c3008342182d514d9af91ccf37f25080736294eb4f4b68c2f334ca091d25a8e","sha512":"880093b5f77d2ce44a60532827863e35fe36b696acebcee58e372433a63c3aeb3c895d968f50d38cc16e10add74a17970e5387c3fd982f55c59fb143fb3d47a0","ssdeep":"384:Yt5aFbdjWCi2KbZ42qCGbzUv4tL2DUlm8WZvClSPBuzaoQPV+t8faQCxX9rFa:Y40CIFvTCziDUlmvuSVhPVVyTX14","tlshash":"48a2e06b071d272ab4466633d2a327bdf32d87c5d66838db91950784c389bb8ec11a4d","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.208484Z","times_seen":1782,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":900,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5011.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_65_5011.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"64619117-5a24\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Mon, 15 May 2023 01:55:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 23076\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23076,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"2ae6a25328f92bbd4f06bf83f0d64a34","sha1":"a182c94addc49f545829566f4f87e7cdf5a2b16a","sha256":"92d81aa551c89d28170300c1d6ae6e5795e33ac101988de54570fae720fa15c9","sha512":"a8a572677ccce1b1ec02d8dc2eab40a9da07682df60f2d4340b41ddfc5525b64f3084f2e7d28925d6c565deaa2bffbb0b8765444c5b8f71ad1d16de09c61e589","ssdeep":"384:v63fIzKfxJJIrWYRi2ghhKt7DMEmDkmrKwG6/7rb818sM36uA++WKjlNXG2N:v6gOfhI222Q7DJokm+wGgnQ18s+KjfNN","tlshash":"d7a2e1dc6b29131be5d23dbe25d31f364aa0c148fd53ab977804675a62f237a0a72740","first_seen":"2023-05-15T13:16:13Z","last_seen":"2026-06-06T14:03:14.178146Z","times_seen":2934,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":893,"receive":231,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/11.DJPUQwQu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/11.DJPUQwQu.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWw1pi3MtUSGD82t3lGPyyJRVnQiJTCHUzqWqECt76uVL_GCaY6S3d4QY2rGmtIaI7tD\r\nlast-modified: Tue, 03 Mar 2026 13:43:26 GMT\r\netag: \"640caab52100a1e9dfe618aaeb79838f\"\r\nx-goog-generation: 1772545406953552\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 300\r\nx-goog-hash: crc32c=IuJCUg==, md5=ZAyqtSEAoenf5hiq63mDjw==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-length: 300\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":300,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"640caab52100a1e9dfe618aaeb79838f","sha1":"4654776a82e5405614a595d40cb33ca2b5bae0b5","sha256":"fb8eb817d7251014c136b441bd4004fa6567908059013edbb938925f23b67ceb","sha512":"17d605182be517c5e797b2fd823b9ab7b6bd73d97bd2c3d11c5eb29d108cd350d789116528e351abaebdf3654cc65100b9e3353064ba38c9ab9008126c6a3061","ssdeep":"","tlshash":"00e08cbdfca8d92152f5e9f8c0b60822cb593b0e502382b0f60e6f4a9519199a552826","first_seen":"2024-08-27T15:26:59Z","last_seen":"2026-06-07T06:28:14.380824Z","times_seen":29018,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10236/1735673152801.png?wsSecret=c0da9ae2273dd73523df8bf02093c5ad\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10236/1735673152801.png?wsSecret=c0da9ae2273dd73523df8bf02093c5ad\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: \"67744540-1add6\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\nlast-modified: Tue, 31 Dec 2024 19:25:52 GMT\r\ncache-control: max-age=259200\r\nage: 0\r\ncontent-length: 110038\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8522441417334102855\r\nx-cache-lookup: Cache Miss, Cache Miss\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110038,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6f3a2d56716ad3c2a169771fbc6cacc2","sha1":"fb1740795dc126c80a3704c954aa64ce81684db2","sha256":"b28a209cccdf4250f56858bfc30a0900f5e388006023a4c05c16973e7eaa0153","sha512":"ec5a47c2509b8b0a6275c51e5e842d22d31c7b5648ceced2278b65a367847f87707905fee9f5f92a6ba5f050e5e7d190e087022d2771b095a6af1dd2c0403445","ssdeep":"3072:LYahlCvTkvfuHv8fjHB00EOjYPp3A1TH+5xd41a0fnscVt:0UlCvAuHvEjB00Hji0eXdea0fsat","tlshash":"77b31219bd4c6f952a350ffeca2521deb3266cc0dcd03236ac46f176d2b0ad924599c1","first_seen":"2026-03-04T11:45:34.648824Z","last_seen":"2026-03-04T11:49:16.889824Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":644,"receive":622,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10289/1765967948454.png?wsSecret=ecd8d28b37cf44732ea12f7f5d792e68\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10289/1765967948454.png?wsSecret=ecd8d28b37cf44732ea12f7f5d792e68\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 17 Dec 2025 10:39:08 GMT\r\netag: \"6942884c-4f472\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 324722\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17556469042924689434\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":324722,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cdf724f6bcd58dc74ef61171d2479939","sha1":"eeeeef8116da14c34f60b38b3de758c468f5d265","sha256":"c1566039a67a9d0afffd200fc8c55b37a752ac5ce35d437a45567e9ed0a25c46","sha512":"08c138701bc26a3df98c548d21cee14e877b27b62e606df9709997f6f75675834754afb33da82ba13c6ddf72dfb520d9dfe11b2947ea054ab0c3997223bf59d7","ssdeep":"6144:ICqn43JVD3QlMI/xdmuQSIK9SaZOAh1h3zQ9WnCdAQNBrTaV9JDXgFEOqsn:O4PQlMI/xdKSIK93ZOAtCnNxTYuhT","tlshash":"92642346e1215df5b06ed3783b382b12c865d406d36d162de6332f281bb27669e3dee0","first_seen":"2026-03-04T11:45:34.650143Z","last_seen":"2026-03-04T11:49:17.045829Z","times_seen":4,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/info-list-2.png?wsSecret=9833e5b22c8228fbc00d98c65d4391f4\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/info-list-2.png?wsSecret=9833e5b22c8228fbc00d98c65d4391f4\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-82ad\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 33453\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8744474844271762240\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33453,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 206, 8-bit/color RGBA, non-interlaced","md5":"a1a6d10abf732854e2f790303b40cfc2","sha1":"dd8f8a13c6da0c523ff366a92f558f23e79589bd","sha256":"ef55a6cd924734de1726232b862a407f9410fec21dd6e6625275434b94fb149a","sha512":"ee5943fe44aa905f40e12bd828d2eac0e85728ac99e3f17969fbbdc3bf580e4ac4f7a3b8aaee3844b871091211614ba942c6cd6c77ed1cbe3fa0d2568fc8d071","ssdeep":"768:WxIgekJ76bcfIniBy9Mc2rYHz6Z+WWca0e/AcgIv:iIgeHAfInMyGc2rYipgAcT","tlshash":"27e2e0aaac40378ae202fb1470e25906f37612494b957cbaf3d6c48bd805f5c6cb75db","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.021683Z","times_seen":5,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":609,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162005.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_162005.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6825b43b-6096\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Thu, 15 May 2025 09:30:35 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 24726\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"a23a0f7ef4c6e0349e1dc4790fa6166a","sha1":"ee5583575d53fa6aca885ffff65a53415feb7f13","sha256":"d5d22acdd32d43777f04d7e6328db70a5da2a6a07b49d792cb96c94a211e5bc7","sha512":"855a8ea3a30ccb17ee02e321dde2ad242f192c0569067708f601587583ff44e505c01d96ddb9f894a58d6865e3bcbe9816a339998cbf49eb0b95dcdd6da71b56","ssdeep":"768:RVZRaeWca6LBt+LDjt4WlKzrB/JOQNq/NHM6:HPaeWcVdt+PzlKJmNHM6","tlshash":"79b2d14221593e41a06d8bbd21fe837b55216c02ad81bfb96925fe0456fbb608b3d7c8","first_seen":"2024-03-03T19:58:00Z","last_seen":"2026-06-06T14:03:14.198029Z","times_seen":1783,"resource_available":false,"data":null}},"time_used":1134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":456,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/headerInfo.html?t=mmbyzb0r","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /headerInfo.html?t=mmbyzb0r HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\nout-line: gb-cdn-805\r\nsub-sys: msite\r\nuuid: 00117-01-00000000-1772624703384a\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 118\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":127,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"5ce9bbcd0f1718bc5d9e7185ec2db524","sha1":"a8567df1601b3a87ec7594814af1dcc424c0795b","sha256":"fe63bcda08516e9d2ba72d6aa63815237ab7a0473b0cd514c422cf28bc4bab49","sha512":"a3fc4dde8d2da2c220ae40458aaaad787e44265dd765ef2069e9385389512f36473d2dc5a81dcac17bab2ac9ecc0a3190a16d5ecbad580c02b023e26c18d0d47","ssdeep":"","tlshash":"4eb02228222accbe88838220c2c00200020a0002fac2bb0ce0bcaa0832ca2fa0222003","first_seen":"2026-03-04T11:45:34.652919Z","last_seen":"2026-03-04T11:45:34.652919Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/fserver/files/gb/117/carousel/10169/1698598030503.jpeg?wsSecret=e923b3bef4db79d70273d9faaac11917\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/117/carousel/10169/1698598030503.jpeg?wsSecret=e923b3bef4db79d70273d9faaac11917\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 29 Oct 2023 16:47:10 GMT\r\netag: \"653e8c8e-6187e\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 53\r\ncontent-length: 399486\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2869043953692814968\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":399486,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 694x520, components 3","md5":"89f1581bca60441ed6fcc3b63aaeda59","sha1":"562f8fea3bf08f0de04f88b7a85b90b5a682ece3","sha256":"bb1b3c107ffa7cdd1cdd7eede8988943e585b940bad6787159fcef7cd00bb4ba","sha512":"cb5df30309b9ae34112eb7efe2231f44819ec576f050d4183d8930c15402b976d25152631caf2372b707e932a35e453306778a607fd2a06e1516d84e0a35a9c6","ssdeep":"6144:66SJUKL6JC/NyP3+JTS/Fd7fTcn9i7Qf/MT1XOBlKFI/wqYN5IzSuV8pdWBltomw:ccUU8TGPigQXEXOKCZWGMpYtomequui3","tlshash":"fb842370f18c547971ace9b6fdd394363331a3469344eb4cb8acc859b1a9f4c78a72a1","first_seen":"2026-03-04T11:45:34.65406Z","last_seen":"2026-03-04T11:49:17.025216Z","times_seen":4,"resource_available":false,"data":null}},"time_used":720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_UH01.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_UH01.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"6875e779-56b9\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 15 Jul 2025 05:30:33 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 22201\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22201,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"31668b14f2e23b6791c1ae75ebc5d4cd","sha1":"69ca1211d9d4e73d45de6526019163263413f19c","sha256":"2cd29b488f998a1f4800c834b33a5b5d378d98295007b4d954e6030a3d6959e4","sha512":"d5fbd607603d6b29897e1703d2b4eaa5d8b0a6bede6e68f18805b274a8cd24d6e0fa9779c5952d641508942eb8001a1dc873d484d17b134cc088cfcd4e3a903f","ssdeep":"384:HOJPjW/AyWdMCKY1a1G4tiBBQYNwZ52H33hZkMVBYl/RnM2xGrqmGJMAX8gHzr7:uJgWdM/Y1StizQYNA2H3RZkMVul/BuOP","tlshash":"92a2d160fcc181eed849273fc0bda448dbe8fba041d09de9a99d7d1c56824615a7a38d","first_seen":"2025-07-19T19:36:45.383478Z","last_seen":"2026-06-06T14:03:14.215409Z","times_seen":523,"resource_available":false,"data":null}},"time_used":775,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":774,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_12.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_12.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"61a5e0bc-6784\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 30 Nov 2021 08:28:44 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 26500\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26500,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"dc21406f53974241a6ea9d1ba342a0a3","sha1":"d98181158619aa5993f35dc4821c26ea657c9c35","sha256":"656f550c68b469776ebe40713d8556d43af391da6cc881918da5f6c983ba823f","sha512":"79e780a1564748345fc8ac604200d1312a856c49057539b876cab3f3ca53f0c2f7f2cd9839097c293e2d947c6aca5ae440bcd43fba0cd50b23fefc40f325bc06","ssdeep":"768:g8HdFq2c0uCYTvIxT5q+YJViJlnBwYWzfRuzL/O:ZargPWVUMYWz0L2","tlshash":"f8c2f17cb008daa1d4a17fc00d13dbda2486b1f7733e7991c8a6943aeac6bbd1184747","first_seen":"2023-05-04T04:29:49Z","last_seen":"2026-06-06T14:03:14.218807Z","times_seen":4691,"resource_available":false,"data":null}},"time_used":1179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":720,"receive":459,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/index-mobile-bg.png?wsSecret=cdbb1d7ab1259baf1b5ec55c64582d0d\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/index-mobile-bg.png?wsSecret=cdbb1d7ab1259baf1b5ec55c64582d0d\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-346ee\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 214766\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8533052516726246681\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":214766,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1073 x 372, 8-bit/color RGBA, non-interlaced","md5":"d5f94db8a02570a47266f95465bbde07","sha1":"c30eb19802e2147938aef8b67badd6d64cb04e20","sha256":"fb4321a1c39e7a61a9a5425a106743fff3f3592ef29d242c4172be0d6969ca1d","sha512":"fe92b8de0a53c97117233e46bc2434088856e34c766b4aa312a2d7aaeb10a3f11620b24556e73ee269527aea3c7b721d705f29aa55fed43b2c8478a31f46a925","ssdeep":"6144:nIEKcl6b7Rq0IZ1KA3GPd91X4ROcsDa2+cX1myavLf5D:nXKc67qZMA3GFde2+cFmyaTR","tlshash":"982412c3a24bcdc86d9fc107cb422ef1878f5c2aee67e3161c7ab54e4201e665363681","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.823191Z","times_seen":4,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":683,"receive":164,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/index/getUserTimeZoneDate.html?t=mmbyzba3","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /index/getUserTimeZoneDate.html?t=mmbyzba3 HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncachettl: 3\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\nout-line: gb-cdn-805\r\nsub-sys: msite\r\nuuid: 00117-01-00000000-1772624704c47b\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"a09c15b805c85e9ccbb67bcf52160d35","sha1":"c2436898ee54de85498703b9954cb24f9d1496dc","sha256":"1ffe52fb1a6cb08b594b0528f5e16a5d75c623acc4995b9140fc83638be8d7e7","sha512":"6a2469ef46ca1ab7fc7ab490660c22c55c7762dfbd27c9c9cd82c300e75d00ca8324b2aef5677bdbf61e081bef98c031f6050e41f8891d8312e90260c4f8d10d","ssdeep":"","tlshash":"1ab0222000e02e8e0f3000a0cb00b0cc0e08200b08c3ca002eebee2ca8aca2a2808302","first_seen":"2026-03-04T11:45:34.657819Z","last_seen":"2026-03-04T11:45:34.657819Z","times_seen":1,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/themes/images/index-about.png?wsSecret=e8c2263d69995a014c20c680d61479d3\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/themes/images/index-about.png?wsSecret=e8c2263d69995a014c20c680d61479d3\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-217ac\"\r\ndate: Sat, 28 Feb 2026 18:10:43 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Mar 2026 18:10:43 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 54\r\ncontent-length: 137132\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 977724673079219209\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":137132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 228, 8-bit/color RGBA, non-interlaced","md5":"814e7383431137733a2a90a7861b410c","sha1":"dfd0761047d9690e14182e74f7f56c3a266b3bfd","sha256":"3fc9ce91ba6f5626757624d4d23a4d23ed329aea7de831ec7afd46c761b39fc0","sha512":"55d2ab63486a8e0acfd1b2b2c7a65eec552f4995908320db5158d31a47bd6e4e441f2e4c01c0acdac04a638648715628d76fdbeaeef3469ebcec75aa627de560","ssdeep":"1536:qdp3Xne4+MpqcSQQ78pT82A+Fw8mIUTlRxQh+9nVusp1FcxOqpC3zRw50aAbPRlQ:qXeGpL1A+aAKbQh+Z1OO2CaA7RlzVwO0","tlshash":"31d312d05892d2c9d27217df57c515a2a2dcb6ba6ddeba0ecd265c0fc17c20814aebc3","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:17.018278Z","times_seen":5,"resource_available":false,"data":null}},"time_used":826,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":688,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/index/getUserTimeZoneDate.html?t=mmbyzatg","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /index/getUserTimeZoneDate.html?t=mmbyzatg HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=7fca38b651f4c8d7cb27af5ac87bb83e\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncachettl: 3\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\nout-line: gb-cdn-805\r\nsub-sys: msite\r\nuuid: 00117-01-00000000-177262470383cd\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"0dca1ed5bf2156995baa6cda182581af","sha1":"c4cd8d00a97160216a4fdce92b09f0825e714e4a","sha256":"9ac8a7f72b60aa9b204abd71c9d463b94461dcc649d1092c5338fcdbab59e358","sha512":"50bba3641e0302d484c58526ef69272d21cbcc02a1618ecbc783d47ef2a35ae03ddc98ffb9aa4c50aa4058715e7d6f2cb9b84486c6a0776c36333871c6a4a647","ssdeep":"","tlshash":"ccb0926405e56e9e0b2040e1ca64b6c90e55615b08c3c6102ea7dd2ca89ce6a1808712","first_seen":"2026-03-04T11:45:34.66005Z","last_seen":"2026-03-04T11:45:34.66005Z","times_seen":1,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/venetian117/images/lang-en.png?wsSecret=97e3837a024730bb5368350b5b776dd3\u0026wsTime=1772624702","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/venetian117/images/lang-en.png?wsSecret=97e3837a024730bb5368350b5b776dd3\u0026wsTime=1772624702 HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 Jul 2019 12:48:14 GMT\r\netag: \"5d2c760e-5d3\"\r\ndate: Thu, 26 Feb 2026 07:04:11 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 01 Mar 2026 07:04:11 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 56\r\ncontent-length: 1491\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9410203015028229514\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 16, 8-bit/color RGB, non-interlaced","md5":"d5179b393dc2bdc3cba25cd72a65beec","sha1":"0d359c23c174908ad102441f81c66876399a78f2","sha256":"db9131d24a1d6f378d64816287e111b98bbd0b2cd5c610b62e0fd138abbf0718","sha512":"b5863d6d046b8cda29562fd7e4746796dfc7353a3b1b9c57f69712a9a606d76b856ec3c25cce2362f83674f8d879d8dd6591835b8f4bb2e6e80c60e345580e1d","ssdeep":"","tlshash":"1031c78af783dc84458df88114fa195b59250e8090f8f6a9b84fc4233c76060057d6ce","first_seen":"2023-10-24T19:57:07Z","last_seen":"2026-03-04T11:49:16.841986Z","times_seen":5,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":782,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31006.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31006.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"645b37a7-4d36\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Wed, 10 May 2023 06:20:23 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 19766\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19766,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 215, 8-bit colormap, non-interlaced","md5":"a678f783e25a467193ee4fa0252d5bf4","sha1":"ffadbf4388ce2dc312c720e75f9b9d73c05e93cd","sha256":"1421dad09cedb4c186e8b4ac1cc027955d52a9d268b29144d3d8f0d60d5ed075","sha512":"a0d8778f3f1f1fece96d05565f3dd88a7761726eeac3b24ab40e0d96c03754875095ca633f486f75f495bd0c2abc8fb81815d88e47cd52e16918d07e2980c1ce","ssdeep":"384:FX2SWlLhMzcaDdcNQUM1eu3roEYbLHjNQl65a0+AF8LHKkvQ5TQtyK:FGLWouyzpu3r+bn3ATNmd5TQcK","tlshash":"1e92e0a2cdfcf24dceacdf482445394592b65a58f8406f183ed42817724de6036e8dee","first_seen":"2023-05-10T18:45:38Z","last_seen":"2026-06-06T14:03:14.259618Z","times_seen":4692,"resource_available":false,"data":null}},"time_used":1134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":908,"receive":226,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bet365","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bet365 phishing","tags":["bet365","gambling","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/5.COnDpwuW.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:05.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/5.COnDpwuW.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWwkF8s-yFGEANOq_dXEhuLV_TVdsuvNBktXS1_4llAc6A8v1omxqybOyZwkvoy69ZF750NFdjPidEcOSg\r\nlast-modified: Tue, 03 Mar 2026 13:43:27 GMT\r\nx-goog-generation: 1772545407078950\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 218278\r\nx-goog-hash: crc32c=9OxUeg==, md5=VH12ihFfCxwTpBbcBlGMoA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 67261\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 04 Mar 2027 11:45:05 GMT\r\ndate: Wed, 04 Mar 2026 11:45:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":218278,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36682)","md5":"547d768a115f0b1c13a416dc06518ca0","sha1":"7f8fa3a9fb3f4a42bdf7f8e54f0620cfc21131a9","sha256":"d94c017d073799d844ba244e1472809a046dd250e5a7dd740c4f63b429213e70","sha512":"5426431966b1f3b78fee17347398a1c3dacb84ef2872dea69cd44e14f13a633e51159c05931b6d0835c8b6d4a2d199e3c874f7a7a2b2ca9f8c1dc0ee550c6b34","ssdeep":"6144:H3zu6cNIPxo+y30oO3fpKr35l37Fw9rqRDFq:Xzu6cNIq+y30oOxKr35l37Fw9rqR8","tlshash":"0b246cc4f18af53887eb34e6547e2002f63d6d18784c8560f758ddb63da858a9273f2a","first_seen":"2026-03-03T14:45:10.180807Z","last_seen":"2026-03-06T10:26:49.391079Z","times_seen":221,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/ftl/commonPage/images/partner/partner-hongtu-goldGradient.png","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:04.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-goldGradient.png HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF; route=ac3a5dd70d711e3044f5a1cf2fe56e38\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 11:45:04 GMT\r\netag: \"68b69275-16785\"\r\nexpires: Sat, 07 Mar 2026 11:45:04 GMT\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\nout-line: gb-cdn-805\r\nuuid: -\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 92037\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92037,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5286 x 72, 8-bit colormap, non-interlaced","md5":"9457aa32c1640c6aa42eaab43668e29e","sha1":"22658a30974fc558403d3e110d7d345030177c63","sha256":"66ffbc82466119d21d17c0d0fec1375cb6b4080cc0807d41b1ef871c489e9f9a","sha512":"3cff59142122fb167d63deacff2d06a5d1967d9c30169a8d3ae01acafe7b1ab9e301a87f3389ac50b7706394b25d8b6a0267b743371b1d3c79f5324624ab9fcd","ssdeep":"1536:cP5kDrEcXDIApM4GLxkCU4vPCbfJtqvP/nFt++5ZALd8Pw3dw/br6I++4fQDkeRx:c5kDwxkCUSPCnqvP/DG8PwG/br63HQDF","tlshash":"539312c355d6486b172ea19e2e7123e75fc61c1288360366552badbcf2fa30513e27f8","first_seen":"2025-09-07T03:07:32.262692Z","last_seen":"2026-03-04T11:49:17.014957Z","times_seen":376,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":438,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"api.livechatinc.com/v3.6/customer/rtm/ws?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026x-region=us-south1","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=14950425\u0026group=2\u0026embedded=1\u0026widget_version=3\u0026unique_groups=1\u0026organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-04T11:45:06.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/rtm/ws?organization_id=d6905650-6f69-4b9b-ad31-8dcbbcb50b41\u0026x-region=us-south1 HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://secure.livechatinc.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: g6fKObO6g2Rz0PQ704egHw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nsec-websocket-accept: NyKSYEEyISBGSbaOVCAlNUIVmVk=\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://secure.livechatinc.com\r\nDate: Wed, 04 Mar 2026 11:45:06 GMT\r\nUpgrade: websocket\r\nConnection: Upgrade\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T07:09:49.261984Z","times_seen":16206673,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":143,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7ngdqc.ntbnaq.com/ftl/commonPage/js/lazyload.js","fqdn":"7ngdqc.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"211.93.211.158","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:44:51.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/lazyload.js HTTP/1.1\r\nHost: 7ngdqc.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 07 Aug 2023 03:05:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64d05f66-2f79\"\r\ndate: Thu, 22 Jan 2026 22:09:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 25 Jan 2026 22:09:57 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11877\r\ncontent-length: 2731\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8064969082682971851\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12153,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"d87854586672bff7f886a47da85da5ed","sha1":"8d0537030dc7a81ade87a41a75fd5a75e4e33da1","sha256":"17859187f895c27de8869fb6bfec579fd68c4588d0af71d08d334be92d144ada","sha512":"d8c3e724f00bcf1ebfe1f8e96dda01243cf22aef18a0fc5a25a42d84458ff58a22a316dabf1d80d1b4f4c28db79edbdf9ba19df755d72f2b0b9f64497137672f","ssdeep":"192:Cdr+EgBD7NiM7B1wV20jSCQrF/bcbe7/bgdCx4RTsmS3KDsS3CggvBSChKRJ0Suk:Cdr+JBDYpV20Ez+obgdsm3ROCJIqSJvG","tlshash":"304200483deb51aba1d3b0f89a5f11447235810b160eee253d6c9395af6093932f2ff9","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-07T06:16:56.16731Z","times_seen":17236,"resource_available":true,"data":null}},"time_used":1742,"timings":{"blocked":1471,"dns":0,"connect":0,"send":0,"wait":270,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsmm.cc:8989/index/getAppsUrl.html?device=android\u0026fPixelId=\u0026accessToken=\u0026apiVersion=","fqdn":"wnsmm.cc","domain":"wnsmm.cc","tld":"cc"},"ip":{"addr":"20.255.200.238","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wnsmm.cc:8989/","date":"2026-03-04T11:45:03.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wnsmm.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:10:59 GMT","end":"Sat, 30 May 2026 15:10:58 GMT"},"fingerprint":{"sha1":"C8:92:C5:C8:81:D7:7B:6C:BE:89:19:DF:73:1A:08:04:EF:FD:3A:AA","sha256":"46:E2:FA:31:5A:FC:18:9B:3D:2F:99:B6:01:A4:6A:9A:00:1F:E0:8D:C3:60:2E:6F:3B:51:01:F6:5F:1B:DE:06"}}},"request":{"raw":"GET /index/getAppsUrl.html?device=android\u0026fPixelId=\u0026accessToken=\u0026apiVersion= HTTP/1.1\r\nHost: wnsmm.cc:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wnsmm.cc:8989/\r\nCookie: sticket=kRjeU1TMDROVFEzTF\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 04 Mar 2026 11:45:03 GMT\r\nout-line: gb-cdn-805\r\nset-cookie: route=7fca38b651f4c8d7cb27af5ac87bb83e; Path=/\r\nsub-sys: msite\r\nuuid: 00117-01-00000000-177262470347f8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 881\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1108,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"f372704747f43ba09e097c3b92b597e1","sha1":"6415663a5ab4fcd281bb7e71ec05365b361e9594","sha256":"7e6122938d0fa1fcb645f83487f35bf1645b70ef16532816eb1e89bd1cb75630","sha512":"3bc88e0e4c618f2551c2f90d703a45897235eb3faf18896cd0442f98d6bc000c331b6571db144bcad7e9535959e678110f4cdfa88ae28113c96d025b51feef58","ssdeep":"","tlshash":"4111f9d329914d52f4d6bc5d810f76345d3ae4f4759ce09438c88024fbc29d2b920403","first_seen":"2026-03-04T11:45:34.666194Z","last_seen":"2026-03-04T11:49:16.244874Z","times_seen":2,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}