{"report_id":"dedbbc0a-9329-4310-8bac-f3a695574305","version":6,"status":"done","tags":[],"date":"2026-03-03T22:30:01Z","url":{"schema":"https","addr":"weide73.com","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"title":"伟德1946年始于英国|伟德国际官方网站|伟德娱乐手机端","dom":{"size":12484,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6569)","md5":"e4b6703c0c710f60a4625b37a1a4702a","sha1":"82ff9fa4f8f1574045359a937858dfe0f010ebc0","sha256":"bf5f0927cc6eee5660f244fc0462386067bf05473f73569dde1b92876e9d84bf","sha512":"19aba50df1df05d296b0ea4f2bc598903a2d83faa164b98b9193f0931481c9d62f049bc7645f160dd1fe4f9c5af52f016a1f49ef0db6d0f7680c1c3860cbaa76","ssdeep":"192:Wj+GVB1E51N6mUq+99EG7B/IJCg8+Fku1VdtVoKR3mbADkSdI6:lGz1E53Uq+99EnJFk+VdtVoKUbKkG","tlshash":"f942b8a1ca20143cf057aa59e7c37f49273480139613acb9b7f059bd4ec16d7d2a6b8b","dom_hash":"domhash4295885fd6d73b8d8469407e3280c506","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"weide73.com","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-07T22:30:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"3rzeeh.ntbnaq.com","ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2025-05-07","domain_rank":0,"first_seen":"2025-11-29T12:28:12.74604Z","last_seen":"2026-03-03T22:29:00.61876Z","alert_count":0,"request_count":83,"received_data":6702393,"sent_data":39846,"comment":"","tags":null,"fingerprints":null},{"fqdn":"p213rv3h.2ryqgu1g.com","ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-07-02","domain_rank":0,"first_seen":"2026-02-05T21:19:35.066311Z","last_seen":"2026-03-03T22:29:00.715658Z","alert_count":0,"request_count":9,"received_data":1807208,"sent_data":4210,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]},{"fqdn":"weide73.com","ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"2017-06-11","domain_rank":0,"first_seen":"2025-08-19T13:06:50.775237Z","last_seen":"2025-08-19T13:06:50.775237Z","alert_count":12,"request_count":12,"received_data":751078,"sent_data":6551,"comment":"","tags":null,"fingerprints":[{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"cldxon.0er4he4t.com","ip":{"addr":"99.83.207.187","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-09-03","domain_rank":0,"first_seen":"2026-01-12T00:34:33.250912Z","last_seen":"2026-03-03T22:29:00.742908Z","alert_count":0,"request_count":3,"received_data":25911,"sent_data":1615,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery.super-marquee.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f77d83590bc0a69298f2fbcc5d9911cd","sha1":"1d6aa25d7052f53ad0181385e5efe72f224bbdb9","sha256":"1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7","sha512":"a39dc6c01df32c8f72842af346f4d67e1278d37a74a0541537b8274b421bcfbc547a2f4844f3c4b6c5cdda4c78f0a8f41171c87ffd149ab52526a95bc6c5bf61","ssdeep":"96:nwzrUsI9/8w/ISEgOGXFRNcrc8PQjc3Pb:+rUsk88OnJQA3D","tlshash":"2991252d7290f5d559cf3c3be02b0b050c785123a54e00927a65def279ba379a607e1f","size":4433,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.45509Z","times_seen":17453,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37f0336a6fe3f56c661b149ecf659efe","sha1":"9aff4163d5da3b8d760f0593c583dd8d1f6dfc14","sha256":"f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f","sha512":"d24a42f5f1834957e5616b5f61d52db98c3351e5ab3346f1fee8e7ca6ba62dc7c51f4ae645a8dd403194e2df3f8d2ea2c3b34d371a67dde201979552033cbace","ssdeep":"","tlshash":"279004510f71113ddc305157055c13747050c13ddc1ffcd43413d57c04741300011401","size":48,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.474023Z","times_seen":16833,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2dfe7db95be9792922530c88ef88da4","sha1":"fc992fc77fdfa4abe3570569fbdc53a1c5714c0c","sha256":"d05ab645a69476e9a8ba932b58907e3d8f103bf23aedafbe3e76b27f4a22358a","sha512":"99065782830b3e3f013910fd9aa795fd6b341e7892eaec200ad05305920552798f2446dad45dd254de8185095f36af246cee24052b58f05eb17dee20d59b5abe","ssdeep":"","tlshash":"7f210e524f048a9b77cdc7195060241c6ccca06fbc94b988f6ce9ba70f5ea9e56fd083","size":1279,"data":"","first_seen":"2025-10-03T11:28:12.468736Z","last_seen":"2026-03-15T12:05:04.391268Z","times_seen":1669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"63ea9d5baa23efba6502562daa51974c","sha1":"c7b9b71f3b502e5391f857d28176a1961dda40ef","sha256":"4c7485c4baf46122d7c6bfcef95e51b2a6e7856e148b0599611607cca6db9219","sha512":"6866098b120aa0ca04ec68d6e4a6cd37f753169e1924e2b8cb5d02e2b69427c8c614720b13171a38b9efa5373e378d2c49a8f74d238a8214097498d57c827f1a","ssdeep":"","tlshash":"e801c6208c3880926c500360233b7b0db522423b4c81e588b21e9ba03fea8af119a3da","size":707,"data":"","first_seen":"2026-03-03T22:29:04.418256Z","last_seen":"2026-04-04T16:23:53.777601Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2dfe7db95be9792922530c88ef88da4","sha1":"fc992fc77fdfa4abe3570569fbdc53a1c5714c0c","sha256":"d05ab645a69476e9a8ba932b58907e3d8f103bf23aedafbe3e76b27f4a22358a","sha512":"99065782830b3e3f013910fd9aa795fd6b341e7892eaec200ad05305920552798f2446dad45dd254de8185095f36af246cee24052b58f05eb17dee20d59b5abe","ssdeep":"","tlshash":"7f210e524f048a9b77cdc7195060241c6ccca06fbc94b988f6ce9ba70f5ea9e56fd083","size":1279,"data":"","first_seen":"2025-10-03T11:28:12.468736Z","last_seen":"2026-03-15T12:05:04.391268Z","times_seen":1669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/Button.c473e3a2.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b0152d00c2f305df463d02d2b26bb0d6","sha1":"ec985c18f069617a87b4c1f1c20e1a96b6972049","sha256":"ff2743d0c5f71a004611574b1ff6fef857173311483414ee569f9b6fc312a28c","sha512":"51ddb771b6b8046a3a7119f99ea7fa3f97fc7fe43c29314daabcc4f6e85e536232557d5087e3276eeee122de200d61cd3e9d266c77d4a1076e6a6d4dbd995fbc","ssdeep":"192:VUCi/WvmQ/y9OmrgX8In8A1gLGWNKi9N0FjcAVD2Mk0srw3:Vc/W1/y9OmkMK8fKWNwAAkL1w3","tlshash":"4722c8ccf0a521274393a354e13f284472766c1c4895a118b65a9ce17ffa17fa22ff7a","size":10371,"data":"","first_seen":"2025-12-19T03:52:37.948953Z","last_seen":"2026-03-19T23:48:50.679836Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/lazyload.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"d87854586672bff7f886a47da85da5ed","sha1":"8d0537030dc7a81ade87a41a75fd5a75e4e33da1","sha256":"17859187f895c27de8869fb6bfec579fd68c4588d0af71d08d334be92d144ada","sha512":"d8c3e724f00bcf1ebfe1f8e96dda01243cf22aef18a0fc5a25a42d84458ff58a22a316dabf1d80d1b4f4c28db79edbdf9ba19df755d72f2b0b9f64497137672f","ssdeep":"192:Cdr+EgBD7NiM7B1wV20jSCQrF/bcbe7/bgdCx4RTsmS3KDsS3CggvBSChKRJ0Suk:Cdr+JBDYpV20Ez+obgdsm3ROCJIqSJvG","tlshash":"304200483deb51aba1d3b0f89a5f11447235810b160eee253d6c9395af6093932f2ff9","size":12053,"data":"","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-06T12:16:55.441827Z","times_seen":17189,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7fc9255b40b1461864b93ded1050ffd4","sha1":"f68e8ec340f109b67ce0b0d74314ca0019c6e86e","sha256":"28ef79083005d615ff1f31870d4b99dd37d11f2d62bd81cfaa19958c46685e0a","sha512":"fdd12a6d6ecac0ac8fd16714e90553fdd1a58c46b0c7ca3cc7240eee4efe730ad7cce349d5614bdb970f897ba9d27722e94955da3ecddcf631bb2a08db3d49f6","ssdeep":"768:2KytGUxIjRw4NQoUSlknDiJOT5LzeuuV4X9At3S+zLdF6e1A6Iem:VytGUxIjRw4Nc1Xe3S+dMYA6fm","tlshash":"53e294cc6ba65821e9e7f13fa54b1f58321c8c5b5a89985f7c5c25304fd0a2212f62ef","size":31506,"data":"","first_seen":"2026-03-03T22:29:04.419736Z","last_seen":"2026-03-04T20:03:24.483196Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab8b1bcffc72e505e0f37f693d6a87a5","sha1":"849c792d84445ff1cc946c4458255dce152a68da","sha256":"36e8c37b1055713547aa080372b86615e1f9858d3f632cb0f949e05247f8e607","sha512":"cb717ce8dccbd48d7b8ac79f8018ff327637fce9ef4441b832a9ba7af57cfae5e476170ec2490374e8026a0b6a6a265399d4ad2801ebdb37b7a0092d8f9331a3","ssdeep":"192:1BDi+KreB5FlJ7KRn8rVavN3nryOcCxiAcJGw/d2mi7yn:TTKCBRhKRn6YEDdV","tlshash":"ec42c8a821fe392301d371394f1e6a072532599bc396ad013e5e8b884fe977c46b36c7","size":12737,"data":"","first_seen":"2024-06-28T11:39:26Z","last_seen":"2026-06-06T12:16:55.478638Z","times_seen":12619,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"6681856885ee92601b7711c11d19553f","sha1":"95ab4437869df8c790cad28e0753a4c9ea362e73","sha256":"ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23","sha512":"5f2a2fe1e899778e0687301ff306fd8c35b869c0675f726653be98393da31fedc388b4d3ed25d7075a0da69656458fc929bb00daf92e1381e19bb49764bea4b5","ssdeep":"192:dvbLsKRfG3Ncq2w30CowkzcDC/L04alCUM:d93d3","tlshash":"1722cb08f1bb1da540b3203c1faff082ae64564b9d89cd02bc4d59c45f09aede971f9a","size":10725,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.479222Z","times_seen":17231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/gui-base.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6ce47d880d7a50ddf91b074c8572edf","sha1":"6a3657c67209136e5b544859daecf16f2d153b72","sha256":"c49e04c7ecfd07c74b58cf161ef2b58f2bc837a9091ed1ae090a33734cdaa734","sha512":"0946a1cb9d048b485dadf4056a4aa7be685a8906240a828a5ac776a4e1eae2ed5ef238bd0724da41cce33324357ba44704d34a6766430f1552630f9a17b664f4","ssdeep":"768:+lkflKVlvREcS38xHmuqrRO/5IS3oFaJX+mQdudqD9jAXImsUh8H3yALdODRG4eK:6ClKVlvREcYoHz0PszIfoALkMEY16pB","tlshash":"4353c80a72b130a106efb1b6515f460d323a6927d44ac458b97c9ae43f74f28316bf7e","size":60909,"data":"","first_seen":"2023-08-26T00:19:56Z","last_seen":"2026-06-06T12:16:55.428303Z","times_seen":16643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/idangerous.swiper.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f15409fb02c527ce1f66a2fd3c4aa0e9","sha1":"1e1e1bcc0f49e99e14ba34991cffe0745178d302","sha256":"1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27","sha512":"66a384d6ad5fba862e778e24c43326a718328b6f860469fb5eb69c2687b0bbdc3c2dfa9049b0e3d5509214db1dbec4477f5c3654dc04446a505379a4300d4908","ssdeep":"768:oTFZ8CkWyYzh9MTvl7prcAgQW5ppZ+rPPWRqKDyBuq0t:cZiY9uTJuAgQW5LZ+rPPWRLt","tlshash":"5613f8c1b32031a741f3626e91fecb4271f54966aa05d4dcb5ed84c41ab489a03beff9","size":45187,"data":"","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-06T12:16:55.438029Z","times_seen":17250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5bc8cd626b389bde727a91e6ce79436","sha1":"3df6c39300ac286cf596b3bda273cb39ff825429","sha256":"a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e","sha512":"2c1dde58ce83d9b716919dfc42602aef3022be012b3f92e61b17b674303ecbf0b9d308064b6d6c2443cf3e3dfd36bfb332eab62e64b56bef0be801e6f4610f12","ssdeep":"768:CwJl9VwAdGuMbJVAOi9ee9RjOEe1sdMv5rjITry:Cxb7AdRjOEKhHay","tlshash":"9553a7cd7522346b05de5235d18b4b4a623a9857730b90e4762c8cf46d29bbaf223f7c","size":64651,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.409608Z","times_seen":17570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c41709c2b64126b909c101a27f39153","sha1":"4ab666b36c092577acb41390ad90e96d5fea7711","sha256":"c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60","sha512":"f235dccead15199e58495c6faee849c50252b9beed29a04ae46a7a9bdbccfd569a8ab452e7fcf923b7048dfda0c3d7bd51261874642d40e994d1640ca89e330e","ssdeep":"768:u4ygd0iB6d9zYDO5qYT8fwTW3Jny+XiKZNtrt2tG:NB0iB6d9zYDO5qYTMwTW3Jny+jrP","tlshash":"e6c2b7093585102f4ecf30fbb897524f72ba95a45019a069b5fca4d1bef9f8530a6f38","size":27822,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.46157Z","times_seen":17375,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d15a9b513acdcf3e9b08901384511565","sha1":"f1fe72392137895e4952f835c0330f76aacfecdf","sha256":"9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995","sha512":"9bb3e57667fd095c42db5514ac18c9b41baf50b81ded3ff810486ce394e1034751a941fefdb4e0e09bb98613b5dfc0a842d37cd9802671928e5f49380b9eda29","ssdeep":"","tlshash":"b071013cf4fa2228282b6085779b2821a5915427144dfd0cbb1ff3389fe9d25ee566c7","size":3647,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.47986Z","times_seen":17224,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e35f3543a410dd5a5b6c6bea7585d15","sha1":"aa9611b834b47ee702867393a9aab2149849fcca","sha256":"f2a145ddf4c41c36235fb4495cb8a86695bdbcc51e36c7ae215a9c4cb17a2243","sha512":"7d9c794571f4043a56524a24bd35b6f8b8796f9dfb7bd97fb0aab7338a6d8b0091b376a9b3c1338f15eb118a9fd261178807ab11ae52f71682e1872e9c0ac11f","ssdeep":"768:+IjRw4NQoUSlknDiJOT5LzeuuV4X9At3S+3+GW5IXIaIqIYpK:+IjRw4Nc1Xe3S+3+hb","tlshash":"abe297cc27769811ade3313ba65b7388716c8c1b988ddd94bd5d52241fc0a1a22e37ef","size":33941,"data":"","first_seen":"2026-03-03T22:29:04.423574Z","last_seen":"2026-03-04T20:03:24.485626Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/bundle.7126c698.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"03585f467dd1043465e62024d84e8501","sha1":"1e5cf8a55c64abec323fd2af7e5823a22b4c18f0","sha256":"4cbd5c79ff097907e8a54d23154bef1b9b8db97a75ec78fb7f7fbc994e723353","sha512":"3c0bfd9bea584f9bc4acdac9815c499327a54479686c2b5e8189517433d9913de43dea480a34577ca551a0327e4d2cfd2271d6c598d4994b99119261805e46a4","ssdeep":"12288:nAQt366fCmXM7t36yfCNXYpnjhftWhS4V:ACfCZbfCSntwjV","tlshash":"68d41898f081b42856736161b2af360a7236a916ba4d4468f536c1f4bdf60cbd323fdd","size":623006,"data":"","first_seen":"2025-12-19T03:52:38.036277Z","last_seen":"2026-03-19T23:48:50.648715Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"cf0aad09d2e7287c48d72501c4ed8cbd","sha1":"7950b8c00d5a278b662dbccd11af31398a408e51","sha256":"72512199b29d971b5fe854b1f610604dcbdec2c38666c106f1d15863e0df32db","sha512":"2c1680bded9b22be2e6c38d76e46ef67bd438c6c9d99c804f9dcb77ca30bd5aa6f090c89a51205cc7efb466040a171eaa318ffe6fdf046c924394ce7867218f7","ssdeep":"","tlshash":"75d02b4472e3280c08f22b214cde250508a271b610484d08b10ce9d64bb5522b97773c","size":278,"data":"","first_seen":"2023-04-14T20:29:13Z","last_seen":"2026-06-06T10:13:21.131608Z","times_seen":12994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/websocket/Comet.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1008fe6a5e1a182d7775963b85405bb2","sha1":"e174a7b08cc3cb5545af1cd33d2814e604119392","sha256":"7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20","sha512":"26e07821ee1e8e94c4bada028e049df7572cac06f2e8dae958baa7a011eb201a6a1d4ed0cfa15017a3f52a0cb949343de0b33ca6da7c245f763c86d5adfb0223","ssdeep":"192:4Pf+aTbLSru4NyRs8VDv1KygOdWuTyVC3d7QPXLHOm8cSCl1Ej7bY8l7YJIJvO5N:4Pf+aTbe4M2cXzsjDUfj","tlshash":"ab721e4a2cf76086552732b90f5f64543235a8172605e91c7dcca6e08f98b7c1babff8","size":17162,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.44732Z","times_seen":17399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/layer.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb96339625e9d456e32f86cdb3c7a7a1","sha1":"1301165c58bbb13c542cba493b7ab5774e87e31f","sha256":"17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919","sha512":"53083bf4d6d450b1e9402c3f3dc40fb3434a27d47fbabee51f4ce1d3577f2a0aabe90cf5f6dfc22830a3878ec7552a6bf6bff605c82a4f832c79f34f7657ccef","ssdeep":"384:r1dCih92A3DgrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:r1YiV3D+WtXItqF13k8","tlshash":"6aa2b76a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":21994,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.442317Z","times_seen":17387,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f5bce1aa50f72fd0834901c70db4f43","sha1":"41771079bee5eb45539e694a5eff580732ab26b0","sha256":"a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd","sha512":"d1445eef1431e8e11779bb3aa9da243cfc04ea0abe4cb9a62b6b0f5940a9ea17ad7d0926a51925feb06ce2afc435ce9050c3955ce973407eebfa4dd1d0ca35af","ssdeep":"192:cyzyMkzf77qsBQXbhG1SUnqpT7H8DvswVAJ4jy7j3vU4P8eaoCrHoQcasI4kHwCW:mMkjq0TqEVAJ184P4DiQzR0KmgqQ2N","tlshash":"599210b876f701b24c667477875a2144e100f0ebb648ee087d4e56dc4fa8a34b3a6fd5","size":19701,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.48115Z","times_seen":17198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/moment.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"36c8f828395a9395549bd6e7307cb7e9","sha1":"f30a4961558e2d3d4405e7d93aa28fdb63245e78","sha256":"5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33","sha512":"40c24a9011e1bbdd98bd95b341c400bdaf48fefd953fcb407368fe3c685ac09196b55e230c03ca9890c35fe9acef2c916bed52423dc1a7b532a1db9817c03a8e","ssdeep":"1536:qOL1yBkBeb9wNoHpH7tjl2Ulwjwaj2BH3fMobEKeYEoZYiMirUw0:qOCWeH70R2BkobE+cw0","tlshash":"aeb35f5a59e31023496362294fdf2011ba388123590dee487d8da3d49f9ed7c47bafec","size":117433,"data":"","first_seen":"2023-07-29T10:21:40Z","last_seen":"2026-06-06T12:16:55.432072Z","times_seen":17429,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"edaddb8132e9e0880252c5b6c47bf1c1","sha1":"dc08b5b6ca432b46cca94f1f297491e1b08736ea","sha256":"b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e","sha512":"00dbcc0a7b89e5e377bc26573fa3b9f1d09267044b3ee1c594e22522f8a17733bf041ebfa09ddb2e70a9f495437933f8a4e42875a16a3221067bf1df558c090b","ssdeep":"","tlshash":"da4000000000000000000000000000000000000300000000300000000f000000000000","size":6,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.482866Z","times_seen":20297,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/vendor.4f844090.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1550da77b83ea7f92fa72c28654b0b07","sha1":"bdf997b0f858feb25fe28e9aedb9ac9ab199f143","sha256":"eb4f74cbc5b25824f7f0bb24042143a6495404ce6d2316886ff2c5887e52c020","sha512":"0d4ec259e0a05aa51ad1d12030c8eb7a40bfb5dfb74c2285389d0461e1dc640ddf4b77d58628f9a1cd9a92ed9d764bd90dfb1fafb85235a2c270906ce606fc2e","ssdeep":"3072:JlPm6jZ+uUcYoazxkXfDirssXrs1zFzToZpGYPfKX9dT3ZFUxxk57AT6m/FA:mzuv+pIzMvD6UFA","tlshash":"32f31bca32957c5552aa31e2887f090ef33a1d66348cd068f6a5f5d23cb540e9277f78","size":157958,"data":"","first_seen":"2025-12-19T03:52:38.075217Z","last_seen":"2026-03-19T23:48:50.690511Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/common.032d44c1.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d90fe732a8918235001f90a280ee3fd","sha1":"7e16f5554ebea2306f378b175c18457aed09bc22","sha256":"35d46a2ae61a964d46b8d668fa0d32e3cdb9e975f848692ebc12916b32078e5b","sha512":"0600dab872d39f5e780664b3c654b854568548399779eb614e286d39cc74030f40c63703c08161e995f45aba2aa8c9413a64b7938d81cb20eebe1dd84c8a98d6","ssdeep":"1536:9QARRaYYKZIknaW+lwfZA/AHJQZ1WpbuRIRoxkpV48KbnmrbB2L:93ZIkaWAw7KbqbB+","tlshash":"b2b33afb73c5b2f44143eb64e41b6410b42e3cbe7f9587d48255cee4b9b0099898ee98","size":111648,"data":"","first_seen":"2025-12-19T03:52:38.055006Z","last_seen":"2026-03-19T23:48:50.675664Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/commonPage/lan/i18n.js?t=1772576978.416","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"65828da439e8eb2288106b03ec85d7b5","sha1":"accd9e565e263f953679714ea4796ffb1f70aec7","sha256":"10c079da0a99a3ccad86a1a6ea3a9cd2fb87a4573bc1209735bcbdf1534fc70e","sha512":"db4de50952f45677b88271d264a03006891b5a853f908f8b0ffc5bfa1c0aea2fa571e02d334e7c4efae6baa57fe4b87751ef170d5fa365533580d5f02a3bc5e6","ssdeep":"","tlshash":"8921ce58f7e451e32d9e8aa3ed663e6b11750abd00a73507437835ce0179ba79c6c408","size":1310,"data":"","first_seen":"2026-03-03T22:30:10.286859Z","last_seen":"2026-03-03T22:30:10.286859Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f1681b5a72417b33c2869aab85af152","sha1":"b40a6d9c6d058c2bd6e126a1b0191182926b9d04","sha256":"eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154","sha512":"d9190153595e85b071dbf1c92212e7c30a5de2e1d6c4533558bb5f4235d6227c327751799ce20fa50a875a4ceb25227f4eb7d133c3257d8770c1131117d8bda4","ssdeep":"","tlshash":"1631d8d2f3cd01fd42099504248620d9b11dc2394219d48efa9d3c8e73d696e232f32f","size":1761,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.483562Z","times_seen":17175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/message_zh_CN.js?v=1771834111856","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f122062201cd2cedac9761f4c46b2a3","sha1":"5bced4febcad095851dd9d0dc4438d8e96aa8715","sha256":"96e43037ced41b7e8dfe16f604a02f6093aa1b65e9f349ea697e486e29bcd814","sha512":"b9cfd2e598fe9a778bea162e5180ca88bf01d2c02cceaeb27304e827fd0814662733d0df3ed07e2f3d5d0c34fea3f0e25b277d75fdc1a4de20c41eb169d225c0","ssdeep":"384:vTrBmS53qEviCysRI/2aTvfyxtvgfG+S7MjRBQP1RODaP5YnRn21IRBGN9Jaqxk7:IIy92nyfB+vODR01IRBG3JpfsIU","tlshash":"38e23ba604bedffb581615d6d44700c921d96b895afc7928bed0ee1e1b863c604f3387","size":32151,"data":"","first_seen":"2026-01-15T08:15:21.591485Z","last_seen":"2026-06-06T12:16:55.487861Z","times_seen":6778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c3f7d9e5de3b764c32a679ad06ae3db","sha1":"9ab260e36b46c6ca6f58066ee914f3826d86a37f","sha256":"fefe9a763127c0f92edfe95be1000aeed2eda7690482769c90dc9488dbe5d33a","sha512":"1517bde6929159474692270e256f6021611365d30618b57d1fd325e7170bc7540bac8500e1ccd438d2a3d5f3b6cf1456ba39560d5cbc685f4b56b4c2b4126ad3","ssdeep":"","tlshash":"0e51462618e8c076a31b639d0b9f1141b53c750bc3ac8d357d0d5b758fe451452dabdd","size":2561,"data":"","first_seen":"2023-11-23T15:36:17Z","last_seen":"2026-06-06T12:16:55.484738Z","times_seen":15182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1771834111856","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a55780dc13cbf1a8d375f14ebb659cf2","sha1":"9548cc269bcde0dc48e166fa6bab37af8a649e57","sha256":"35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8","sha512":"3514366118d038da9131739e4557dc5fd92b8b7d3a27af00a7c2d8f4cfd49f4932991cba899fcc8171ac59eb356b25e717494225912f37d65600305ce2d3ace9","ssdeep":"768:WqBveMjZ1oE/eL8hhMjm9a1hI4vhej4pZ:Xpo5GhMjm9a1hI4vheUpZ","tlshash":"cee231166b7701e2916b71e10e4f9a083174952b5a87ce08bdac92e09f18d787373ff8","size":32679,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.405698Z","times_seen":17695,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9d49c384b2c84177788fed8eac310ebc","sha1":"117b928afb1f56d2b8619f9584e4f6dc3f321144","sha256":"d33f4c38979f66c850b288b42dc55a92377ef50259447f1e408fbbd23ccd771f","sha512":"4c82d4260756378185fc9ee68b8b6a4321e9fec9750d522a1d7c7cb296e10be7a44649def6956554f6a7c91dc417bfc0a7b61d9dfbefe7bc28847cb1d8abb1f4","ssdeep":"768:cUHmhEOPRtPvJdcz4nPNCKJV+3/svMIR0Ks3gYeLLvcOvBea/u+IaAVbaa1aTKOB:DsLqzjIIa4aTuUwlo8/J0vwr90AIC8","tlshash":"67c3c71c75e712a664b330791baf31007072941b690ddd08bd5dbac07f98a2da3b67ee","size":127554,"data":"","first_seen":"2026-03-03T22:29:04.427848Z","last_seen":"2026-04-04T16:23:53.78788Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"479c01001c455527cf2aafec087accad","sha1":"230c5d853a00977d890c25cb56b5a07c5e0acd0e","sha256":"0ad2a7081ff475ce3a2068fe69547248166c0fd39f26fbf03f2ac5db073a16cf","sha512":"ebedabe18db451b91ae6cfe4a55712d0401a1cd5545a5b9344edcbb68c7cb678a1a8a6efc20f101d99e8cc094a060bb32deccf9e694a837ee17a8f8585bd43c6","ssdeep":"","tlshash":"1f21233e1c17a1b52ef7046a9b7bd5a63af2051b2442e400bc8cd8193f14fc11c25bde","size":1389,"data":"","first_seen":"2023-08-21T11:10:45Z","last_seen":"2026-06-06T12:16:55.486569Z","times_seen":16834,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/common.032d44c1.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d90fe732a8918235001f90a280ee3fd","sha1":"7e16f5554ebea2306f378b175c18457aed09bc22","sha256":"35d46a2ae61a964d46b8d668fa0d32e3cdb9e975f848692ebc12916b32078e5b","sha512":"0600dab872d39f5e780664b3c654b854568548399779eb614e286d39cc74030f40c63703c08161e995f45aba2aa8c9413a64b7938d81cb20eebe1dd84c8a98d6","ssdeep":"1536:9QARRaYYKZIknaW+lwfZA/AHJQZ1WpbuRIRoxkpV48KbnmrbB2L:93ZIkaWAw7KbqbB+","tlshash":"b2b33afb73c5b2f44143eb64e41b6410b42e3cbe7f9587d48255cee4b9b0099898ee98","size":111648,"data":"","first_seen":"2025-12-19T03:52:38.055006Z","last_seen":"2026-03-19T23:48:50.675664Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7932637ac9b0a1125acfaeffa837b6af","sha1":"01107a42cef642f68e70ef30502ecb6c0de6a0d6","sha256":"f938651bd7efeb3c523dcca3df1c9a0cc63b12f604816c8e49636fda5b1b1c7e","sha512":"6ee9dd22796803d3a44aaf8a59219dc077e2cf7ebe2b58efe545c7f08028496e595fbea31d2990cc0f210054f6cd91055326484acd544aa29889712c2c050f57","ssdeep":"","tlshash":"bc71315e7559bc949bd3202a4a7f1008727b486f2928c850fa5dcc50af5cf0f2362b9f","size":3486,"data":"","first_seen":"2023-10-24T11:42:08Z","last_seen":"2026-06-06T12:16:55.487222Z","times_seen":15914,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd4934ec50598a49950c57836d268ba9","sha1":"9830d9f40b0baf411ea1e7b7a4b65675cf35ae04","sha256":"89e8ae92a48e530a676704a7858edcc65fdd1488e39280ba8da4cb80dc5729d5","sha512":"1b7e75147ff199dc7900be58df3ab41039a70322ab2db2d697238b166447a915cefafb3e1cc17377a7ecfc08b641fd9ab51351f060abb405ceed36ee1e5b1b9c","ssdeep":"","tlshash":"c641df0d25ee1008d01729a9fbbbf50c632994272ca4ed08b50dd2154f6ed7ed2b9a9f","size":2036,"data":"","first_seen":"2023-11-22T16:18:01Z","last_seen":"2026-06-06T12:16:55.48849Z","times_seen":15129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95956,"data":"","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-06T12:16:55.462073Z","times_seen":18272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/websocket/PopUp.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"07864ad2e2759d53f8f2f14dd4295bd9","sha1":"95144219e2eb702c4c4a707c3622b086876cf41c","sha256":"871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d","sha512":"f469d0f23c75e918d55e076d72481fca7043ac5eff9025aaac1f26860d080e4fc3c5d28f8f9ee1dae80719aca2b83f39ea82a129c221980bd7d63c212bacc119","ssdeep":"","tlshash":"9041ae54baf359a12c9b71f3aaaf30413160f2479505ed017d0cb9945f1d228b2cf7e9","size":2088,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.409005Z","times_seen":17465,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/websocket/CometMarathon.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"466a7ed7d00986d45375c0cbffb5233c","sha1":"68845ead668e9abd29c24b491dbf97b219226c08","sha256":"7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123","sha512":"752801557c12ee7830f1f2e55352ab9c033aff01ff79abdffaee1601c54cdfc85a2041facfc5a7e180706812be5ad08668eada116544197fd2a784bac1903ea0","ssdeep":"192:0Pf+0Sn4NyRSTTPhvygOdWuTdC3d7QPXLHOm8cSCl1Ej3m7YAPzhsoqFncJ0j:0Pf+fnwfcXSaGLj","tlshash":"9e32314b6cf75085592b32b50f9f24447239d8572605e81c7dccaae48f98b6c0b6bfb8","size":11905,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.408253Z","times_seen":17398,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/bootstrap-dialog.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ce8851dc823429a42ab6147554403cc","sha1":"28f381f0e0aa4f5d56690e65723bd97fb59a38e6","sha256":"dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811","sha512":"f42a4d48c666d9c78fcb6c6061141452899085c504bf15e23749611dda00b6913e75ebbe47ca436a2ed016175d0918f193e474f13974a2f6a5304e18909a87ee","ssdeep":"384:3ai3F3N3VKUINthDa7Vnq86z3JCDKSz1m0hMtkJI2Cg0WEUOv5Dq:T3l3INthDu1YCDKS5flC9m1","tlshash":"6a9261ccb2d9b54c47abe072143f200df03a996951496119bc79e9ebecf060aa077f79","size":20132,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.46809Z","times_seen":17495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3e7c696f4f4b0a282ea5cbb98a51fba","sha1":"e460c89998da289de84da73c165a975ccff9e872","sha256":"fc8d34a6b144267d7ca6ae3910ae0363071bd2bd17fbb138fe6bba8bcb8a6f37","sha512":"be76f116e9984b8f73891b66d1cbca47fb437b0a6dc39f789acc5077dcec09312d4584bff3653972fb2397e0de2ff6dd9488613188fd5bf27786cef29b654181","ssdeep":"","tlshash":"69f0d3b535d6413c539800149a3b8514d1b568f948401c62e6cecef86da4ff77d3ae89","size":652,"data":"","first_seen":"2026-03-03T22:29:04.431682Z","last_seen":"2026-04-04T16:23:53.791593Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3e7c696f4f4b0a282ea5cbb98a51fba","sha1":"e460c89998da289de84da73c165a975ccff9e872","sha256":"fc8d34a6b144267d7ca6ae3910ae0363071bd2bd17fbb138fe6bba8bcb8a6f37","sha512":"be76f116e9984b8f73891b66d1cbca47fb437b0a6dc39f789acc5077dcec09312d4584bff3653972fb2397e0de2ff6dd9488613188fd5bf27786cef29b654181","ssdeep":"","tlshash":"69f0d3b535d6413c539800149a3b8514d1b568f948401c62e6cecef86da4ff77d3ae89","size":652,"data":"","first_seen":"2026-03-03T22:29:04.431682Z","last_seen":"2026-04-04T16:23:53.791593Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/float.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"829af863b0cdc4a603919824ae046299","sha1":"1d417b1553e4ecb7125ebf2005b74255291fbf73","sha256":"1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271","sha512":"e1202fa26fd353dfb2f989d3d45512e0691c062076297399f5fe62f63e7f5b194fec4a3d7fe2f09be1a6a945e197e7d68445d33dcc6f80b23a315112d9ae5b6c","ssdeep":"96:G4SXFXVXDL+R5NxuHie/moRUgIm/Kv3RKXg+Iw3qCNv5IC80b7Yr+HpH:G7xhDL+jNxzeBVLKJ1LeqCwCxb7YspH","tlshash":"04e1506e03b1212195aff1beaf1e424c6631905b2507dd057e0c87c46fa493c4636fee","size":6959,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.41485Z","times_seen":17430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95956,"data":"","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-06T12:16:55.462073Z","times_seen":18272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1880ce6f7e86a563b54412066416edc","sha1":"379f66a5c76c995e8255b0f825f2d2ef05d3ab74","sha256":"dadb28dfc6a383dc589a4c01a6db796fab7be6c40b7f7d413a189394ecac0bf1","sha512":"c5764f5080dc814bc985f6c4b26e18684cfe09bd3bb2dadb92e45500f82f583561e31d4b722d43628a014f5bb0c4f97019f91dbf0432d38909e7468e86e2bc49","ssdeep":"","tlshash":"70312f221117907787f2fb12a27f2406c80f878a953c99ee739f9070bb014fd71aaa4d","size":1827,"data":"","first_seen":"2024-07-12T23:08:52Z","last_seen":"2026-06-06T12:16:55.489136Z","times_seen":12304,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fe7dadf050dad2dcfd386d21b880281","sha1":"07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd","sha256":"aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9","sha512":"9da40e5132ece9fe346f27aa467b2496545c84197131c633e5b1ff1f641ece723440ec0289e82d7948b85bcd901b9e3eb6e36f8e0339ae05e4a32621e895accf","ssdeep":"384:yC+tJn9Dbvbf1P3QSBxDrdiewZnnoTW39if+04xSlR4nbiamdrjNfrzInGINYlor:NWJnlN3QSBxDMewZnnoTW39L0MSR4biK","tlshash":"a762954d3a9514bb4adf31b770ab204f767e8800852c91c4bdbca0d166b5ee072e7e6d","size":14857,"data":"","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.435951Z","times_seen":17441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"e6ea297058f6d52d83390d9ea7f914aa","sha1":"349df987c3c4c50687d993b31f83cfea7f796730","sha256":"2f21ca2376a9112f70c12ecc46d75ff792b067f5edceae5ea06011c13cf14e56","sha512":"80999dd48f3db744a7cc59dc9cec9303b35216f65d2711891705dbc5dcfb34a18c5c015a2615573aaf59315882c5724ab5dc0e218e8f9cfa2579c4ef37d81cc5","ssdeep":"96:Ge2n8LmEhLzcRXKBxap3cSubfC7WjnM9LidafQa+X9MhsvVQCi:D2n8LmEhAXKfapMSu7C7w2WX988QCi","tlshash":"e0c10e4e72e120b199a7a52c929f901024725403080fdd1dbe4d93a4df89d7fb6ba3ef","size":6025,"data":"","first_seen":"2023-08-02T04:42:13Z","last_seen":"2026-06-06T12:16:55.489742Z","times_seen":17094,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"4e6bbb84979a27014e74be230fe8440f","sha1":"aafe0c1dba07e91354abfb25d154c0acbed24d61","sha256":"03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74","sha512":"445744eb54e6f81910f41add7f3ae90b45f311a7a3b5b86bb57079210dbe60c35b0b45ce06f3e4284c55578e2e2878d656ce445fa0040dc5e6edd47017a5a116","ssdeep":"","tlshash":"36e02649d63a68e0507364ac2b7f203129ee920ba009ce68fe2d13c16f444150b71786","size":390,"data":"","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.490381Z","times_seen":14789,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"bdb336916ac9e335e15ea94d4641e9c8","sha1":"7f1ce07ab40a8f824e494f0e25dbbc579ffb00df","sha256":"9b2dd4fc3d0b17463089f0e841d85318320b58afe11ee97df97686f1eb19ff3d","sha512":"33b70eaddd3a84e3ea80dac351e2055555b8220b55ccb8af11f3508256a8dd292b432ab3f64ba7c914b30338bb990e105b69e3c74dd0059cb0e529564bcaaf3c","ssdeep":"96:FgapjuM72LxSmjnuait8RST46fsyzGySdz54ieS75pypTGTX1PPT3m5tTGP/T3mp:Fgapju9LxSb06NzGySdz54ieS9pKTGTK","tlshash":"b191f30974e3137b64f325693f5f9000399aa6dfa508cc193d9caed05f4dd44a21a76b","size":4244,"data":"","first_seen":"2025-07-18T22:51:25.590463Z","last_seen":"2026-04-04T16:23:53.794876Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/bundle.7126c698.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"03585f467dd1043465e62024d84e8501","sha1":"1e5cf8a55c64abec323fd2af7e5823a22b4c18f0","sha256":"4cbd5c79ff097907e8a54d23154bef1b9b8db97a75ec78fb7f7fbc994e723353","sha512":"3c0bfd9bea584f9bc4acdac9815c499327a54479686c2b5e8189517433d9913de43dea480a34577ca551a0327e4d2cfd2271d6c598d4994b99119261805e46a4","ssdeep":"12288:nAQt366fCmXM7t36yfCNXYpnjhftWhS4V:ACfCZbfCSntwjV","tlshash":"68d41898f081b42856736161b2af360a7236a916ba4d4468f536c1f4bdf60cbd323fdd","size":623006,"data":"","first_seen":"2025-12-19T03:52:38.036277Z","last_seen":"2026-03-19T23:48:50.648715Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"abf2387d41539a76642ba636a42a814d","sha1":"1360350d1ce1b20f5954bee6110742193eab7a1e","sha256":"78e57751e6bdeccb36593faa397e27bd4048fecf0553fcc073130d25cc41d228","sha512":"e53a57f875d6a3ecdb56a56e2ff1dfd121eda0001e88368f3ecf42a2002b645bd8029d76f3828a344a28cae78f29af6becd9741168777880840806a0e189f725","ssdeep":"","tlshash":"5c51340c75ac01e629b330761cbf61881473113b4798de157d8f36408f69d7a2a27bf9","size":3042,"data":"","first_seen":"2025-07-18T22:51:25.593687Z","last_seen":"2026-04-04T16:23:53.796389Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/livechat.ashx?siteId=60000906","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e450ccfe9e6f6b2cb9dff4a490f5a40f","sha1":"84a41957c6e8a5bdc4602c3c506e2e42e0ef0555","sha256":"d28eadec8e7b7b7b3d543715c575e3afedfbadc3f294c936650a00952b680297","sha512":"a1b44e7cf7ea8b46e0278419b0fe20e9f768b070301c2bc49190b6796767474dc1bbea31b3190e12158210d3938ec454a260f7fef86a96b6501163bb9c3f5606","ssdeep":"","tlshash":"7c5195ea7a2e0210062020959d3e73cc8c6da0593d958ca3e8f9e22034f1f2fd556eed","size":2615,"data":"","first_seen":"2026-03-03T22:29:04.298711Z","last_seen":"2026-03-04T20:03:24.419104Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/livechat.ashx?siteId=60000906","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e450ccfe9e6f6b2cb9dff4a490f5a40f","sha1":"84a41957c6e8a5bdc4602c3c506e2e42e0ef0555","sha256":"d28eadec8e7b7b7b3d543715c575e3afedfbadc3f294c936650a00952b680297","sha512":"a1b44e7cf7ea8b46e0278419b0fe20e9f768b070301c2bc49190b6796767474dc1bbea31b3190e12158210d3938ec454a260f7fef86a96b6501163bb9c3f5606","ssdeep":"","tlshash":"7c5195ea7a2e0210062020959d3e73cc8c6da0593d958ca3e8f9e22034f1f2fd556eed","size":2615,"data":"","first_seen":"2026-03-03T22:29:04.298711Z","last_seen":"2026-03-04T20:03:24.419104Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/vendor.4f844090.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1550da77b83ea7f92fa72c28654b0b07","sha1":"bdf997b0f858feb25fe28e9aedb9ac9ab199f143","sha256":"eb4f74cbc5b25824f7f0bb24042143a6495404ce6d2316886ff2c5887e52c020","sha512":"0d4ec259e0a05aa51ad1d12030c8eb7a40bfb5dfb74c2285389d0461e1dc640ddf4b77d58628f9a1cd9a92ed9d764bd90dfb1fafb85235a2c270906ce606fc2e","ssdeep":"3072:JlPm6jZ+uUcYoazxkXfDirssXrs1zFzToZpGYPfKX9dT3ZFUxxk57AT6m/FA:mzuv+pIzMvD6UFA","tlshash":"32f31bca32957c5552aa31e2887f090ef33a1d66348cd068f6a5f5d23cb540e9277f78","size":157958,"data":"","first_seen":"2025-12-19T03:52:38.075217Z","last_seen":"2026-03-19T23:48:50.690511Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"87869cb7490a8c122dd926cb3d85050a","sha1":"155683b6755e7dcfb51692f8de3366a37e7ec277","sha256":"46099562d6de0d7664fe79ffe2ae53e5c82653444bd7cc76a521f41ea14481a5","sha512":"99e22330c199b29f2bf493f53db948830d02af098a139fbb3932f1c950567d7b03db0e197983ef0f7ab6b5c57dccc7a2e1472fdc46d1a52c15537d95aaedb08a","ssdeep":"","tlshash":"65e0d8df1d2581070e18a4408c35bc0cd84ae74669d0c88249ebb764a10af978b676e8","size":362,"data":"","first_seen":"2026-02-05T21:19:45.313647Z","last_seen":"2026-03-08T09:55:29.931511Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d6984d3d96b020b0be0c099cb1999cee","sha1":"02de24d58a40ec3791f5f300e5101645d8635466","sha256":"fc8efc42d8db0b2f6266e3524aea080b058eda5827e736cc37db95fd0f3547e4","sha512":"b2b05d0c4c279f41e583575fb273e0046c276eaa14ee44d9efd7f591814726c200b805529c77054850a65ff652e73041192c452feb993ef2209a4e8577c6c58d","ssdeep":"","tlshash":"74d0a7a5d070081cd3212ab94dd2219c4acab55b73c64c007f8575fe9de6706c95b598","size":234,"data":"","first_seen":"2023-06-30T02:57:58Z","last_seen":"2026-06-04T12:16:02.898055Z","times_seen":4765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/index-slide-right.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/index-slide-right.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-13cd6\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 61294\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5688652260047638007\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":81110,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"a0b8da12724c52cef94faab579af7f1a","sha1":"36d3eb7810f0f1baf367ff968acca79576151ddd","sha256":"936c83944ba526788038970113897e4d02437fd3be89521dbf6a40a9a0331558","sha512":"9f64a3da3d7fa4d9314511f339469261a73fd91346cd19882c677ba7e2c9ee14028b4d1566f1b35867e2ad7f0b8a3a0b7ef0e42bdd2ded01a04eef2008b2734b","ssdeep":"1536:UQ4s7DtxPibMt3E7LUz/f+QxMIWaoOapJRkBGEZeVMy90Kn+W:dtUMFE7LUb9x92tRkBGEZenB","tlshash":"c4830266a3b46abc13c481d075613f41af739cf7a7a2e5ca351baec80d5329003dd9a7","first_seen":"2025-07-18T22:51:25.462802Z","last_seen":"2026-04-04T16:23:53.686853Z","times_seen":46,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":482,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/websocket/Comet.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 19 Jul 2021 23:50:13 GMT\r\ncontent-encoding: gzip\r\netag: W/\"60f60fb5-43bc\"\r\ndate: Sun, 25 Jan 2026 11:42:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 28 Jan 2026 11:42:16 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 5977\r\ncontent-length: 4031\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 1670884699205266504\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17340,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1008fe6a5e1a182d7775963b85405bb2","sha1":"e174a7b08cc3cb5545af1cd33d2814e604119392","sha256":"7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20","sha512":"26e07821ee1e8e94c4bada028e049df7572cac06f2e8dae958baa7a011eb201a6a1d4ed0cfa15017a3f52a0cb949343de0b33ca6da7c245f763c86d5adfb0223","ssdeep":"192:4Pf+aTbLSru4NyRs8VDv1KygOdWuTyVC3d7QPXLHOm8cSCl1Ej7bY8l7YJIJvO5N:4Pf+aTbe4M2cXzsjDUfj","tlshash":"ab721e4a2cf76086552732b90f5f64543235a8172605e91c7dcca6e08f98b7c1babff8","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.44732Z","times_seen":17399,"resource_available":true,"data":null}},"time_used":788,"timings":{"blocked":511,"dns":0,"connect":0,"send":0,"wait":276,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/moment.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/moment.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 18 Jul 2023 06:40:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64b633ca-1cab9\"\r\ndate: Thu, 19 Feb 2026 09:07:48 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 22 Feb 2026 09:07:48 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 26968\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 18395281959760258070\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117433,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"36c8f828395a9395549bd6e7307cb7e9","sha1":"f30a4961558e2d3d4405e7d93aa28fdb63245e78","sha256":"5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33","sha512":"40c24a9011e1bbdd98bd95b341c400bdaf48fefd953fcb407368fe3c685ac09196b55e230c03ca9890c35fe9acef2c916bed52423dc1a7b532a1db9817c03a8e","ssdeep":"1536:qOL1yBkBeb9wNoHpH7tjl2Ulwjwaj2BH3fMobEKeYEoZYiMirUw0:qOCWeH70R2BkobE+cw0","tlshash":"aeb35f5a59e31023496362294fdf2011ba388123590dee487d8da3d49f9ed7c47bafec","first_seen":"2023-07-29T10:21:40Z","last_seen":"2026-06-06T12:16:55.432072Z","times_seen":17429,"resource_available":true,"data":null}},"time_used":1357,"timings":{"blocked":493,"dns":0,"connect":0,"send":0,"wait":618,"receive":246,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/113/carousel/10006/1470660147655.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/113/carousel/10006/1470660147655.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 18 Nov 2022 02:59:51 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6376f527-1b673\"\r\ndate: Wed, 11 Feb 2026 05:20:46 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 14 Feb 2026 05:20:46 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 85018\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5930053840319784393\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":112243,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e700516462e5342ca0eeb531b1f77563","sha1":"c7dd0e6ec901a1f6bd0c2d743c17cb0bb5eec1f8","sha256":"af842976d9e8ff145b9e1d8778c54bbdfdd9d37e0e5a63076e938a831ef24e4a","sha512":"f39259c944f99d67df46cf09b00a96dbc8d58acaca3da12dcb3a2293524b2fa5785c82fca38cf2eab0c8a35876491b801a3df2e8bc94a0a7c16340e5faef2282","ssdeep":"3072:ODpgfQZcvwYXZ8mMst/fKHsbVJMoD2poNWgdnLzcI9r8G:O+0cvwYp8mM+/QmJMoqpoNWYLzcy8G","tlshash":"7fb3123482403c9b30ef561fe23eaf4375d16f9172c02aff4e11a65aa1866769613dc7","first_seen":"2025-07-18T22:51:25.483856Z","last_seen":"2026-04-04T16:23:53.747249Z","times_seen":46,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10108/1628927583732.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:44.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10108/1628927583732.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 18 Nov 2022 04:35:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"63770b7e-3642c\"\r\ndate: Wed, 21 Jan 2026 07:58:00 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:58:00 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 164608\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 1371850578090720738\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":222252,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9187c88b1e556e31677839e2812543cc","sha1":"2066a44e47e9e5cb85c36390b0ea2eb706cbf539","sha256":"d352f630b6cfaf542f518d8b30c0e00f74b26495d0532b3d8db9d2a1049ec075","sha512":"1a7dd27b34ea86750984e143624a5703e84b85b973d70624581a3f4d98cccd4b73782851ee5a8970be6f1c2b5327cebaceade9bfc043c5ce1af5478ed17cd48a","ssdeep":"3072:p8bIMrHKOw0cPbUU1/W5zRWnufs7AokiZyE9WOABi4vBh0KfGfy/T0eJ2qNxx+ZV:p2Ig4bPWGnufEAnmR9RXFfKTt2SutDNZ","tlshash":"212412303cac3dd9378a9603f4f94cabbf389e27221526c2d86cb1d5849d1d74897aa5","first_seen":"2025-07-18T22:51:25.56517Z","last_seen":"2026-04-04T16:23:53.727889Z","times_seen":46,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":277,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/bg-gray.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/bg-gray.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-4e5\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3249\r\ncontent-length: 827\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3505734584223521129\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1253,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"c4e4f4d9366c95f62d711678ae599e2a","sha1":"de6d4ae1638fe87de72a94ee85d91279e66d2ac4","sha256":"e6990b4f77e4dfa789d17c5f7e4cb2565fa1f8924d9c163013ab8159bdea83ff","sha512":"9e5ead9cdfc395f25be8014baf2544f6e5f7b17015e860a6e4b4dfce05be4d92f0e6204e159cd945e425c255d336ae95bfc83596a1e88b9c47632baf336bb28a","ssdeep":"","tlshash":"7e21b779366f320e5039c2086b909173ac398e0f2d131fb4e8ec3fb3800a72082169d9","first_seen":"2025-07-18T22:51:25.486719Z","last_seen":"2026-04-04T16:23:53.684657Z","times_seen":46,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5518286197643646000\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":465,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/113/carousel/10005/1470660108511.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/113/carousel/10005/1470660108511.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 18 Nov 2022 02:59:51 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6376f527-11193\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 51644\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2504265750069084787\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":70035,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9c9cb17fdb8cee9215e8eab2d910f40b","sha1":"16c43025bed0469c401ded40bebafa8ab7f0f62f","sha256":"f55cd64731677d6a7cabfd8ec429738c11a1850b454f34a1083a9defede0699d","sha512":"d3721f5f0f967a6dc57a86cced9c351e22b315a14e0aba677c9c45b3186a599ba70fb9ce92fdbdc10be784a4c7d308aef0e2939cd9d4e3112673206837b4a7df","ssdeep":"1536:+gP4qrGA63n7h75RpjDd0bGs5k7otuY0r9/qpDnyal:p4oGA63nvLmb+otuYG/qFn","tlshash":"4f63f131165d2a87fd57731588b3b277aefc8c7952c491fff8292204589b9c4b8b11d8","first_seen":"2025-07-18T22:51:25.548335Z","last_seen":"2026-04-04T16:23:53.767216Z","times_seen":46,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":331,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/Button.c473e3a2.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:47.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/Button.c473e3a2.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://p213rv3h.2ryqgu1g.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 13:48:49 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-2883\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: QbT0founsSRY---HPPF_M638bTUtNXdQ8NgoL7u3jk9trYLoDDuTpg==\r\nage: 31258\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":10371,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10256)","md5":"b0152d00c2f305df463d02d2b26bb0d6","sha1":"ec985c18f069617a87b4c1f1c20e1a96b6972049","sha256":"ff2743d0c5f71a004611574b1ff6fef857173311483414ee569f9b6fc312a28c","sha512":"51ddb771b6b8046a3a7119f99ea7fa3f97fc7fe43c29314daabcc4f6e85e536232557d5087e3276eeee122de200d61cd3e9d266c77d4a1076e6a6d4dbd995fbc","ssdeep":"192:VUCi/WvmQ/y9OmrgX8In8A1gLGWNKi9N0FjcAVD2Mk0srw3:Vc/W1/y9OmkMK8fKWNwAAkL1w3","tlshash":"4722c8ccf0a521274393a354e13f284472766c1c4895a118b65a9ce17ffa17fa22ff7a","first_seen":"2025-12-19T03:52:37.948953Z","last_seen":"2026-03-19T23:48:50.679836Z","times_seen":389,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/gui-skin-default.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 11 Jul 2023 08:40:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64ad1569-7b6e\"\r\ndate: Mon, 09 Feb 2026 07:38:31 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 12 Feb 2026 07:38:31 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3245\r\ncontent-length: 6253\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4797138528604340578\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31598,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (7014)","md5":"1d6c464e8e5800ca483689206174ec6e","sha1":"d5ff05232c516152a711ec5c6d060a2f2cc791e3","sha256":"08d29322d883091252b3348e9514dac589896516374e8a319fd1190dd67f8e30","sha512":"4e259baddb36f5a8894c26f0f50c453200cb738c5e9d8131e146288a0d25ed3d4dd42f173392f8dbae521fd8344425b2b6e1ade92bd08edf7ab010cb577f775e","ssdeep":"384:/FboUEeh9ScJRfc0uGWw8Ms4N4muQh8v8brn8w/NtSmdz:/FbPSVGmNQjLPFtSi","tlshash":"7be29834f20022a9b563c7a570d1dd4a362de592d2170ebdf26b319c8f425ce263bb6c","first_seen":"2025-04-07T03:18:03.900415Z","last_seen":"2026-06-06T12:16:55.45606Z","times_seen":10652,"resource_available":false,"data":null}},"time_used":1385,"timings":{"blocked":539,"dns":0,"connect":269,"send":0,"wait":273,"receive":2,"ssl":298},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/commonPage/lan/i18n.js?t=1772576978.416","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /commonPage/lan/i18n.js?t=1772576978.416 HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:38 GMT\r\nout-line: gb-cdn-013\r\nuuid: 00113-01-00000000-1772576978bb14\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 814\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1310,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1217)","md5":"65828da439e8eb2288106b03ec85d7b5","sha1":"accd9e565e263f953679714ea4796ffb1f70aec7","sha256":"10c079da0a99a3ccad86a1a6ea3a9cd2fb87a4573bc1209735bcbdf1534fc70e","sha512":"db4de50952f45677b88271d264a03006891b5a853f908f8b0ffc5bfa1c0aea2fa571e02d334e7c4efae6baa57fe4b87751ef170d5fa365533580d5f02a3bc5e6","ssdeep":"","tlshash":"8921ce58f7e451e32d9e8aa3ed663e6b11750abd00a73507437835ce0179ba79c6c408","first_seen":"2026-03-03T22:30:10.286859Z","last_seen":"2026-03-03T22:30:10.286859Z","times_seen":1,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/websocket/PopUp.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 21 Apr 2022 04:30:12 GMT\r\netag: \"6260ddd4-828\"\r\ndate: Tue, 27 Jan 2026 01:06:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 30 Jan 2026 01:06:22 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 2088\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6817456588666380271\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2088,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"07864ad2e2759d53f8f2f14dd4295bd9","sha1":"95144219e2eb702c4c4a707c3622b086876cf41c","sha256":"871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d","sha512":"f469d0f23c75e918d55e076d72481fca7043ac5eff9025aaac1f26860d080e4fc3c5d28f8f9ee1dae80719aca2b83f39ea82a129c221980bd7d63c212bacc119","ssdeep":"","tlshash":"9041ae54baf359a12c9b71f3aaaf30413160f2479505ed017d0cb9945f1d228b2cf7e9","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.409005Z","times_seen":17465,"resource_available":true,"data":null}},"time_used":852,"timings":{"blocked":502,"dns":0,"connect":0,"send":0,"wait":282,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/vendor.4f844090.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/vendor.4f844090.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 08:36:32 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-26906\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: DbU7lPqCkJn0NAPRpeIuRvlCKRn2gmJRMk6PhFR-q5E-woi8Ixe8Hw==\r\nage: 49988\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":157958,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65419)","md5":"1550da77b83ea7f92fa72c28654b0b07","sha1":"bdf997b0f858feb25fe28e9aedb9ac9ab199f143","sha256":"eb4f74cbc5b25824f7f0bb24042143a6495404ce6d2316886ff2c5887e52c020","sha512":"0d4ec259e0a05aa51ad1d12030c8eb7a40bfb5dfb74c2285389d0461e1dc640ddf4b77d58628f9a1cd9a92ed9d764bd90dfb1fafb85235a2c270906ce606fc2e","ssdeep":"3072:JlPm6jZ+uUcYoazxkXfDirssXrs1zFzToZpGYPfKX9dT3ZFUxxk57AT6m/FA:mzuv+pIzMvD6UFA","tlshash":"32f31bca32957c5552aa31e2887f090ef33a1d66348cd068f6a5f5d23cb540e9277f78","first_seen":"2025-12-19T03:52:38.075217Z","last_seen":"2026-03-19T23:48:50.690511Z","times_seen":399,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10327/1765155031897.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:42.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10327/1765155031897.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 08 Dec 2025 00:50:32 GMT\r\ncontent-encoding: gzip\r\netag: W/\"693620d8-631a5\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 303665\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7691920670217976631\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":405925,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3a6339dec3115416faef9b26071b446f","sha1":"4c3c5784346f5ea0928dc4ea118a73d209539c50","sha256":"c65fb9c01ce0d81c45390ff609a82fb454c5146b72a2b5b6fdd05c13a6565ee1","sha512":"a8a3b6966cbea2e75ee811cf69f14d3374fef89c3f37a3359c3e1ffde5082fcb9e31558d194f60b57839ba6262d254c4f302a42cefcecdffb704f1acd93056b3","ssdeep":"6144:Bpbg+THSlDQB605TQMg1DrXlgSTczJgkOY3C97qvY318QS6WeUJEEs5bMc0cTtFO:fg+WlDm6FXlIr3QwY31ldWeatsJh0HQg","tlshash":"968423206f63ad561e7cc32b757e284b1b704660a29c82d6e2dc3e9d8ac6f1403ddd67","first_seen":"2026-03-03T22:29:04.371999Z","last_seen":"2026-04-04T16:23:53.756797Z","times_seen":41,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/offers-list-01.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/offers-list-01.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-4437\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 13084\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9149044274790947658\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17463,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"db0710b551f9b6ded4fe6e155ee77064","sha1":"46219e66ff241d162a0d474871e6dc7ac6ee22f9","sha256":"34349f5f9c0a3d895179149924b1002c45b801cb1676142ee2c83b3c98b8220a","sha512":"035086d83e625d07c6e26195c571a2276cba7b085810a910970a10871f8c3a49b9f0db91f887000d86dc96977b5c9f2f14ace114b695d2bca0f4be43b6c4682b","ssdeep":"384:He+wkRw1wyLPSOdFh9NeDrd0BBYsh2NpzmVVjiPBVU5sT23L0dxCT:++wkxW66FhjQDjLmDwBVU5sT2wuT","tlshash":"c272d0b03ba51d3a6211ad4c7a497069fe6a15879a4b420f7cfa9243b1ac3c0ef1780c","first_seen":"2025-07-18T22:51:25.479791Z","last_seen":"2026-04-04T16:23:53.711809Z","times_seen":46,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/offers-list-02.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/offers-list-02.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-3724\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 10545\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5876958463067782555\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"967618c9bf09fa6b76dc9815e61984ed","sha1":"70ce506b4ab03feeb8233a0e088ed56b364c24d8","sha256":"8acf464287e639f855dd319e492841f35584ec58475cd25eb783c0c24df0e59c","sha512":"16adf0cff557444ba361d82d56b6405fa96c386c286a16b13b1355ccf8739300692d55d9e350025fadfa3b3503bfa40cdc8fc8b121a2bbe3d13fc01692fbd45f","ssdeep":"384:Hf+lLlrEDNOoNaNNNHl/WTZCEe+5FafKJf7FVf2fYkc:/+lLlwAjNrCHl7FVf2Tc","tlshash":"1952bf3f9b6e1c2283727714ecc7558cbea25cd335e95a53c3e8a0f3203a6b39846584","first_seen":"2025-07-18T22:51:25.555952Z","last_seen":"2026-04-04T16:23:53.718318Z","times_seen":46,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9540157198619698315\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T22:29:37.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:38 GMT\r\nout-line: gb-cdn-013\r\nuuid: -\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nx-html-cache: HIT-3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":354325,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (322), with LF, NEL line terminators","md5":"45b26e59df432f08cd77df2afdbffb34","sha1":"482a2f3800e667c050ea1ecb4ff537e99c2eef09","sha256":"32d1ed31a66a9d39ebd26502dae0df9bcb6df4d71a8ac11d8bf27e238cc3a21d","sha512":"de06da8ca478609772ae777d5b8581fd36ef55209857cb516ec31629f4171a1de5ca77f58f5be7ac0dc4cd5c4d0bd473ab304380ddb315ded5d63d68597cbe9f","ssdeep":"3072:RMyOV1azYGyqQ5xBlpK6IgyE+1XQd0nXbd21XL8LEnaqJ0vs2kQ4M0wCh0FatugB:hOvdUbdaDaG0vsD5M0wCh0Fatuw","tlshash":"3374290c35f2016259f3707a5b6f22047071951bd909cd08bd9d6aa4afc9e2a72f37ee","first_seen":"2026-03-03T22:30:10.295285Z","last_seen":"2026-03-03T22:30:10.295285Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1064,"timings":{"blocked":422,"dns":0,"connect":206,"send":0,"wait":221,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/websocket/CometMarathon.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 21 Apr 2022 04:30:12 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6260ddd4-2f13\"\r\ndate: Mon, 26 Jan 2026 01:00:41 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 29 Jan 2026 01:00:41 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 3316\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 257701129855336133\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"466a7ed7d00986d45375c0cbffb5233c","sha1":"68845ead668e9abd29c24b491dbf97b219226c08","sha256":"7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123","sha512":"752801557c12ee7830f1f2e55352ab9c033aff01ff79abdffaee1601c54cdfc85a2041facfc5a7e180706812be5ad08668eada116544197fd2a784bac1903ea0","ssdeep":"192:0Pf+0Sn4NyRSTTPhvygOdWuTdC3d7QPXLHOm8cSCl1Ej3m7YAPzhsoqFncJ0j:0Pf+fnwfcXSaGLj","tlshash":"9e32314b6cf75085592b32b50f9f24447239d8572605e81c7dccaae48f98b6c0b6bfb8","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.408253Z","times_seen":17398,"resource_available":true,"data":null}},"time_used":783,"timings":{"blocked":507,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-gold.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-gold.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1ab45\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 12078\r\ncontent-length: 83011\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3767186568810328053\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":109381,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"1f1a5a7aa13ee13ebd33338b3b1b0680","sha1":"92a135287652a3582477b8fbe0420847ad4a8c6a","sha256":"1d794bb495091aa98a44b50f428eae59185a9b9c55feec3045ebcb5ec1de796f","sha512":"1d4021f01cda849ef9c12b7f9edccd441892aa8e3bd1a5bc165e88c561c24291191aeb1a3a205214505c1399012d07581bfabf4803d9509da45db81f0e101a61","ssdeep":"3072:vutRp5cNyBLZQC/brFWegWNnv7LztzwcpG1cTeJrB6:mBiNyBJ9We1R7LhD6cm6","tlshash":"eeb312117f655c20f47443b424ebfa34a4ac4cf7d854a8a287a4b1dedf88fa0955193b","first_seen":"2025-09-18T16:22:49.442313Z","last_seen":"2026-04-17T04:44:35.22244Z","times_seen":1728,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":385,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-goldGradient.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-goldGradient.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1e5af\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 94483\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9053593175812435406\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":124335,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"ce2a68b63bdc53b665753c51c725aa67","sha1":"bf0e7f53993078efbf6fd58e0086140aa483bd0b","sha256":"1746360cb57da17f40d53702373975c6a089bdbc3b30ad614a2aee3861e6ee69","sha512":"ce5aee0c48488099c795f67dc7f68f03fdd4554a66b03ef5c259f5b7d8edaa69a2d142a898468a54e9e4795e5fea843ff5e926a06d4233b26d2561ca6efb5468","ssdeep":"3072:SlBd9XIEDaQchMCJ1v1kKAr1p7IQWvMsy:Sh9XRNcGCJtuNrv7e3y","tlshash":"f5c312445f984f9af1eee8465005ed5cbc509192efef6df027d3f4a78888c818396b29","first_seen":"2025-09-06T20:06:14.226062Z","last_seen":"2026-04-17T08:59:04.359738Z","times_seen":1771,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":371,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10134/1639487513010.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:44.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10134/1639487513010.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 18 Nov 2022 04:35:11 GMT\r\ncontent-encoding: gzip\r\netag: W/\"63770b7f-1816f\"\r\ndate: Wed, 21 Jan 2026 07:57:59 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:57:59 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 73149\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9036596820889491039\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":98671,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"474e0b54e1783ec1a1485cd01d469599","sha1":"ad1c755f4cdf8af8769c2075d20d02b736ab8617","sha256":"a6120458c1dee97445ffd7cd4dd2ba2c10f3d8890160e7ef94cd6a0c5b83799c","sha512":"856ae67f0bcea3091ed17bc538f86a387b591f2293bad615337cdd7735d9244fc87a2b4b2a1244ecd4454ff568aa5f109096b34ee42103d80115300b786c029b","ssdeep":"3072:aT+QjrjStm6BGCJayjPkeTO/B4F0u+OC6Y:mrjStm6UIq/B2n+OLY","tlshash":"cca3027594237e75d7902b0ba326fdca4cdd1effc23d62693250306acc77aad4909066","first_seen":"2025-07-18T22:51:25.516427Z","last_seen":"2026-04-04T16:23:53.748397Z","times_seen":46,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/favicon/favicon_113.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/favicon/favicon_113.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 05 Dec 2022 08:15:08 GMT\r\ncontent-encoding: gzip\r\netag: W/\"638da88c-ae1\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 2042\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7327523449794299004\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2785,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6beeffef54c754ab3b6d4f5d793e7daa","sha1":"3ad8eab3676e2d928ae7f5be05c9bd5949892a52","sha256":"e747ed8e9efe5769ab65ac8207d4026011584da28948b5a637862b112cacbb76","sha512":"dd835b1584512e33ba55dc749a03044f0fd52ea88ff24d79ce2203714004ce4e42ef2d5273891549609d5e9c539d002cbd2ceefb4062772a5ac2175ad3169d6e","ssdeep":"","tlshash":"7f514c367b5a360d2060c434e179354e3d27cc3f2a4b256be485eb55d21fb708d616c9","first_seen":"2025-07-18T22:51:25.465284Z","last_seen":"2026-04-04T16:23:53.680326Z","times_seen":46,"resource_available":false,"data":null}},"time_used":454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":453,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/gui-layer.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:39.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3rzeeh.ntbnaq.com/ftl/commonPage/themes/gui-base.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 17 Aug 2023 08:10:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64ddd5e1-c760\"\r\ndate: Tue, 03 Mar 2026 04:31:57 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 06 Mar 2026 04:31:57 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11121\r\ncontent-length: 6923\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17516090368214093915\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51040,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (489)","md5":"858eefc3fa70af7d0115c901908471f5","sha1":"29c181bbbc09a424f7de7cb57629bd8a9e3c679a","sha256":"9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf","sha512":"3731234bfa0b2abf45883da0ab74960a77f167dc158f4eae4f9c58293bfe6ccf322fabdbd4100bd5fdba0f463cbf18ba44d89b0bed695b65b8edce7edc9441ec","ssdeep":"384:RCEe+wekUqKrIQycnvqP9bQmAJS0OuaIHmOKpPg+2fF93sJJ:RCf+wekUqjpqCP+OuaIHmOK6+2fFVSJ","tlshash":"67330d22a16816cd7156eac8705dbab7b7fc8c02e21717bcf8ab304fd28d5439476a47","first_seen":"2023-08-17T12:06:57Z","last_seen":"2026-06-06T12:16:55.433583Z","times_seen":16258,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 03 Sep 2021 08:10:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6131d862-48e4\"\r\ndate: Fri, 30 Jan 2026 10:54:12 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Mon, 02 Feb 2026 10:54:12 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4946\r\ncontent-length: 3111\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6327789606930693621\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18660,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5cf9259b7dd27aacd46161ec23d261cf","sha1":"ba0c399616a5ae9cdd8aec5b76ba4aae4822367c","sha256":"7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc","sha512":"834ae73090b76f7dad48a5efa850a0009d5104cfcab402b7c343ceb49410584c3a60a4eea800d366f380dc8364f5f00e3d38101c379fd5fa19f9492781d9ada1","ssdeep":"192:99OUf4PBsPIOpyNYpyBVpkgdpkqg60yQG0yrGlwSlyDXLIXiYHIli5aT6XeFTfb1:C4CyFP/FgkFxUE6QS","tlshash":"b7821de599a31584751b8214dbee267232f85c83e40fcc6cf7df354f4f086a592a1a4b","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.471891Z","times_seen":17660,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/common.032d44c1.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/common.032d44c1.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 04:19:28 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-1b420\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: SVpDeXd48Y8SG63LZyiwPK2lpo7ZioDDeIRHCa8txQYdwRTwAmdJVA==\r\nage: 65412\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111648,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (61590)","md5":"4d90fe732a8918235001f90a280ee3fd","sha1":"7e16f5554ebea2306f378b175c18457aed09bc22","sha256":"35d46a2ae61a964d46b8d668fa0d32e3cdb9e975f848692ebc12916b32078e5b","sha512":"0600dab872d39f5e780664b3c654b854568548399779eb614e286d39cc74030f40c63703c08161e995f45aba2aa8c9413a64b7938d81cb20eebe1dd84c8a98d6","ssdeep":"1536:9QARRaYYKZIknaW+lwfZA/AHJQZ1WpbuRIRoxkpV48KbnmrbB2L:93ZIkaWAw7KbqbB+","tlshash":"b2b33afb73c5b2f44143eb64e41b6410b42e3cbe7f9587d48255cee4b9b0099898ee98","first_seen":"2025-12-19T03:52:38.055006Z","last_seen":"2026-03-19T23:48:50.675664Z","times_seen":399,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-gray.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-gray.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-199fb\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3333\r\ncontent-length: 79652\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 11475834886853086362\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":104955,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Apple HFS Plus version 12135 data (spared blocks) last mounted by: 'GYCw', created: Thu Nov 30 10:34:46 2084, last modified: Thu Sep  4 23:18:47 2098, block size: 1467044454, number of blocks: 729362515, free blocks: 1497459512","md5":"c74ef17cb37fbfb0a1c949597470e977","sha1":"34c6ba958b6527c7a9eb35a4d64233da66e772c7","sha256":"f3fafe4c402edc11f26d8170dd5ef6da07e1d538ce471b39fd0769803439d2db","sha512":"493dc789121a373e46f86420affcd800691d47a146c19852599e9896ca521c3fd42a89a02932fbf69d4d3040734cc0ec4f0c3afc86064ec54668397955a48bbf","ssdeep":"1536:2qC8ZeKIScoUhq8lzPJt7W54AH4XmYho/1bxXoYW5qyx+zn8tnngf:2xi0hJzRthZWT9BoKysin8","tlshash":"c9a3023ccb433a116ad267a51fb22deda740e6cb555e03e785d222c615963ceef318e0","first_seen":"2025-09-07T00:50:47.660386Z","last_seen":"2026-04-17T08:59:04.26396Z","times_seen":1764,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":382,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-gray01.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-gray01.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1a1f6\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3331\r\ncontent-length: 81241\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3412159767397173874\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":106998,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"0d835d7c8082eee7f89f0b1b2e62f4e4","sha1":"0faf9149c454be0261eea8b14afaabb70a6bddca","sha256":"a5f8a8d222b97704ebb832a6c68228b835c7d40fabd508de50d662e8f1add6ce","sha512":"c3a9d53a1cd3b51fa7b5af588085dc2ce8de1d0ebd7a86b151f90564dfc120b31be5a5519950265b4b511b7e1b80e5d5e3938104a8cdccfcfce626e5de27f372","ssdeep":"1536:AxJxL2StOAnubXwaS8BIunTHYHwpjLao55e39o8/mamUX1eYPo6uXyQenBV7/XAd:kKuqnbnbKwBw68+amI1eYg6fBVjg","tlshash":"daa30234d3a4f6d50ead035ee525f92c9e4182a74024edc9742b2cd382fd1786e10bde","first_seen":"2025-09-07T00:50:47.554845Z","last_seen":"2026-04-17T08:59:04.344356Z","times_seen":1764,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10335/1772232326543.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:42.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10335/1772232326543.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 27 Feb 2026 22:45:26 GMT\r\ncontent-encoding: gzip\r\netag: W/\"69a21e86-7a8f1\"\r\ndate: Fri, 27 Feb 2026 23:54:13 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Mon, 02 Mar 2026 23:54:13 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 376473\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 230397724043300788\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":502001,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b30df09efe4bc7337b779e11a1114266","sha1":"82a8623b349df37ffc3798463b675aee58aa9a2b","sha256":"834e0070c71cefff87a5cadf5c32c5a1134bae6605fa513ed4519f76587e56b4","sha512":"c02d52a93f0926b8d8acf87b778ef7b9d04468e4a63aa6b772316bd36a6b8329884df7f16adef2fb4421fdc954f25ca1f661f78e8e73ba75312a6bc6fec83a77","ssdeep":"12288:fxzDC3U1c2RBSsd0KthxtnrjrN93OVLbxIT5iN0R:fxzuENzSsd0KtpjOFmAG","tlshash":"43b423159a45fa3e9c09e01da3e37f72ac594ded81c8baf331905d8e10067059dbaebc","first_seen":"2026-03-03T22:29:04.370336Z","last_seen":"2026-03-04T20:03:24.459626Z","times_seen":40,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3rzeeh.ntbnaq.com/ftl/commonPage/themes/gui-layer.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\netag: \"5d848f4f-529\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: image/png\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 1321\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16286760876050940065\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1321,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced","md5":"a2e938202c0287b9c82461a6fd94dee9","sha1":"b5e2adc7cb07c18a70a88af314e56b946ec1a1b6","sha256":"df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936","sha512":"2c035017e6ef6d6be24cf26972434ff7b16760ac6f5418d83652e745007a117cb79f4f9fa542cf4098b9141d4851f748c5151cb1055ea2b1f42eb70eb72a809f","ssdeep":"","tlshash":"1321830eea4368009648bdc114f3a457f7165f80acd8e2f46e8aac5d2d103f96abd6d7","first_seen":"2023-04-30T20:28:22Z","last_seen":"2026-06-06T12:16:55.444765Z","times_seen":16406,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/responsible.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/responsible.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-960\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3249\r\ncontent-length: 1711\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17482424244166351370\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2400,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"193e1ea95089a2eadd6fb5c3bbd89902","sha1":"f76f183bd30fa7594348aff561d49e1fc3837aa6","sha256":"02fbdd5978333c8ca0b378272877edd4c6d75a7d6046448d36840ff0f83a93d6","sha512":"3522fce73e7e1709eb43d73c9e2b7b9cc5aa454978b269272e49c4cdebd9bd7bc694f0fa8eb3a2d4e042448dd6072075002b6eb6e239fa75df60e4b55dbdfe6b","ssdeep":"","tlshash":"87410ab177bfbd4c1420402957b268276d325d9a4863aa65c9bd3347c004f6089b0cdd","first_seen":"2025-07-18T22:51:25.521507Z","last_seen":"2026-04-04T16:23:53.736056Z","times_seen":46,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-176d4\"\r\ndate: Sat, 24 Jan 2026 16:04:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 16:04:59 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4948\r\ncontent-length: 33545\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3720303734166995272\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95956,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-06T12:16:55.462073Z","times_seen":18272,"resource_available":true,"data":null}},"time_used":2079,"timings":{"blocked":570,"dns":1,"connect":296,"send":0,"wait":887,"receive":17,"ssl":300},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/static/css/gb.validation.min.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 05 Oct 2022 09:40:30 GMT\r\ncontent-encoding: gzip\r\netag: W/\"633d510e-2d52\"\r\ndate: Wed, 21 Jan 2026 07:57:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:34 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 3788\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10478949912114714031\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11602,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2295)","md5":"12630e8fd95b53f705159b9cd1c2b372","sha1":"1be26841536b82ff280211796e9de339c642795f","sha256":"2c0c712726319f142f14ea06ccdba0ddb9f880571581ab1d0c193d4083a5baa8","sha512":"3084c7d3f917e379235e29b0f641e69f7a9a89b9c30b088292e3b3800cc67e16414b2df9aed1ed144cd2c37bbd035a8f6389d71ace13d17dd32a315c7719a88b","ssdeep":"192:zyzNcfuLLpjyFp291taF4lcrCQ4RFvVhkxP4OKyptj6ZqQ:znmdyF24F6crCQ4R4P4Dx","tlshash":"ed32a673ba220244790d9d442f46ee02bb1b40176a4f8eabff91786cdf825c9b67074c","first_seen":"2025-04-07T03:18:03.798848Z","last_seen":"2026-06-06T12:16:55.458897Z","times_seen":10717,"resource_available":false,"data":null}},"time_used":971,"timings":{"blocked":352,"dns":0,"connect":0,"send":0,"wait":617,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-white.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-white.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1aab7\"\r\ndate: Wed, 21 Jan 2026 07:57:40 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:40 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3334\r\ncontent-length: 82844\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16789469383409231468\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":109239,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"050b6873c440d2c512d27f83bd536ba3","sha1":"3f1ef3c0eb4037170fa7dc0fa5f6f8b667eef5e9","sha256":"cab2392ea2953b735b5410022f07d4590018ca546e1fe21b2feab5db0a4e69ad","sha512":"562cc6092d643d8b5487bb406860661b215d8c94d4a51c63aa9a6823fbe6533acbf95133d385781c9ea5f8913adfd26810e6903296b2106ebed51c4c4ccf2331","ssdeep":"3072:InJWQnDraF6gDT3Kxms0QQ9OPMGJrcPaF:9SDu3DMmTrQgPaF","tlshash":"50b31216b50e3e0f2b55dc0f514ee9f6cb920786850deece4768348462c9e85c3df999","first_seen":"2025-09-06T20:06:14.275441Z","last_seen":"2026-04-17T08:59:04.373557Z","times_seen":1773,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":372,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-silver.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-silver.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1eb1d\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 95601\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5113353016468990342\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":125725,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"5f6980b5f154060a1d83407f4c95b0a6","sha1":"62e410c7edcbbdcb24a07444f9ebaa79a4047f92","sha256":"522e1c9e3407783f021aa3d7b4c19179ee6d2784358e8dc3960fdd93e996f720","sha512":"ffee4c4b7962e3b1ab48896394cc18e7ed3eb1d199a56e4bed2c29934b20ee1706619969ac82a3c6840cb1b617f90d7c16a9c7080b2d8c1a905be0f5ca922206","ssdeep":"3072:uVcAUgIZn4dMj6qCKK2si2pXQ5kbTSfE2BBsUdSTIC4RvJ:uSAUnmD2AgObTEE27fdR","tlshash":"20c313e136ecbc5cee44d632a5ca9960c250abde89f1c48bc6da50ca141335c9dceedd","first_seen":"2025-09-06T20:06:14.266784Z","last_seen":"2026-04-17T08:59:04.285034Z","times_seen":1773,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":371,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12122801854313685698\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":487,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cldxon.0er4he4t.com/visitor.ashx?siteId=60000906","fqdn":"cldxon.0er4he4t.com","domain":"0er4he4t.com","tld":"com"},"ip":{"addr":"99.83.207.187","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:46.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ebg1f1ew.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 03 Sep 2025 00:00:00 GMT","end":"Fri, 02 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:1F:83:53:5D:80:46:5F:BA:B8:E9:5C:12:DA:20:8E:EE:27:1F:1B","sha256":"B9:F8:F6:43:C5:3C:F5:51:73:3C:4F:47:DF:66:49:C8:65:D9:79:8B:59:BE:C9:88:BE:7D:D4:2C:58:9C:F6:0C"}}},"request":{"raw":"POST /visitor.ashx?siteId=60000906 HTTP/1.1\r\nHost: cldxon.0er4he4t.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1269\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 22:29:47 GMT\r\ncontent-type: text/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://weide73.com:8989\r\ncontent-encoding: br\r\nset-cookie: visitorGuid_60000906=49ff51f7-3785-4883-9aac-da658f836338; expires=Mon, 04 Jul 3025 22:29:47 GMT; path=/; secure; samesite=none\r\nvary: Accept-Encoding\r\narrserver: chatserver1\r\np3p: CP=\"CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: default-src 'self'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1368,"size_decoded":0,"mime_type":"text/json","magic":"JSON text data","md5":"cf2285ee1d44fdbe8717e66806058869","sha1":"22f078e1d9ee72b4895cd1ea14f6e0cd0c1ffb52","sha256":"6e8bdb71a88dca3ebbd166120997b6ebfd107b20266dafe2de5a94d1cfe86275","sha512":"3a3e8fa6982e46d750b46a723ffc1c39e693fc19ecc75340bbe669d26c3948fe72b0a83ace04d70a7de2d27e6a082804a10480c7bfd7dc109d708ffacba94706","ssdeep":"","tlshash":"0b2183a21055cc3cd6290702109bb713960af1f3fdc46c18e2ceda7db45b869b021b0b","first_seen":"2026-03-03T22:30:10.308211Z","last_seen":"2026-03-03T22:30:10.308211Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1474,"timings":{"blocked":631,"dns":1,"connect":1,"send":0,"wait":212,"receive":0,"ssl":627},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/hongbao.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:39.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/hongbao.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3rzeeh.ntbnaq.com/ftl/commonPage/themes/gui-base.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 30 Mar 2023 06:38:07 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64252e4f-d530\"\r\ndate: Wed, 21 Jan 2026 07:57:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:34 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3246\r\ncontent-length: 5666\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6946778669536136932\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":54576,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (336), with LF, NEL line terminators","md5":"a212ec8d2af1172e5fe97229a8cdd470","sha1":"676b870b21e2b4f18dd23dd24baa8a30955b8362","sha256":"910aca19fa0a1df0c76607fdde36968687403343a50022bed3693011abee9fc8","sha512":"6f8ef1e9c22978fe39412ca413b132e9ae54d5b84c1b95b6f40b5c7bd44e726212ca20b731de29294e77fadf0651f3cbc8bfad1d6a4ec6b808064faa4aa3811b","ssdeep":"1536:qsgR4FlccsG7TCbzG3ArEDTgkvudNssvmp13ZUcPGZ10iS9EvlBcovGF5XAso/GQ:qiu","tlshash":"78336d05e241abab21dad174230bca3bcdd81485fea4dfb7223971f4cba55e5b03625c","first_seen":"2025-04-07T03:18:03.889172Z","last_seen":"2026-06-06T12:16:55.44529Z","times_seen":10669,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/common.032d44c1.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/common.032d44c1.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 04:19:28 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-1b420\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: hnMgapj4YIrTYr78yirZ0R7__7f7ZyY-44t1q3Rf2OxQNLtoHrYmlg==\r\nage: 65412\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":111648,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (61590)","md5":"4d90fe732a8918235001f90a280ee3fd","sha1":"7e16f5554ebea2306f378b175c18457aed09bc22","sha256":"35d46a2ae61a964d46b8d668fa0d32e3cdb9e975f848692ebc12916b32078e5b","sha512":"0600dab872d39f5e780664b3c654b854568548399779eb614e286d39cc74030f40c63703c08161e995f45aba2aa8c9413a64b7938d81cb20eebe1dd84c8a98d6","ssdeep":"1536:9QARRaYYKZIknaW+lwfZA/AHJQZ1WpbuRIRoxkpV48KbnmrbB2L:93ZIkaWAw7KbqbB+","tlshash":"b2b33afb73c5b2f44143eb64e41b6410b42e3cbe7f9587d48255cee4b9b0099898ee98","first_seen":"2025-12-19T03:52:38.055006Z","last_seen":"2026-03-19T23:48:50.675664Z","times_seen":399,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/bundle.7126c698.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/bundle.7126c698.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 13:26:01 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-9819e\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: fZzNAnmLoc444MyRP-swOtsMIdKH64wedrSJUGZsHw0yhPr-7DELNQ==\r\nage: 32620\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":623006,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65422)","md5":"03585f467dd1043465e62024d84e8501","sha1":"1e5cf8a55c64abec323fd2af7e5823a22b4c18f0","sha256":"4cbd5c79ff097907e8a54d23154bef1b9b8db97a75ec78fb7f7fbc994e723353","sha512":"3c0bfd9bea584f9bc4acdac9815c499327a54479686c2b5e8189517433d9913de43dea480a34577ca551a0327e4d2cfd2271d6c598d4994b99119261805e46a4","ssdeep":"12288:nAQt366fCmXM7t36yfCNXYpnjhftWhS4V:ACfCZbfCSntwjV","tlshash":"68d41898f081b42856736161b2af360a7236a916ba4d4468f536c1f4bdf60cbd323fdd","first_seen":"2025-12-19T03:52:38.036277Z","last_seen":"2026-03-19T23:48:50.648715Z","times_seen":399,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/113/Logo/1/1470906218546.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/113/Logo/1/1470906218546.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 18 Nov 2022 02:59:51 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6376f527-1972\"\r\ndate: Wed, 21 Jan 2026 07:56:21 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:56:21 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 5003\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 1022512680490112998\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6514,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (6513)","md5":"6fe6bc1eb5ed4adb77abfc9df19cb64e","sha1":"ad44696470e99971026a52d6ea7e2b7f0408ffb9","sha256":"8038fe49254b78dc68716e877e21887fa2162f9a1ac0a175257e27e79f1da0d8","sha512":"429b9bdbdd961be959a41a18fbe84290c106e33cabbcb991003dab27a877a16d00569afe40691688c79db5a1470ab2d9e5b40e69c2fec2978a9af0ca0733a3b3","ssdeep":"192:3iZj54px30M8toVEHNm2Kh6lm1QtKMMUgXbj5:C54LkxHNnKh6CSHqN","tlshash":"0fd17d2e94c3207db03d498993da64a3d2d44a754c2ac5bceb8aea64551ac1fd27b488","first_seen":"2025-07-18T22:51:25.460551Z","last_seen":"2026-04-04T16:23:53.710577Z","times_seen":46,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/floatImage/250/1759066532073.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/floatImage/250/1759066532073.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 28 Sep 2025 13:35:32 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68d939a4-18a2d\"\r\ndate: Mon, 26 Jan 2026 03:33:07 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 29 Jan 2026 03:33:07 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 14295\r\ncontent-length: 76261\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10590575174807992465\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":100909,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5ad01f53a6874bee90fd067ffa76e3b0","sha1":"f87e74573a0610b826abd19028da1fc5c64f6d37","sha256":"56cc5ac7584401ef03a3705084265a42a99f8132740034dab77ac5334a7d530e","sha512":"e02cd5b96721be5a29d4993f03cc8c147e491910e39070d8ba2ce678709f820c63282275961f1414a3ee78dba289d33e43f4fc5f6dfe58e06605a008d01c6aee","ssdeep":"3072:8O0c/gAyeYHwfv3FwTubQ9M8qhIk/ev6essG:8O0c/kUqYQ2cssG","tlshash":"a1a3125faaee6a28a3155c6c4ded9c333f36d3eb0c681174c3115364a835fb56e0606e","first_seen":"2025-11-23T15:28:58.09549Z","last_seen":"2026-03-04T20:03:24.469318Z","times_seen":42,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 27 Aug 2024 03:30:00 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66cd4838-6caf\"\r\ndate: Tue, 03 Mar 2026 04:16:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 06 Mar 2026 04:16:00 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 1963\r\ncontent-length: 7746\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10383904540039219578\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27823,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (27668)","md5":"9c41709c2b64126b909c101a27f39153","sha1":"4ab666b36c092577acb41390ad90e96d5fea7711","sha256":"c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60","sha512":"f235dccead15199e58495c6faee849c50252b9beed29a04ae46a7a9bdbccfd569a8ab452e7fcf923b7048dfda0c3d7bd51261874642d40e994d1640ca89e330e","ssdeep":"768:u4ygd0iB6d9zYDO5qYT8fwTW3Jny+XiKZNtrt2tG:NB0iB6d9zYDO5qYTMwTW3Jny+jrP","tlshash":"e6c2b7093585102f4ecf30fbb897524f72ba95a45019a069b5fca4d1bef9f8530a6f38","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.46157Z","times_seen":17375,"resource_available":true,"data":null}},"time_used":1112,"timings":{"blocked":494,"dns":0,"connect":0,"send":0,"wait":617,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/welsh-open.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/welsh-open.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-1ed7\"\r\ndate: Wed, 21 Jan 2026 07:58:03 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:03 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 6049\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9448205239716281859\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7895,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"b478af36c7be4142ef1b2b441089404a","sha1":"2d3883f6dcee9c102d9705292448d05b098e7bb7","sha256":"45705c2a12612a457f9fdfdd67b8edbbeea0725b4a973be290b5cf979726f345","sha512":"d6878d28325a01d073f34b15c688e4c4b90ef9b322db529910e418caff7e0b6a0bb3b9dfab64cb8574c882e7362bfed579e0ecb1704b34cb1abfadbedcefe5ea","ssdeep":"192:cIRjI5xJsRSwFKVupTiaCF2Mt23FwUftd2TXk3:vI7GTpTGwMaV1ETXc","tlshash":"8bf1af0bc0d30557e89fd68aa27a164791f643bcc749b2f6a2ed29902d05d8e2c7618c","first_seen":"2025-07-18T22:51:25.488805Z","last_seen":"2026-04-04T16:23:53.762663Z","times_seen":46,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/partners.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/partners.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-1f51\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 5988\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15986902873533138980\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8017,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"b00c46096f9566d8ce6266bd31ba2c36","sha1":"0c1e5ba8148b1502e32b0081ed481bd55652f31a","sha256":"30b5772d2107a64247dacef5c67c1be07ab858a4028d230750661a85c4b43a04","sha512":"ce694e0ada515cb79969b87c433ebec744cdcb46904a9f0a7fae3cd7b006b3f9d983128355681e29003f4d5d9adbdee6dd481bf4d782dba78c4bec92fcfa6447","ssdeep":"192:2m4mLtEHn4/w+aq/hRcA/gHufZO5UgzpfO81LvlSPBFkEj5fs2TcU:t5LtM+aq/QfciUufO81OFkEjZsrU","tlshash":"9cf19f3be76efdccd0200a5db7b4720214368f5911266e9cd347bb8f6984150a364e6f","first_seen":"2025-07-18T22:51:25.504268Z","last_seen":"2026-04-04T16:23:53.766009Z","times_seen":46,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/113/carousel/10004/1470660003839.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:47.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/113/carousel/10004/1470660003839.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 18 Nov 2022 02:59:51 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6376f527-1ba13\"\r\ndate: Wed, 21 Jan 2026 07:58:04 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:58:04 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 85719\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4081640408502532641\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":113171,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"de85fd84e32cd91bd5b5ef01497ad5c9","sha1":"f103fb831c3f626559e75213988631c0a307da33","sha256":"aabbb677ffbacc5e771439b0b144a68591b29b98762ac0216aa8ef42f9ee47dd","sha512":"337c02053bc1b2af36a29a011e81f3e9d2c629c43b2ff7231c39da6ae48c91a6aa886bfd1150fd63870413f461f9961e7c8147c9e357f82a46a86766f2cb3e1c","ssdeep":"3072:HpyaQk7/PWa3MVifSs1i67BYt7FIuXHlZ:HIrYma8Vi6eBTu1Z","tlshash":"a9b31216dfdb521b509465f1a42358940b705afa92d8f289eacf38e30535d129fb20fb","first_seen":"2025-07-18T22:51:25.498898Z","last_seen":"2026-04-04T16:23:53.721594Z","times_seen":46,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-fc8b\"\r\ndate: Wed, 18 Feb 2026 22:00:18 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 21 Feb 2026 22:00:18 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 17446\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2880349966238360262\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64651,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64577)","md5":"b5bc8cd626b389bde727a91e6ce79436","sha1":"3df6c39300ac286cf596b3bda273cb39ff825429","sha256":"a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e","sha512":"2c1dde58ce83d9b716919dfc42602aef3022be012b3f92e61b17b674303ecbf0b9d308064b6d6c2443cf3e3dfd36bfb332eab62e64b56bef0be801e6f4610f12","ssdeep":"768:CwJl9VwAdGuMbJVAOi9ee9RjOEe1sdMv5rjITry:Cxb7AdRjOEKhHay","tlshash":"9553a7cd7522346b05de5235d18b4b4a623a9857730b90e4762c8cf46d29bbaf223f7c","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.409608Z","times_seen":17570,"resource_available":true,"data":null}},"time_used":1358,"timings":{"blocked":495,"dns":0,"connect":0,"send":0,"wait":618,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl//commonPage/themes/images/hongbao/icon-close-1.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl//commonPage/themes/images/hongbao/icon-close-1.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 07 Aug 2024 04:00:08 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66b2f148-2023\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3245\r\ncontent-length: 6277\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4614345236289456027\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8227,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"5ff41d2becd0689589fd8afb58c0913e","sha1":"9f463b57b27260b19c93d533046f893360933d76","sha256":"7f97dfd7455fb76be00f454b95e3b28c114f9164b49a504bf34200da41d9db8d","sha512":"d502dc1bf29166726ba9183c01efa1b698dcbf22d79de614a4772b4150add3f308d597732844c9febef77b1d85568604b729f2c16e4c66f2f86b0b724fdb4d72","ssdeep":"192:JkkBHNqwnjSJuxF1drKn9K79LDQXFj4NLaYQ7ar/:rBHI8BHkn9Kx4+LhQ7ar/","tlshash":"4d02bf013bd42b6a1dbb10d3f1684da88c83819232f43d99371fef7b658812c6253a68","first_seen":"2024-08-07T18:17:10Z","last_seen":"2026-06-06T12:16:55.440862Z","times_seen":9278,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-blueGrey.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-blueGrey.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-19f49\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 80698\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3497994591061097872\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":106313,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"37075466e8ede9937505a62ba591f77c","sha1":"46052e5f69ce3e53d15108e272c2a76dbfd02217","sha256":"3ff5df0b6596fa59aeeedd78fa1586a1ecd3749e70cd3e294c20888bca51851d","sha512":"ec78c9a7b8c0c6a83178da914e6dbf5fec3d6ed3dac5519385845a9b23d21027af90d0cd86ed2a3f337effcf09fbac31baaabe48696d0746e3e919342f7828e1","ssdeep":"1536:WWW522aOYO4kezvJYez8ZJ073qeCzSyqmxHW6iP2nPjm:WWW522dYnkeO08ZJ09eSHmx2TPOPjm","tlshash":"1da312581fb326ed956e424c4df9e5f1d42e60c291e2a2050fa0a3e2fc3c04785e6ee7","first_seen":"2025-09-05T06:26:06.67207Z","last_seen":"2026-04-17T04:44:35.189692Z","times_seen":1747,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":359,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/bg-gray.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/bg-gray.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-4e5\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3249\r\ncontent-length: 827\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4139747969026669632\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1253,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"c4e4f4d9366c95f62d711678ae599e2a","sha1":"de6d4ae1638fe87de72a94ee85d91279e66d2ac4","sha256":"e6990b4f77e4dfa789d17c5f7e4cb2565fa1f8924d9c163013ab8159bdea83ff","sha512":"9e5ead9cdfc395f25be8014baf2544f6e5f7b17015e860a6e4b4dfce05be4d92f0e6204e159cd945e425c255d336ae95bfc83596a1e88b9c47632baf336bb28a","ssdeep":"","tlshash":"7e21b779366f320e5039c2086b909173ac398e0f2d131fb4e8ec3fb3800a72082169d9","first_seen":"2025-07-18T22:51:25.486719Z","last_seen":"2026-04-04T16:23:53.684657Z","times_seen":46,"resource_available":false,"data":null}},"time_used":478,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":474,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/favicon/favicon_113.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/favicon/favicon_113.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 05 Dec 2022 08:15:08 GMT\r\ncontent-encoding: gzip\r\netag: W/\"638da88c-ae1\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 2042\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 18188558084103516860\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2785,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6beeffef54c754ab3b6d4f5d793e7daa","sha1":"3ad8eab3676e2d928ae7f5be05c9bd5949892a52","sha256":"e747ed8e9efe5769ab65ac8207d4026011584da28948b5a637862b112cacbb76","sha512":"dd835b1584512e33ba55dc749a03044f0fd52ea88ff24d79ce2203714004ce4e42ef2d5273891549609d5e9c539d002cbd2ceefb4062772a5ac2175ad3169d6e","ssdeep":"","tlshash":"7f514c367b5a360d2060c434e179354e3d27cc3f2a4b256be485eb55d21fb708d616c9","first_seen":"2025-07-18T22:51:25.465284Z","last_seen":"2026-04-04T16:23:53.680326Z","times_seen":46,"resource_available":false,"data":null}},"time_used":454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":453,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/idangerous.swiper.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 11 Aug 2023 04:30:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64d5b951-b083\"\r\ndate: Sat, 31 Jan 2026 05:25:41 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Feb 2026 05:25:41 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 11957\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5207093369765517101\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45187,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32034)","md5":"f15409fb02c527ce1f66a2fd3c4aa0e9","sha1":"1e1e1bcc0f49e99e14ba34991cffe0745178d302","sha256":"1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27","sha512":"66a384d6ad5fba862e778e24c43326a718328b6f860469fb5eb69c2687b0bbdc3c2dfa9049b0e3d5509214db1dbec4477f5c3654dc04446a505379a4300d4908","ssdeep":"768:oTFZ8CkWyYzh9MTvl7prcAgQW5ppZ+rPPWRqKDyBuq0t:cZiY9uTJuAgQW5LZ+rPPWRLt","tlshash":"5613f8c1b32031a741f3626e91fecb4271f54966aa05d4dcb5ed84c41ab489a03beff9","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-06T12:16:55.438029Z","times_seen":17250,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":514,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/gui-base.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/gui-base.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 17 Aug 2023 06:15:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64ddbaed-ee5c\"\r\ndate: Mon, 26 Jan 2026 01:21:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 29 Jan 2026 01:21:24 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 15779\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7981945029221565270\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61020,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11056)","md5":"e6ce47d880d7a50ddf91b074c8572edf","sha1":"6a3657c67209136e5b544859daecf16f2d153b72","sha256":"c49e04c7ecfd07c74b58cf161ef2b58f2bc837a9091ed1ae090a33734cdaa734","sha512":"0946a1cb9d048b485dadf4056a4aa7be685a8906240a828a5ac776a4e1eae2ed5ef238bd0724da41cce33324357ba44704d34a6766430f1552630f9a17b664f4","ssdeep":"768:+lkflKVlvREcS38xHmuqrRO/5IS3oFaJX+mQdudqD9jAXImsUh8H3yALdODRG4eK:6ClKVlvREcYoHz0PszIfoALkMEY16pB","tlshash":"4353c80a72b130a106efb1b6515f460d323a6927d44ac458b97c9ae43f74f28316bf7e","first_seen":"2023-08-26T00:19:56Z","last_seen":"2026-06-06T12:16:55.428303Z","times_seen":16643,"resource_available":true,"data":null}},"time_used":1038,"timings":{"blocked":498,"dns":0,"connect":0,"send":0,"wait":282,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/mobile-api/v5/origin/getFloat.html","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"POST /mobile-api/v5/origin/getFloat.html HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 68\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":68,"data":"locale=zh_CN\u0026terminal=pc\u0026is_native=false\u0026version=v3055\u0026resolution=2x"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: https://weide73.com:8989\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:40 GMT\r\nout-line: gb-cdn-013\r\nset-cookie: route=169b5c290b6963ddbef067cfad367b83; Path=/\r\nsub-sys: mobile\r\nuuid: 00113-01-00000000-177257698058d8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 535\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1202,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"bd2434548d2a6efacfde7d90ecd48e69","sha1":"86dd7a9fa6a54262d964afab7bfeaea7bd117a0f","sha256":"232036d13adfa663c06ca5d55f01ed5156478f8caf54d8d529e2b28fba0378cc","sha512":"7bd95dfeab4aeb7d2c868cba35d0db20a75fa562bda4eafd42d06e9d27d5a116c38aa7c1bde45c5c547021617a93590354a8b85cce8fe3c7d73bd27c143942ed","ssdeep":"","tlshash":"9c219b612ab41db953c953da8c8e3e07fdde04aa83d82c17fd0e8e1406eb3a95155607","first_seen":"2025-11-23T15:28:58.013575Z","last_seen":"2026-03-04T20:03:24.4573Z","times_seen":42,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/favicon/favicon_113.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/favicon/favicon_113.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 05 Dec 2022 08:15:08 GMT\r\ncontent-encoding: gzip\r\netag: W/\"638da88c-ae1\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 2042\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12040448368312182961\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2785,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6beeffef54c754ab3b6d4f5d793e7daa","sha1":"3ad8eab3676e2d928ae7f5be05c9bd5949892a52","sha256":"e747ed8e9efe5769ab65ac8207d4026011584da28948b5a637862b112cacbb76","sha512":"dd835b1584512e33ba55dc749a03044f0fd52ea88ff24d79ce2203714004ce4e42ef2d5273891549609d5e9c539d002cbd2ceefb4062772a5ac2175ad3169d6e","ssdeep":"","tlshash":"7f514c367b5a360d2060c434e179354e3d27cc3f2a4b256be485eb55d21fb708d616c9","first_seen":"2025-07-18T22:51:25.465284Z","last_seen":"2026-04-04T16:23:53.680326Z","times_seen":46,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10565004824204522039\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":473,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/float.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/float.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 26 Aug 2021 07:50:18 GMT\r\ncontent-encoding: gzip\r\netag: W/\"612747ba-1b2f\"\r\ndate: Sun, 25 Jan 2026 12:22:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 28 Jan 2026 12:22:45 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 1929\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15292751170700643158\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6959,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"829af863b0cdc4a603919824ae046299","sha1":"1d417b1553e4ecb7125ebf2005b74255291fbf73","sha256":"1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271","sha512":"e1202fa26fd353dfb2f989d3d45512e0691c062076297399f5fe62f63e7f5b194fec4a3d7fe2f09be1a6a945e197e7d68445d33dcc6f80b23a315112d9ae5b6c","ssdeep":"96:G4SXFXVXDL+R5NxuHie/moRUgIm/Kv3RKXg+Iw3qCNv5IC80b7Yr+HpH:G7xhDL+jNxzeBVLKJ1LeqCwCxb7YspH","tlshash":"04e1506e03b1212195aff1beaf1e424c6631905b2507dd057e0c87c46fa493c4636fee","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.41485Z","times_seen":17430,"resource_available":true,"data":null}},"time_used":1652,"timings":{"blocked":531,"dns":1,"connect":263,"send":0,"wait":570,"receive":16,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/fonts/gui-fonts/gui.ttf","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/fonts/gui-fonts/gui.ttf HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3rzeeh.ntbnaq.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 04 Sep 2025 09:10:07 GMT\r\netag: \"68b9576f-68cc4\"\r\ndate: Wed, 21 Jan 2026 07:57:34 GMT\r\ncontent-type: application/octet-stream\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:34 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 429252\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 361044803771977586\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":429252,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icomoon    ","md5":"791bc072a3e361510b60c0994a742bf3","sha1":"f08c63ea64126c0f3b24c67fd0e0c5ae5df1b08e","sha256":"7a8e26265738d3cb0f201a53fb168cd59bb721cf0407f00bf25f720cfdcd760e","sha512":"d5548476dd786b5d0d77b02d36199c32d7895e0be8084be18a682f02303971b4c85f6d48e1faa94f51b2eb5ebe61cf91f97299515bcde23fb654a94cbd445509","ssdeep":"12288:pI/XwKnKzir7YTsVYzb/nb/X3M1MP2EF9PpKHQ:pIjnvrsoVK/nbPOAlvP","tlshash":"0e947d07936def8e9451a2e24845d0235ce2e104df3ed366eece7c5cd0258e88d79b9a","first_seen":"2025-09-06T05:10:02.121568Z","last_seen":"2026-04-17T08:01:36.639999Z","times_seen":1267,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":278,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/livechat.ashx?siteId=60000906","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /livechat.ashx?siteId=60000906 HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/x-javascript; charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:07:24 GMT\r\nserver: Kestrel\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: GUBY94lCzOcbJKsNqWRipb2K7Xm7choJkyZacczl7AmI8TpLgoEwlg==\r\nage: 1336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2615,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1079)","md5":"e450ccfe9e6f6b2cb9dff4a490f5a40f","sha1":"84a41957c6e8a5bdc4602c3c506e2e42e0ef0555","sha256":"d28eadec8e7b7b7b3d543715c575e3afedfbadc3f294c936650a00952b680297","sha512":"a1b44e7cf7ea8b46e0278419b0fe20e9f768b070301c2bc49190b6796767474dc1bbea31b3190e12158210d3938ec454a260f7fef86a96b6501163bb9c3f5606","ssdeep":"","tlshash":"7c5195ea7a2e0210062020959d3e73cc8c6da0593d958ca3e8f9e22034f1f2fd556eed","first_seen":"2026-03-03T22:29:04.298711Z","last_seen":"2026-03-04T20:03:24.419104Z","times_seen":40,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":68,"dns":1,"connect":9,"send":0,"wait":18,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-purple-02.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-purple-02.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1b32b\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 84586\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14194715956983741957\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":111403,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"d043d074c686f48dfca9d02ba3e7b670","sha1":"a5fd625703018e34f86c2b4f2f487ce5beaa0903","sha256":"f06a3aa1663a356ff269f6d89768597db1834ac6cb5ab01832786de25d7f1531","sha512":"60202e2a8ab8f0a733d26c38f479c634bffe0fe89253d4aa8f6c91eba694b4c7d331d778926803cc5c65dc678e0125aa9fae04bf66dca45dbe214bb50d537db0","ssdeep":"3072:boG85QSt1cl/lHGqN5+0Ra0h3tGgWUdL3krWqM:sP5p1AV/fRaIAUdrkrWD","tlshash":"16b31240e7a0fda58dd09f4b8a673a795f3c072eb753f0ac94836170837aa9e1257748","first_seen":"2025-09-07T00:50:47.7251Z","last_seen":"2026-04-17T08:59:04.369621Z","times_seen":1763,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":385,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-brown01.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-brown01.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1beff\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 86899\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14003616966874215089\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114431,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"13705bb454fa93a337d360fde95d32ed","sha1":"f17931976273af97665c359e14c5d7b673ded90b","sha256":"221a4adff18935e8dd8d421dd0dfb431bab972377ff4ead01e00cdc9dbf73127","sha512":"fc3c18262e7afc15b4716e6ed6869f20c27749dc181e010736e5314d0cc96d33826337eb3198e8425dbf01766d7c7cd2d85ce3cf594c4509106540464dda76a7","ssdeep":"3072:d1tyThaOfU3ozO51gip4i02XfacJ7TznFNnOOa:d1tyT8cUM5hcRnFVW","tlshash":"20b312a0dce07db423bb950ca3bc9f186243145f03a6269321b3f5430d627a4a6fd772","first_seen":"2025-09-18T16:22:49.418873Z","last_seen":"2026-04-17T04:44:35.216553Z","times_seen":1726,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10333/1772028405845.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10333/1772028405845.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 25 Feb 2026 14:06:45 GMT\r\ncontent-encoding: gzip\r\netag: W/\"699f01f5-86de1\"\r\ndate: Wed, 25 Feb 2026 14:07:50 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 28 Feb 2026 14:07:50 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 262\r\ncontent-length: 414685\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16352874933186624394\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":552417,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a0f1db672fc5ec3d0086b4402f8e0b0d","sha1":"79f7a19aae16905172deb646a8223deb7425abab","sha256":"5233dd73266ce5d2ffa7cad49ab0be225fb9ab4ffb1bb42c5c22f410ad2d90cb","sha512":"241698cab2b6e90a47c833ed9ec06b83eca90ed6eb9aedeed5e3f0eaba93e6452b08c471217b679d8624e82b9d1df684d428ea8250b7598574f9f2fcf89a0cb9","ssdeep":"12288:XVstqctVj+cbn2Y7oTjeJYnlDRfZxBKL+tsiKupQA7oOQQC/7Wr:FstdWy2Y7sjYm0fiJpQA7oOVC/yr","tlshash":"1cc42317af4b9728494cc224f2c77f16ce960fd5e802f1eaa0913dd762d8b4306be5a5","first_seen":"2026-03-03T22:29:04.312905Z","last_seen":"2026-03-04T20:03:24.424762Z","times_seen":40,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10308/1755039680297.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:43.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10308/1755039680297.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 12 Aug 2025 23:01:20 GMT\r\ncontent-encoding: gzip\r\netag: W/\"689bc7c0-8f221\"\r\ndate: Wed, 21 Jan 2026 07:57:47 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:57:47 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 440314\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13080520731448602028\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":586273,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0636baa573356e85ac35e0895f74d609","sha1":"83828a9193b1f1927ff36e8f0f69c7ac811369d6","sha256":"1d11dd4fbaf995760e0fce9f3fda11b135ea1ad51a484c4500664fb4b5f43786","sha512":"1c23d2ec6aee1ed3046ec389efe974c07cb4251f0d736a6f49fb292ee32b1817ce35d3120f28269efd08455b7a9f5780ba53482e631d3af0d653f9b9bf755b68","ssdeep":"12288:Oi5hfhbl1FsquPXbrGu+z9KqzROYsZUF8KeAzzxAdM+vei00rr:Oi5/b3FKroK0R5sZU12d3nhrr","tlshash":"78c42364ef6ccb0c2aa84265747bbf6f7bc34fa48889c98791c574c7b1a7f61c426046","first_seen":"2025-08-19T13:06:58.998935Z","last_seen":"2026-04-04T16:23:53.700742Z","times_seen":45,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/home.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/home.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\netag: \"66727401-25c\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 604\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3296232364211178996\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":604,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"2c4e7e9ebd1bd670f42e2ad23c8242b7","sha1":"19643e6220871a1fc6e8af9641dd98e94fe35745","sha256":"4b400c60bd3316d202af9243c651128dc893920c0f42568bcfd433cf3297eff2","sha512":"ebb2eb743c796dd8d573ac6bc8404cf888e8853b500db54d472e62367fbf1f836e6719353c7ee1abcde6aaab9786a2449991a25300f06f0eeaa9272537602829","ssdeep":"","tlshash":"67f0b7391e8067874c4f76503d1b65d02d39a0afe12c48139b08fe6268c13ff348a847","first_seen":"2025-07-18T22:51:25.477653Z","last_seen":"2026-04-04T16:23:53.749309Z","times_seen":46,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/bootstrap-dialog.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-4ea4\"\r\ndate: Mon, 26 Jan 2026 01:21:42 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 29 Jan 2026 01:21:42 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 5007\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16215688130834027422\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20132,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (20132), with no line terminators","md5":"5ce8851dc823429a42ab6147554403cc","sha1":"28f381f0e0aa4f5d56690e65723bd97fb59a38e6","sha256":"dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811","sha512":"f42a4d48c666d9c78fcb6c6061141452899085c504bf15e23749611dda00b6913e75ebbe47ca436a2ed016175d0918f193e474f13974a2f6a5304e18909a87ee","ssdeep":"384:3ai3F3N3VKUINthDa7Vnq86z3JCDKSz1m0hMtkJI2Cg0WEUOv5Dq:T3l3INthDu1YCDKS5flC9m1","tlshash":"6a9261ccb2d9b54c47abe072143f200df03a996951496119bc79e9ebecf060aa077f79","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.46809Z","times_seen":17495,"resource_available":true,"data":null}},"time_used":795,"timings":{"blocked":497,"dns":0,"connect":0,"send":0,"wait":281,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-176d4\"\r\ndate: Sat, 24 Jan 2026 16:04:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 27 Jan 2026 16:04:59 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4948\r\ncontent-length: 33545\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6775032008830190768\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95956,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"b091a47f6b91e26c93a848092c6f3788","sha1":"52918af2d431e73464060b35d364640c8db75606","sha256":"329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10","sha512":"ab444102be476f0104eeff79c9b596174852b4fe8cbd0b5a0279d56f106a166ec39304636e09326213de000b102ce8f517bb268a9abb2955c56ee4f18b464ea8","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmS:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"6893d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:10:10Z","last_seen":"2026-06-06T12:16:55.462073Z","times_seen":18272,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/livechat.ashx?siteId=60000906","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /livechat.ashx?siteId=60000906 HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/x-javascript; charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:07:24 GMT\r\nserver: Kestrel\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: kQ4LE8QIWTfSac994OR2WfeUCkT6LbbSbS76aykBs0mOSFQXJc7Stw==\r\nage: 1336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2615,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1079)","md5":"e450ccfe9e6f6b2cb9dff4a490f5a40f","sha1":"84a41957c6e8a5bdc4602c3c506e2e42e0ef0555","sha256":"d28eadec8e7b7b7b3d543715c575e3afedfbadc3f294c936650a00952b680297","sha512":"a1b44e7cf7ea8b46e0278419b0fe20e9f768b070301c2bc49190b6796767474dc1bbea31b3190e12158210d3938ec454a260f7fef86a96b6501163bb9c3f5606","ssdeep":"","tlshash":"7c5195ea7a2e0210062020959d3e73cc8c6da0593d958ca3e8f9e22034f1f2fd556eed","first_seen":"2026-03-03T22:29:04.298711Z","last_seen":"2026-03-04T20:03:24.419104Z","times_seen":40,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":67,"dns":1,"connect":8,"send":0,"wait":15,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB; route=a9961c6ad4780ba0f3c8657ffc8a49b9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:41 GMT\r\nout-line: gb-cdn-013\r\nset-cookie: route=4bf55577ceef236451cccfe77519a18d; Path=/\r\nsub-sys: mobile\r\nuuid: 00113-01-00000000-1772576981c29c\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 113\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":141,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"381b7de0ec7283b89f95d816cdfffc33","sha1":"c839889e199f44fdc2b2d04169768e322ceaee77","sha256":"811dea6ceac68441b7e490a52c1ac0b873feb0c910175fa35c752dfc4126ecb8","sha512":"c1bcd4cf279529aac01e25cea8031f98750690f861edbe66cad8d250f559739166807ef9ba5e88560ac16f2f451ed25af440f5be28a0f2f1040397ccb74854d3","ssdeep":"","tlshash":"1fc02b82e2181c779a034bd110e83e41c2fc1192c0cc484cec4c4e4806b98afd301437","first_seen":"2023-05-07T20:04:35Z","last_seen":"2026-06-06T10:13:20.975294Z","times_seen":8162,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-black.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-black.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-197dc\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 79254\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 11116624232924707810\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":104412,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"0298fe6d0aa5b489e3cda6cddcc325ee","sha1":"4f7dbdce496c21b36fdb5406592d1ec8f0219699","sha256":"98bd06ca490d5c000e797802b93323fca6de4f672c4a561099bdc6c0d7e0c093","sha512":"a110c084c85583253556ada989851ffe48a9fdfa752976ad7061b230fea6a4d685369a3303d8bea7f27512b35cae4c96d143fe61d275521a8cdcc8c4ac8f9554","ssdeep":"1536:8WIh38q9JcZYHgtwd+CJbHa835EktOC08ltxlgWIIa+uoAwQpqcZCfrW5s4h:7Ih33cyHdNzJwBmjepoAwQAcc4h","tlshash":"d8a3122dfaa06f75da22873f8255dc0481db6196dedba24a02f0ddd8cb4a7374267d20","first_seen":"2025-09-06T07:11:29.245175Z","last_seen":"2026-04-17T04:44:35.203107Z","times_seen":1734,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/gamcare.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/gamcare.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-a7f\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 1959\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15130992080523669659\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2687,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6141e0429b4dbbbabd7fc8c022614458","sha1":"5ec4e76568bc367238023640dac70ef390544a39","sha256":"55074c750820deb7b2a88e38b7909cba290adb40d74f8fe720b19bd5a8a473be","sha512":"43223d6b9042e8c74a0a2c8f23570a1f6c133364a594936a0672534524446c90e243c19f90b7df3b86f521c21c1bb90541499088a327cf25d581be12a906c992","ssdeep":"","tlshash":"8a5119b933fb7d0b1431cb1c37b673035d228a1f06a71aa9688c7b16c887b508527cc2","first_seen":"2025-07-18T22:51:25.529282Z","last_seen":"2026-04-04T16:23:53.75021Z","times_seen":46,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12423824754891912110\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/floatImage/255/1739965934068.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/floatImage/255/1739965934068.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Feb 2025 11:52:14 GMT\r\ncontent-encoding: gzip\r\netag: W/\"67b5c5ee-13261\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3248\r\ncontent-length: 59220\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17818355473275164900\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":78433,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"6a1f72b407a749ea700d6ecd0e8b5f64","sha1":"0ed5f8282a8dd8a85efc83ffa37ee4ba900ffbca","sha256":"b32b25303564d0be63bd37bb53d005e0d8a64ca5b6a3dc555ff05a8888aff57f","sha512":"dae172f4ebf7863e834d25c796612aa76cac805ce3b021d29c20e42d413ca623ea8b1e945d2ef87fae0abfd26d7258910dd0d5a9318e6e387bf6de23fb6b5f54","ssdeep":"1536:ahTACXa1ZAzSPirQJj6S9QgWGObZssl6Xe3+ugb5Dlrvhn2SdP4Ic:mXazAuPVjt95WZbEQetLFP4b","tlshash":"3b7312f936662cbfa0d4f40b234f790074d512caaa0c7cdb80ad951127fe7da614e9d8","first_seen":"2025-07-18T22:51:25.454625Z","last_seen":"2026-04-04T16:23:53.763948Z","times_seen":46,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com/","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T22:29:37.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: weide73.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://weide73.com:8989/\r\ncontent-length: 60\r\ndate: Tue, 03 Mar 2026 22:29:37 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":354325,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T12:09:44.754124Z","times_seen":16177101,"resource_available":true,"data":null}},"time_used":1138,"timings":{"blocked":458,"dns":13,"connect":219,"send":0,"wait":219,"receive":0,"ssl":226},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/lazyload.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/lazyload.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 07 Aug 2023 03:05:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"64d05f66-2f79\"\r\ndate: Mon, 26 Jan 2026 01:20:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 29 Jan 2026 01:20:33 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 2731\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3196636034872253170\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12153,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"d87854586672bff7f886a47da85da5ed","sha1":"8d0537030dc7a81ade87a41a75fd5a75e4e33da1","sha256":"17859187f895c27de8869fb6bfec579fd68c4588d0af71d08d334be92d144ada","sha512":"d8c3e724f00bcf1ebfe1f8e96dda01243cf22aef18a0fc5a25a42d84458ff58a22a316dabf1d80d1b4f4c28db79edbdf9ba19df755d72f2b0b9f64497137672f","ssdeep":"192:Cdr+EgBD7NiM7B1wV20jSCQrF/bcbe7/bgdCx4RTsmS3KDsS3CggvBSChKRJ0Suk:Cdr+JBDYpV20Ez+obgdsm3ROCJIqSJvG","tlshash":"304200483deb51aba1d3b0f89a5f11447235810b160eee253d6c9395af6093932f2ff9","first_seen":"2023-08-15T12:01:05Z","last_seen":"2026-06-06T12:16:55.441827Z","times_seen":17189,"resource_available":true,"data":null}},"time_used":789,"timings":{"blocked":499,"dns":0,"connect":0,"send":0,"wait":281,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/message_zh_CN.js?v=1771834111856","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /message_zh_CN.js?v=1771834111856 HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=259200\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript;charset=UTF-8\r\ndate: Tue, 03 Mar 2026 22:29:38 GMT\r\nexpires: Fri, 06 Mar 2026 22:29:38 GMT\r\nout-line: gb-cdn-013\r\nuuid: 00113-01-00000000-177257697893db\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33499,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (15759), with LF, NEL line terminators","md5":"5e29a736bb07482814f4fb40f94618e3","sha1":"95031dd994aa15757b741e35e8165e6e54b396e6","sha256":"9cc0606e9e078be2bd4a7f0128364ad8a989ba363258d3d6058d8cf79b1fd3a8","sha512":"6df469c4d40670119fc0071f8339fc104ef3f9b8e96608462fb533295ae361da6c177d7d67a3ea50bb2da87e8c27cab6f4a54019f8feb61c5a846350d315c8c8","ssdeep":"768:IIy92nyfB+vODR01IRBG3Jpf3OEg7/wiwL38:Ib9BB+vF1IRBG/Op","tlshash":"05f24c8746fecbf68a4a0af99c5301ae22b557c8c9ec79147f90ddd92b457c900a7383","first_seen":"2026-01-15T08:15:21.544222Z","last_seen":"2026-06-06T12:16:55.440345Z","times_seen":6722,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/jquery/jquery.super-marquee.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-1151\"\r\ndate: Mon, 26 Jan 2026 02:34:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 29 Jan 2026 02:34:45 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4948\r\ncontent-length: 1421\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17398685632260391866\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4433,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4433), with no line terminators","md5":"f77d83590bc0a69298f2fbcc5d9911cd","sha1":"1d6aa25d7052f53ad0181385e5efe72f224bbdb9","sha256":"1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7","sha512":"a39dc6c01df32c8f72842af346f4d67e1278d37a74a0541537b8274b421bcfbc547a2f4844f3c4b6c5cdda4c78f0a8f41171c87ffd149ab52526a95bc6c5bf61","ssdeep":"96:nwzrUsI9/8w/ISEgOGXFRNcrc8PQjc3Pb:+rUsk88OnJQA3D","tlshash":"2991252d7290f5d559cf3c3be02b0b050c785123a54e00927a65def279ba379a607e1f","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.45509Z","times_seen":17453,"resource_available":true,"data":null}},"time_used":1419,"timings":{"blocked":496,"dns":0,"connect":0,"send":0,"wait":922,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1771834111856","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1771834111856 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 05 Oct 2022 09:40:30 GMT\r\ncontent-encoding: gzip\r\netag: W/\"633d510e-7fd7\"\r\ndate: Tue, 03 Mar 2026 12:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 06 Mar 2026 12:50:12 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 5207\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13146306536971856868\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32727,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (801)","md5":"a55780dc13cbf1a8d375f14ebb659cf2","sha1":"9548cc269bcde0dc48e166fa6bab37af8a649e57","sha256":"35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8","sha512":"3514366118d038da9131739e4557dc5fd92b8b7d3a27af00a7c2d8f4cfd49f4932991cba899fcc8171ac59eb356b25e717494225912f37d65600305ce2d3ace9","ssdeep":"768:WqBveMjZ1oE/eL8hhMjm9a1hI4vhej4pZ:Xpo5GhMjm9a1hI4vheUpZ","tlshash":"cee231166b7701e2916b71e10e4f9a083174952b5a87ce08bdac92e09f18d787373ff8","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.405698Z","times_seen":17695,"resource_available":true,"data":null}},"time_used":936,"timings":{"blocked":354,"dns":0,"connect":0,"send":0,"wait":545,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/vendor.4f844090.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/vendor.4f844090.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 08:36:32 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-26906\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: 8G2tkDowLU6PIzDRIhubxfr_-0By8UcHM-40H7zVe4vlvCZeOBAHAw==\r\nage: 49988\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":157958,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65419)","md5":"1550da77b83ea7f92fa72c28654b0b07","sha1":"bdf997b0f858feb25fe28e9aedb9ac9ab199f143","sha256":"eb4f74cbc5b25824f7f0bb24042143a6495404ce6d2316886ff2c5887e52c020","sha512":"0d4ec259e0a05aa51ad1d12030c8eb7a40bfb5dfb74c2285389d0461e1dc640ddf4b77d58628f9a1cd9a92ed9d764bd90dfb1fafb85235a2c270906ce606fc2e","ssdeep":"3072:JlPm6jZ+uUcYoazxkXfDirssXrs1zFzToZpGYPfKX9dT3ZFUxxk57AT6m/FA:mzuv+pIzMvD6UFA","tlshash":"32f31bca32957c5552aa31e2887f090ef33a1d66348cd068f6a5f5d23cb540e9277f78","first_seen":"2025-12-19T03:52:38.075217Z","last_seen":"2026-03-19T23:48:50.690511Z","times_seen":399,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/headerInfo.html?t=mmb6kg7p","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /headerInfo.html?t=mmb6kg7p HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB; route=a9961c6ad4780ba0f3c8657ffc8a49b9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:41 GMT\r\nout-line: gb-cdn-013\r\nsub-sys: msite\r\nuuid: 00113-01-00000000-17725769815d07\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 116\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":127,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"20cdc04b8606876f657ce4d32018e211","sha1":"463099a16babca872f46f80529eb895aeb4739a9","sha256":"ec249bc07de3a24d7c1d016720f71325ebd27385f4d6c4938d04fa329e671221","sha512":"5d4fdb786d891a78a2a2c7757db64f891fac79ff65575b6aea0e151031f9a9ce6f0aea1969329f0663a06beb83c28f7106fcfa10db726bdb0b57e5486609e165","ssdeep":"","tlshash":"69b09b241916deed94476511c250055042150415f5c6790dd1bc950571ca1e95136517","first_seen":"2026-03-03T22:30:10.332414Z","last_seen":"2026-03-03T22:30:10.332414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/partner/partner-hongtu-brown01.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/partner/partner-hongtu-brown01.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 02 Sep 2025 06:45:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68b69275-1beff\"\r\ndate: Wed, 21 Jan 2026 07:57:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:39 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3244\r\ncontent-length: 86899\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 11719799720793428755\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114431,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"13705bb454fa93a337d360fde95d32ed","sha1":"f17931976273af97665c359e14c5d7b673ded90b","sha256":"221a4adff18935e8dd8d421dd0dfb431bab972377ff4ead01e00cdc9dbf73127","sha512":"fc3c18262e7afc15b4716e6ed6869f20c27749dc181e010736e5314d0cc96d33826337eb3198e8425dbf01766d7c7cd2d85ce3cf594c4509106540464dda76a7","ssdeep":"3072:d1tyThaOfU3ozO51gip4i02XfacJ7TznFNnOOa:d1tyT8cUM5hcRnFVW","tlshash":"20b312a0dce07db423bb950ca3bc9f186243145f03a6269321b3f5430d627a4a6fd772","first_seen":"2025-09-18T16:22:49.418873Z","last_seen":"2026-04-17T04:44:35.216553Z","times_seen":1726,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":377,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/style/common.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/style/common.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 09 Jun 2022 03:45:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"62a16cdd-6cc2\"\r\ndate: Sat, 07 Feb 2026 15:09:13 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 10 Feb 2026 15:09:13 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3245\r\ncontent-length: 6667\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6673553924456436520\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27842,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (729)","md5":"8c3f775170e3fd01c5ad24843261868c","sha1":"c7eb8f77efcfc2d1a2774b5e8dd95e064f988132","sha256":"cfcb86b4a6d8c0756e63c745b5998a15929abecc3a42a8df6c15671ce79471cd","sha512":"a9c5ad15cbe81c2baa6b3e21b869e6949e4eb23841efbfa97937c8134b8376a12c57b2c6f70e3d2c759354213b456f67583529c0c6e341fae9411564354d631f","ssdeep":"384:yJMPXqoEJcwQkzEqycU333yTaI5tdtLyfL5y0hWzqWQ9w42yts:y+PXjAc+zPuKyD5y0hWzqWQ9Xy","tlshash":"8ec2d721e6801019f537d2a7f8d6bb882724c553a2171fbef9d2357ce6867c81973b88","first_seen":"2025-07-18T22:51:25.550034Z","last_seen":"2026-04-04T16:23:53.760124Z","times_seen":46,"resource_available":false,"data":null}},"time_used":1958,"timings":{"blocked":566,"dns":0,"connect":295,"send":0,"wait":591,"receive":202,"ssl":300},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/js/layer.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/js/layer.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-55f6\"\r\ndate: Wed, 21 Jan 2026 07:57:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:33 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 7599\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17144768495146721803\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22006,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21910)","md5":"cb96339625e9d456e32f86cdb3c7a7a1","sha1":"1301165c58bbb13c542cba493b7ab5774e87e31f","sha256":"17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919","sha512":"53083bf4d6d450b1e9402c3f3dc40fb3434a27d47fbabee51f4ce1d3577f2a0aabe90cf5f6dfc22830a3878ec7552a6bf6bff605c82a4f832c79f34f7657ccef","ssdeep":"384:r1dCih92A3DgrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:r1YiV3D+WtXItqF13k8","tlshash":"6aa2b76a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.442317Z","times_seen":17387,"resource_available":true,"data":null}},"time_used":1062,"timings":{"blocked":496,"dns":0,"connect":0,"send":0,"wait":546,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/index/getUserTimeZoneDate.html?t=mmb6kg0c","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /index/getUserTimeZoneDate.html?t=mmb6kg0c HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB; route=a9961c6ad4780ba0f3c8657ffc8a49b9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncachettl: 3\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:41 GMT\r\nout-line: gb-cdn-013\r\nsub-sys: msite\r\nuuid: 00113-01-00000000-17725769810c0f\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"b4bb95d5f0f319e0dc92ee5dd5cb98d7","sha1":"c98778884cec18b99498efda473217898bf237a9","sha256":"2ddead6e718ee71103535535e336846fcd77be9fe18aa3425c42e24e083d7af1","sha512":"88e9b1c49e100eb60c406346d599fcb8a04b42dd3da0020e5cbe0ee960f180b14875fd781d0f705c4ae7fea0cdbc49eafaa9594c05cced73ef1d3a1bf87b1aee","ssdeep":"","tlshash":"07b092a809e26f9e0d2490a1d605f4cd092a726b48c3caa09a96ee1da499a4a2809212","first_seen":"2026-03-03T22:30:10.335667Z","last_seen":"2026-03-03T22:30:10.335667Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/mobile-api/v5/origin/loginSwitchCheck.html","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB; route=a9961c6ad4780ba0f3c8657ffc8a49b9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:41 GMT\r\nout-line: gb-cdn-013\r\nset-cookie: route=c7419011ef227a9b9406a6c2cd9b5007; Path=/\r\nsub-sys: mobile\r\nuuid: 00113-01-00000000-1772576981aaae\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 113\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":174,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"1452cebf3e2bb129b06762f43f09e5c8","sha1":"0ec65f1e79233e8c59f76c55fb89ac8637cfb070","sha256":"99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d","sha512":"758e5238156c2ffef164019c0090d96ae3567b56cdb9180b179f9f20dbefa3d184a9b0776e96d10667ecc0bef04ebccad0959b1eecbf5526077c096e22cfe919","ssdeep":"","tlshash":"b6c08c49f00458abce02239456d828402fec189270c9eccddc0c4a58f2cb4dfe322c2b","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.437006Z","times_seen":15762,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10316/1758224920778.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:42.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10316/1758224920778.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 18 Sep 2025 19:48:40 GMT\r\ncontent-encoding: gzip\r\netag: W/\"68cc6218-71671\"\r\ndate: Wed, 21 Jan 2026 07:57:46 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:57:46 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 348410\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15214552741870880388\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":464497,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b08cec653eb1db3716f896d00eefbb00","sha1":"c88247dc743f4c96db131ee6c114c8cb031309ca","sha256":"3a2fd18ef2eae6fe2a87ef36d49919de66c0a7c18a0009002bd7bdc33caa74b6","sha512":"3f932503e393dfa47d00d14022d6b6b012d6d192ba528ca5658995afa893ec0fa74cacea8872b06036328a94d069209747a3dd030b76e2c6d0138be6427a9f6d","ssdeep":"12288:SzFGkmiD2zHD12xEcIdq9FTF16fTWUK0AFz7zBNBZ1/BYo:SzFNmE2zHOE+aSt0EzhNh","tlshash":"1ea42355db18fdee470c217b34961d2227eb3ea241d882d683d3b6ebf8889d45d2bd40","first_seen":"2025-11-23T15:28:58.054243Z","last_seen":"2026-03-04T20:03:24.464463Z","times_seen":42,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":791,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/offers-list-03.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/offers-list-03.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-410d\"\r\ndate: Thu, 19 Feb 2026 03:58:09 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sun, 22 Feb 2026 03:58:09 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 12482\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16677806038824632652\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16653,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"46d2c1488973fc97a568da7ad370d406","sha1":"2e238e31ce18c0492580752a474eaded4d729d3a","sha256":"9ab912c848e722b908a00fa2e16bc706b109ec2675d7b1626224b85815784738","sha512":"a734302373897ef960fd16e31e7cccd541330f14524524dff45cc0fea560940c724042d1fcb591a38bf777fdab388ad3ef1a4787f916f748180ec7556cd5daff","ssdeep":"384:HV+ZLeH9X0NOxDL3CA91HNjhHk+656QiEzlCDVS5A5b09:1+ZLkK4xDDCA9nWz6Ez+g5Q09","tlshash":"ba72d131cf2add143b290fa1a8c5b4f6cf5618d3238fd1a3587ec6dce9636612670989","first_seen":"2025-07-18T22:51:25.47142Z","last_seen":"2026-04-04T16:23:53.773837Z","times_seen":46,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/offers-list-04.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/offers-list-04.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-6b6a\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 20528\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16691644341796769293\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27498,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"8e9355d2f2525a45f30a08bb20b0b4aa","sha1":"c9cb21ba9713c0c8b507426172f385b603c60309","sha256":"7fc18baead9cdfa6ace5aac7192d0213644f074282199e830a0ba9565d2b0950","sha512":"7611f9d6c72b27adf69bd34aef4c151297f85545f4b8574f822bab2af83a86da8a06582c9e49c2157151031c553eb558ff4bbb87a490c5f17ef14bcdad5cbc64","ssdeep":"768:IfmYJf47HjDS3TWZnQRrGtXzCQtNcrJRE:IfmS4bjDS3CmYXzCQyJRE","tlshash":"43c2e17a4e36c68965c1720d7fe0a97f1fabaed1ce55cf64e3e618061348720e0a064e","first_seen":"2025-07-18T22:51:25.519402Z","last_seen":"2026-04-04T16:23:53.729082Z","times_seen":46,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/images/favicon/favicon_113.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/images/favicon/favicon_113.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 05 Dec 2022 08:15:08 GMT\r\ncontent-encoding: gzip\r\netag: W/\"638da88c-ae1\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 2042\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10584832270794799575\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2785,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6beeffef54c754ab3b6d4f5d793e7daa","sha1":"3ad8eab3676e2d928ae7f5be05c9bd5949892a52","sha256":"e747ed8e9efe5769ab65ac8207d4026011584da28948b5a637862b112cacbb76","sha512":"dd835b1584512e33ba55dc749a03044f0fd52ea88ff24d79ce2203714004ce4e42ef2d5273891549609d5e9c539d002cbd2ceefb4062772a5ac2175ad3169d6e","ssdeep":"","tlshash":"7f514c367b5a360d2060c434e179354e3d27cc3f2a4b256be485eb55d21fb708d616c9","first_seen":"2025-07-18T22:51:25.465284Z","last_seen":"2026-04-04T16:23:53.680326Z","times_seen":46,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":468,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/gui-base.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/gui-base.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 25 Feb 2026 06:51:20 GMT\r\ncontent-encoding: gzip\r\netag: W/\"699e9be8-146ad\"\r\ndate: Mon, 02 Mar 2026 11:14:22 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 05 Mar 2026 11:14:22 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 11121\r\ncontent-length: 17173\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7460615651224055710\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83629,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (12023)","md5":"ae436617c02061eb715fce1f6e4d84ba","sha1":"d29e23c56a6972ed8c139be8fd55022e8dc79dc2","sha256":"95be5699e27ae8ba00031ebaad84c414dbe6ab48f6445007513e072c9243eaae","sha512":"614e0041902efc437f9ef9ab63f0ee9e7d1236e0a5d811013dc75509c0669ef44b24ffefec0cf367ed241b6615b506b27a951cc17f168e7ff97f09b9564c4137","ssdeep":"1536:hh/EEJVfpLdXYSN4H1Y7B/Daf4ZxnVXCg9bI:VXYSNE+RVXW","tlshash":"0a8385b2e15824e63373c856a381fbda2554b122c5134efdf89f655c8bc738612a2f6c","first_seen":"2026-03-02T15:35:34.435383Z","last_seen":"2026-04-17T08:01:36.591141Z","times_seen":1009,"resource_available":false,"data":null}},"time_used":1767,"timings":{"blocked":576,"dns":0,"connect":258,"send":0,"wait":578,"receive":34,"ssl":318},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 27 Aug 2024 03:30:00 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66cd4838-3a09\"\r\ndate: Wed, 21 Jan 2026 07:57:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:33 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 4126\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10451718996646945058\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14857,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators","md5":"4fe7dadf050dad2dcfd386d21b880281","sha1":"07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd","sha256":"aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9","sha512":"9da40e5132ece9fe346f27aa467b2496545c84197131c633e5b1ff1f641ece723440ec0289e82d7948b85bcd901b9e3eb6e36f8e0339ae05e4a32621e895accf","ssdeep":"384:yC+tJn9Dbvbf1P3QSBxDrdiewZnnoTW39if+04xSlR4nbiamdrjNfrzInGINYlor:NWJnlN3QSBxDMewZnnoTW39L0MSR4biK","tlshash":"a762954d3a9514bb4adf31b770ab204f767e8800852c91c4bdbca0d166b5ee072e7e6d","first_seen":"2023-03-07T01:14:38Z","last_seen":"2026-06-06T12:16:55.435951Z","times_seen":17441,"resource_available":true,"data":null}},"time_used":1085,"timings":{"blocked":494,"dns":0,"connect":0,"send":0,"wait":583,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/themes/hb/css/pc.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\ncontent-encoding: gzip\r\netag: W/\"5d848f4f-b5d\"\r\ndate: Wed, 21 Jan 2026 07:57:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:34 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4948\r\ncontent-length: 911\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10290820744373016389\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2909,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1da71520b7a0a61526a8fa8d0feb40d1","sha1":"ba1bf69dad8783563328054cae58ccabf1b00829","sha256":"5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d","sha512":"d1cb92160523c231c4942f27c018bd3b30f89fc60153e23eb0a49d0696c896b0904ebe5db7cb97a0686f656d04a58f3ccf8fc0f09f2be703fa8400bd3270dfa8","ssdeep":"","tlshash":"d451dd305a02b1aaf42ffa677420874c2537004373169b3e72fd7ad1cfca9696136ad4","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.405143Z","times_seen":17175,"resource_available":false,"data":null}},"time_used":1615,"timings":{"blocked":493,"dns":0,"connect":0,"send":0,"wait":1121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p213rv3h.2ryqgu1g.com/visitorside/js/bundle.7126c698.js","fqdn":"p213rv3h.2ryqgu1g.com","domain":"2ryqgu1g.com","tld":"com"},"ip":{"addr":"3.164.240.106","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.3p68jv58.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 02 Jul 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:8C:BC:68:FA:1C:9F:0A:01:99:F9:6E:02:B1:CE:FD:0E:B6:BF:F4","sha256":"07:AC:69:80:F1:93:83:91:DB:A6:BC:51:B1:A3:70:F2:59:E7:C5:CE:A7:40:DD:B3:A4:94:82:7F:E1:A0:16:65"}}},"request":{"raw":"GET /visitorside/js/bundle.7126c698.js HTTP/1.1\r\nHost: p213rv3h.2ryqgu1g.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Mar 2026 13:26:01 GMT\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 17 Dec 2025 08:08:02 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: br\r\netag: W/\"694264e2-9819e\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: yLJMM1btNMpB5Ro-ibzjM6t4MYoMngOFu4UmRxAdY3g5yca2oWPpMg==\r\nage: 32619\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":623006,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65422)","md5":"03585f467dd1043465e62024d84e8501","sha1":"1e5cf8a55c64abec323fd2af7e5823a22b4c18f0","sha256":"4cbd5c79ff097907e8a54d23154bef1b9b8db97a75ec78fb7f7fbc994e723353","sha512":"3c0bfd9bea584f9bc4acdac9815c499327a54479686c2b5e8189517433d9913de43dea480a34577ca551a0327e4d2cfd2271d6c598d4994b99119261805e46a4","ssdeep":"12288:nAQt366fCmXM7t36yfCNXYpnjhftWhS4V:ACfCZbfCSntwjV","tlshash":"68d41898f081b42856736161b2af360a7236a916ba4d4468f536c1f4bdf60cbd323fdd","first_seen":"2025-12-19T03:52:38.036277Z","last_seen":"2026-03-19T23:48:50.648715Z","times_seen":399,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15463527716762010875\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17604156407735383142\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":469,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/icon.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/icon.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-621\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 1100\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13123149167778491229\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1569,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"393c41a6c4b5b86c8a47ddf3c39006de","sha1":"f6586216e9a75a4b334ddc3feafc0ec1eaac513d","sha256":"3e522d0bf3d1a14ed1c91d478e1cc81c4b53c6b9e67685205d865598e9f7e94c","sha512":"b12be4e72b53717f26a5312348dd13d47ea9cda77b6a9bad1d23824e3a389855ce2f4206aa0378438aed607d3fde682ade6f30fd0157720a8c933d8829147b7a","ssdeep":"","tlshash":"3931c8bd62b77d46241ac20d7b92a1373c2d9d1e5c171bb6d0e43673000e714aaa15dd","first_seen":"2025-07-18T22:51:25.444779Z","last_seen":"2026-04-04T16:23:53.713776Z","times_seen":46,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":465,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cldxon.0er4he4t.com/visitor.ashx?siteId=60000906","fqdn":"cldxon.0er4he4t.com","domain":"0er4he4t.com","tld":"com"},"ip":{"addr":"99.83.207.187","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ebg1f1ew.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 03 Sep 2025 00:00:00 GMT","end":"Fri, 02 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:1F:83:53:5D:80:46:5F:BA:B8:E9:5C:12:DA:20:8E:EE:27:1F:1B","sha256":"B9:F8:F6:43:C5:3C:F5:51:73:3C:4F:47:DF:66:49:C8:65:D9:79:8B:59:BE:C9:88:BE:7D:D4:2C:58:9C:F6:0C"}}},"request":{"raw":"POST /visitor.ashx?siteId=60000906 HTTP/1.1\r\nHost: cldxon.0er4he4t.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 69\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"[{\"type\":\"getConfig\",\"chatVersion\":\"\",\"ssoSessionToken\":null,\"id\":1}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 22:29:46 GMT\r\ncontent-type: text/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://weide73.com:8989\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\narrserver: chatserver1\r\np3p: CP=\"CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: default-src 'self'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1318,"size_decoded":0,"mime_type":"text/json","magic":"JSON text data","md5":"f108763069a925dcced1e745f0f693ec","sha1":"25fc258b9b1e9501362010497692150242200433","sha256":"9c2fab3127d84483f9154597cd4fe77ece63aab8ba66df0b6e8cbf9f8886c578","sha512":"44ecc16b803e131dd20717a840ee2fe1a971b3e7ce4666fa89520186118f599b843a98094d56f0155a0a5548bb4f6bf11ebd0ee2a01ac4a307bdfd317b05925a","ssdeep":"","tlshash":"cd21f0ef6088917c4b258662d31d7b0c4a3ea71f27007884f16c8e1e35d35be0565257","first_seen":"2026-01-01T07:17:01.344776Z","last_seen":"2026-04-04T16:23:53.689453Z","times_seen":50,"resource_available":false,"data":null}},"time_used":1478,"timings":{"blocked":634,"dns":1,"connect":3,"send":0,"wait":210,"receive":0,"ssl":625},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/index/getAppsUrl.html?device=android\u0026fPixelId=\u0026accessToken=\u0026apiVersion=","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:40.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /index/getAppsUrl.html?device=android\u0026fPixelId=\u0026accessToken=\u0026apiVersion= HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:40 GMT\r\nout-line: gb-cdn-013\r\nset-cookie: route=a9961c6ad4780ba0f3c8657ffc8a49b9; Path=/\r\nsub-sys: msite\r\nuuid: 00113-01-00000000-17725769801fea\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 886\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1128,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"558aa1732b9a8a090cbdb557101b4050","sha1":"22afd133fd22d7bbdc3555d5ee878b454b5f17a7","sha256":"5d7706cbc1bd9dcbae68a1f8e41750795604c5ea8abf1da6b5c346495b95be04","sha512":"7a82089c48cf6c271afeded2a4547caa291473d265c59640a14a9b48c768f931aee5bf57172b3bfaa332a2064737325b73062c1710aa58c018780991e5d5d5eb","ssdeep":"","tlshash":"6021ca7cc8f5cd531592289895413df1cc2185d90f2dd03b28c9649717f5e975d20292","first_seen":"2025-08-19T13:06:58.934002Z","last_seen":"2026-03-03T22:32:56.136172Z","times_seen":3,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/favicon.ico","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB; route=a9961c6ad4780ba0f3c8657ffc8a49b9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:41 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-06-06T11:30:42.780371Z","times_seen":36006,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/fserver/files/gb/113/carousel/10235/1721149921755.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:44.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /fserver/files/gb/113/carousel/10235/1721149921755.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 16 Jul 2024 17:12:01 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6696a9e1-5ea4d\"\r\ndate: Wed, 21 Jan 2026 07:57:54 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Sat, 24 Jan 2026 07:57:54 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 261\r\ncontent-length: 289523\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17703231179496579541\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":387661,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"77019df7aa66e632b5a413d97d0a9132","sha1":"5385248a0d24bf3bb0ff73a660ca0db406cc70f8","sha256":"1b003af7529f2e8e278f4bcc32220ec09f8c2ce92860b08a32aefb61f8007999","sha512":"45e86386e6b40407ff5ea12d073479e18b0bcd4a1329184b4d5f56eb0007fddaceb2c42d24b9e284dea0c47788f5e670be52d00a68687644e58b394c409102f4","ssdeep":"6144:4QdYPnQauvLc7ZY/8Gh6hC9nu+LemMjwDckT9WAIiHQyfukzkI/:/YPn0gK9hD9EmMyc/AyjkoI","tlshash":"85842360ab5e35b98d10311511bb7dce23e20fe4406e97d3e97196be40f4f9b18e29e8","first_seen":"2025-07-18T22:51:25.560067Z","last_seen":"2026-04-04T16:23:53.726571Z","times_seen":46,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":274,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/gambling.png.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/gambling.png.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-fd5\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3250\r\ncontent-length: 2974\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 1027275339349417736\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4053,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"c7507df8703050a21e6f6508dc67fcef","sha1":"0bccc5d2d0587f182df9ef4ba32a14f906e5d2e2","sha256":"d99890cb4a50d6aa69b5b0090f1dc3ea5750487a27fbe6ad04025470120d68a7","sha512":"c425455b3fc4601e7699651b057689907650556033eef2ecbbd63fdd0ee13f28f5d810ec2775a19a0d95e56d5f7a612f09aaa50d257ccf4f22ab5e7d1cbe7417","ssdeep":"","tlshash":"67816dfa272e3bac042b80ecfee745176d389c0b54270e9b71b02c66909a934d013ded","first_seen":"2025-07-18T22:51:25.441112Z","last_seen":"2026-04-04T16:23:53.741419Z","times_seen":46,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/index-slide-right.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/index-slide-right.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-13cd6\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: MISS\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 61294\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14626493170073268889\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":81110,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"a0b8da12724c52cef94faab579af7f1a","sha1":"36d3eb7810f0f1baf367ff968acca79576151ddd","sha256":"936c83944ba526788038970113897e4d02437fd3be89521dbf6a40a9a0331558","sha512":"9f64a3da3d7fa4d9314511f339469261a73fd91346cd19882c677ba7e2c9ee14028b4d1566f1b35867e2ad7f0b8a3a0b7ef0e42bdd2ded01a04eef2008b2734b","ssdeep":"1536:UQ4s7DtxPibMt3E7LUz/f+QxMIWaoOapJRkBGEZeVMy90Kn+W:dtUMFE7LUb9x92tRkBGEZenB","tlshash":"c4830266a3b46abc13c481d075613f41af739cf7a7a2e5ca351baec80d5329003dd9a7","first_seen":"2025-07-18T22:51:25.462802Z","last_seen":"2026-04-04T16:23:53.686853Z","times_seen":46,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":465,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cldxon.0er4he4t.com/campaign.ashx?siteId=60000906\u0026campaignId=77594ad6-c9be-4219-a10f-24072f9891c8\u0026lastUpdateTime=C1EF84FDsimplifiedChinese","fqdn":"cldxon.0er4he4t.com","domain":"0er4he4t.com","tld":"com"},"ip":{"addr":"99.83.207.187","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:47.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ebg1f1ew.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 03 Sep 2025 00:00:00 GMT","end":"Fri, 02 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:1F:83:53:5D:80:46:5F:BA:B8:E9:5C:12:DA:20:8E:EE:27:1F:1B","sha256":"B9:F8:F6:43:C5:3C:F5:51:73:3C:4F:47:DF:66:49:C8:65:D9:79:8B:59:BE:C9:88:BE:7D:D4:2C:58:9C:F6:0C"}}},"request":{"raw":"GET /campaign.ashx?siteId=60000906\u0026campaignId=77594ad6-c9be-4219-a10f-24072f9891c8\u0026lastUpdateTime=C1EF84FDsimplifiedChinese HTTP/1.1\r\nHost: cldxon.0er4he4t.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 22:29:47 GMT\r\ncontent-type: text/json\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\narrserver: chatserver1\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: default-src 'self'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21467,"size_decoded":0,"mime_type":"text/json","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18113), with no line terminators","md5":"be730ebe7a813df2e2ece8c8530c34f8","sha1":"2ff9913ac9312e90c1f243468c6ac09817a24744","sha256":"49864f1f6328b388dcada5088df4d983bdfeb0bd3e867fab2ed2ebc668254e11","sha512":"909a0dd55c82bdf2fdab0c3b94796ad06b3f7fdd49f88b68dfc8ab749b68f12ecdd25bf41c5703d6ac36c2af3c8812f40ada7e69b76d9bf43b2ec57b120358d4","ssdeep":"384:imf1cWNQicFeeeeeejFL9P0cEjf1Cqbyczz0kP+E4Yh3kO3F34:imf1cWNQieeeeeeejFLSf1/yczj+bz","tlshash":"ca92973313598db841050ed2b3c3b7391d991395baa0396ca2f365f666c68ca43287fe","first_seen":"2026-03-03T22:29:04.388838Z","last_seen":"2026-04-04T16:23:53.69297Z","times_seen":41,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/style/bootstrap-dialog.min.css","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/style/bootstrap-dialog.min.css HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 13 Oct 2021 02:51:38 GMT\r\ncontent-encoding: gzip\r\netag: W/\"616649ba-8a3\"\r\ndate: Sat, 31 Jan 2026 19:20:25 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 03 Feb 2026 19:20:25 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-211\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 3245\r\ncontent-length: 582\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 16289689665549127114\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2211,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2211), with no line terminators","md5":"837292564c9b244b73e691fe29b39063","sha1":"02abca03865fbf476d0b41e3ebe5119ceb2d51f6","sha256":"63f70a299e5691d64d6f936f0cbed67191d537016e9b1ede89a20f14c02ed357","sha512":"1d82456182982700ded4ecd376b5b9f2773d4aa8961b3d26b3aa0d94da37c43b9dea6a88b820082e8859b65f5df7f2b026798a33382571f6c4116847ab899cdd","ssdeep":"","tlshash":"76415c1d0b9f009ae06b09da71fe6e1164947b61d4a0479e63ef336d8bc309735b7312","first_seen":"2025-07-18T22:51:25.542444Z","last_seen":"2026-04-04T16:23:53.743736Z","times_seen":46,"resource_available":false,"data":null}},"time_used":1746,"timings":{"blocked":572,"dns":1,"connect":300,"send":0,"wait":549,"receive":16,"ssl":304},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:38.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 20 Sep 2019 08:35:27 GMT\r\netag: \"5d848f4f-1ad7\"\r\ndate: Wed, 21 Jan 2026 07:57:34 GMT\r\ncontent-type: image/jpeg\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:57:34 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 4947\r\ncontent-length: 6871\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 11790943712520621000\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6871,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3","md5":"99be4bfe275809d4e436b77c991b1381","sha1":"54eadee77394eb62ccf377ae68d9f49acb5b6785","sha256":"4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d","sha512":"452a79b02619ed5c1e4f81fc5a4a209cb8a11d03aadb1841ae9be18fbca088652cdb54340329c1bf57771abfb02ffed4bf75b61f4df96866b7f2358c36ae75a3","ssdeep":"192:p7FikLUR+6X7MCy5nSb1jSG99DX8yclWGo2yscY8:pfA3+gSGjX25+Y8","tlshash":"4ae18e26da8bdb85c4a4f2713f7d881a5551da1a5bd3f02160f8c41b3c9327c15e7a8f","first_seen":"2023-04-30T20:28:22Z","last_seen":"2026-06-06T12:16:55.463032Z","times_seen":17364,"resource_available":false,"data":null}},"time_used":1197,"timings":{"blocked":332,"dns":0,"connect":0,"send":0,"wait":864,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/themes/images/bg-live-list-item.gif.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/themes/images/bg-live-list-item.gif.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-c72\"\r\ndate: Tue, 03 Mar 2026 04:31:42 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Fri, 06 Mar 2026 04:31:42 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 262\r\ncontent-length: 2267\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2007262689250152863\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3186,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"9ff1130e471b4d0b0b31966081721006","sha1":"89b9392aebbf43d5d287dd084702b4a0a9eb36de","sha256":"661393bbd18aa02e1e9004a43f6226298067c374cca356787559c84eec836dff","sha512":"3b4796cf4ba9d3857badecbc276535d5014aaa58865b4e99647b612148605a82dde97f4be870e7bcb4cb6ad73d71785afb746f5959f35e437f012b2b80d121b0","ssdeep":"","tlshash":"fb616c799777338e46c80fa575499f2a3d5c44ff083b4368c4a785a71b1231ce152164","first_seen":"2025-07-18T22:51:25.553152Z","last_seen":"2026-04-04T16:23:53.75388Z","times_seen":46,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weide73.com:8989/mobile-api/v5/origin/getThirdParam.html","fqdn":"weide73.com","domain":"weide73.com","tld":"com"},"ip":{"addr":"20.255.208.255","port":8989,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:41.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weide73.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 15:09:13 GMT","end":"Wed, 29 Apr 2026 15:09:12 GMT"},"fingerprint":{"sha1":"09:EF:07:09:51:B5:F7:29:21:79:E3:D5:5A:DB:0D:9F:5C:CF:8E:A0","sha256":"E5:A4:31:95:60:11:5D:03:A6:B1:D4:22:9D:5F:28:BD:91:00:5A:71:DB:6E:C0:39:CE:00:F5:70:A1:EE:AF:1E"}}},"request":{"raw":"GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1\r\nHost: weide73.com:8989\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nCookie: sticket=VME9tVXhaREk1WWpB; route=c7419011ef227a9b9406a6c2cd9b5007\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: Content-Type,Access-Token,X-Requested-With\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: br\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 03 Mar 2026 22:29:41 GMT\r\nout-line: gb-cdn-013\r\nsub-sys: mobile\r\nuuid: 00113-01-00000000-17725769813740\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 86\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":103,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"9ac55fe189e4f53f37156e563e0f542e","sha1":"18b13b1360ce9fbd973e046d2652be38d58a15e0","sha256":"d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b","sha512":"45b140d1bb3f3f06ff883448128956edda4d8ae0820dbb6b10f13860896cd611921dadb5b11b8d1577f22a80aefdfdbf8a2d54f6076b1e05f69d262df93b94f0","ssdeep":"","tlshash":"12b012816118adb39f0317e120ec380142fc11d180d48408dc5c8e5847948d7a202933","first_seen":"2023-04-05T18:30:47Z","last_seen":"2026-06-06T12:16:55.463506Z","times_seen":15829,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":235,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"weide73.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3rzeeh.ntbnaq.com/ftl/betWeide/images/original.jpg.base64","fqdn":"3rzeeh.ntbnaq.com","domain":"ntbnaq.com","tld":"com"},"ip":{"addr":"116.153.4.244","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://weide73.com:8989/","date":"2026-03-03T22:29:45.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ntbnaq.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 28 Nov 2025 00:00:00 GMT","end":"Sat, 28 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:AA:BF:F7:40:FE:DF:A3:31:41:4A:40:DE:F6:23:E9:E6:15:95:3D","sha256":"02:9D:CE:EC:47:07:18:F4:B9:4A:8A:DB:02:D8:CA:1B:C8:90:1C:50:62:0E:63:87:D1:E5:41:23:8F:8B:9B:BF"}}},"request":{"raw":"GET /ftl/betWeide/images/original.jpg.base64 HTTP/1.1\r\nHost: 3rzeeh.ntbnaq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://weide73.com:8989\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://weide73.com:8989/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 19 Jun 2024 06:00:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"66727401-bf48\"\r\ndate: Wed, 21 Jan 2026 07:58:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nexpires: Sat, 24 Jan 2026 07:58:02 GMT\r\nx-cache: HIT\r\nuuid: -\r\nout-line: gb-cdn-212\r\nserver: SLT-MID\r\ncache-control: max-age=259200\r\nage: 260\r\ncontent-length: 36934\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13754778387783208754\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48968,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f24b4eaaa1d6c8454d84c8b2a305ba9a","sha1":"0e6c768b28d3b265e516109591958e49c629aad2","sha256":"62e5874bf5372c3850d3f1e5d8e2b25832ffde538770409adc31d6a21e69fef9","sha512":"2f4db791088a04f4cf42ed5d366f3be896a53c13d2efe386ac601e648a4616e3632d4a575526c88bc0127151dca4353bec424509f88876475fdd9d313082d5f7","ssdeep":"768:ImZKCEKs3hJKD6vDfj90bC9evc1GxcVc6NSrVStifRcUMKK5xh7LKfFLFMpTcteM:ImZnEjKWvPWbOwxccbYtWRcUMRLKdLFF","tlshash":"ed23027b7f40e4069d85bc3bfad4e9e7086f1df65305867952b8300348e9e229ea7506","first_seen":"2025-07-18T22:51:25.557497Z","last_seen":"2026-04-04T16:23:53.734476Z","times_seen":46,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}