{"report_id":"e7455dca-9c69-438b-9c2f-3b5f2d393c3e","version":6,"status":"done","tags":[],"date":"2025-09-27T11:59:19Z","url":{"schema":"http","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"172.67.192.206","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"title":"jiuse35.lol持家有道的美少妇！做足浴养家老公心眼真大这都放心『狠货高科技看简阶』 - 91视频|91自拍|国产自拍"},"submit":{"url":{"schema":"http","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"172.67.192.206","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-01T11:59:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":9}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"img.878871.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"img.719979.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"saturday.ucloud141.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"ds99.img8341816451.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"66387795cyr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"72939229dww.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"xm99.img4758972832.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"tu.365tp.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"tu.365tp.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ds99.img8341816451.com","ip":{"addr":"156.231.115.236","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-09-20","domain_rank":0,"first_seen":"2025-09-27T01:09:15.721946Z","last_seen":"2025-09-27T01:09:15.721946Z","alert_count":1,"request_count":1,"received_data":310039,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-09-21T22:11:31.293382Z","alert_count":0,"request_count":1,"received_data":844,"sent_data":1371,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gome3f-1005-ppp.oss-accelerate.aliyuncs.com","ip":{"addr":"47.254.187.108","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-08-18T00:44:14.048452Z","last_seen":"2025-09-25T10:42:58.585959Z","alert_count":0,"request_count":1,"received_data":150212,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"xm99.img4758972832.com","ip":{"addr":"156.231.115.236","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-09-20","domain_rank":0,"first_seen":"2025-09-23T02:00:58.693964Z","last_seen":"2025-09-23T02:00:58.693964Z","alert_count":1,"request_count":1,"received_data":235071,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"imgsa.baidu.com","ip":{"addr":"119.167.237.48","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":742495,"first_seen":"2017-01-29T16:54:01Z","last_seen":"2025-09-23T02:00:59.343392Z","alert_count":0,"request_count":2,"received_data":618040,"sent_data":958,"comment":"","tags":null,"fingerprints":null},{"fqdn":"66387795cyr.com","ip":{"addr":"208.98.45.140","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-09-17","domain_rank":0,"first_seen":"2025-09-22T07:30:52.683035Z","last_seen":"2025-09-22T07:30:52.683036Z","alert_count":1,"request_count":1,"received_data":566380,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"72939229dww.com","ip":{"addr":"104.160.179.230","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-09-17","domain_rank":0,"first_seen":"2025-09-23T02:47:11.029377Z","last_seen":"2025-09-23T02:47:11.029377Z","alert_count":1,"request_count":1,"received_data":384687,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pic.rmb.bdstatic.com","ip":{"addr":"116.114.98.35","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2011-12-26","domain_rank":340939,"first_seen":"2017-02-01T17:01:36Z","last_seen":"2025-09-25T01:06:22.56938Z","alert_count":0,"request_count":1,"received_data":369528,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tu.365tp.cc","ip":{"addr":"154.16.27.74","port":6565,"asn":138997,"as":"Eons Data Communications Limited","country":"United States","country_code":"US"},"domain_registered":"2025-09-12","domain_rank":0,"first_seen":"2025-09-14T03:15:48.618087Z","last_seen":"2025-09-23T02:47:12.00309Z","alert_count":2,"request_count":1,"received_data":349659,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"2025.zqbao.vip","ip":{"addr":"166.88.164.158","port":443,"asn":26383,"as":"ASNET","country":"United States","country_code":"US"},"domain_registered":"2025-08-01","domain_rank":5612822,"first_seen":"2025-08-04T22:27:22.218624Z","last_seen":"2025-09-23T02:01:00.356756Z","alert_count":0,"request_count":1,"received_data":375947,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]},{"fqdn":"img.878871.com","ip":{"addr":"46.3.193.147","port":443,"asn":209372,"as":"SIA Singularity Telecom","country":"Russia","country_code":"RU"},"domain_registered":"2023-11-15","domain_rank":0,"first_seen":"2024-11-17T12:53:50.915488Z","last_seen":"2025-09-23T02:47:12.146303Z","alert_count":1,"request_count":1,"received_data":588484,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"9xx656.xyz","ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-01","domain_rank":0,"first_seen":"2025-04-19T20:15:39.498427Z","last_seen":"2025-09-25T02:29:48.39849Z","alert_count":0,"request_count":6,"received_data":177738,"sent_data":2883,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Axios:1.6.8","description":"Promise based HTTP client for the browser and node.js","website":"https://github.com/axios/axios","common_platform_enumeration":"","icon":"Axios.svg","categories":["JavaScript libraries"]}]},{"fqdn":"img.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":61670,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2025-09-23T00:35:24.136993Z","alert_count":0,"request_count":2,"received_data":695539,"sent_data":964,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"txdy.zyvqb.com","ip":{"addr":"61.170.77.85","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2024-11-15","domain_rank":1907469,"first_seen":"2025-06-07T14:03:00.446651Z","last_seen":"2025-09-25T10:42:58.692252Z","alert_count":0,"request_count":1,"received_data":298077,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"monkey.ygvyp.com","ip":{"addr":"180.163.146.80","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2024-11-15","domain_rank":4992740,"first_seen":"2025-05-09T20:49:49.638045Z","last_seen":"2025-09-22T03:41:43.785724Z","alert_count":0,"request_count":1,"received_data":64997,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"txdy.asdf010.com","ip":{"addr":"61.170.77.88","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2024-08-29","domain_rank":1920741,"first_seen":"2025-06-25T22:40:13.901154Z","last_seen":"2025-09-22T03:13:51.841422Z","alert_count":0,"request_count":2,"received_data":432654,"sent_data":894,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pg99.img8877710715.com","ip":{"addr":"156.231.115.236","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-07-06","domain_rank":0,"first_seen":"2025-09-23T02:47:11.207179Z","last_seen":"2025-09-23T02:47:11.20718Z","alert_count":0,"request_count":1,"received_data":560324,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.719979.com","ip":{"addr":"46.3.44.108","port":443,"asn":209372,"as":"SIA Singularity Telecom","country":"Russia","country_code":"RU"},"domain_registered":"2023-11-15","domain_rank":0,"first_seen":"2024-10-21T09:24:06.909517Z","last_seen":"2025-09-23T02:47:11.507562Z","alert_count":1,"request_count":1,"received_data":368982,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-09-21T22:11:31.071214Z","alert_count":0,"request_count":2,"received_data":752640,"sent_data":876,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn2.jiuse3.cloud","ip":{"addr":"23.237.196.139","port":443,"asn":30058,"as":"FDCSERVERS","country":"United States","country_code":"US"},"domain_registered":"2024-01-21","domain_rank":2011339,"first_seen":"2024-01-22T16:48:27Z","last_seen":"2025-09-23T03:36:04.583122Z","alert_count":0,"request_count":2,"received_data":555733,"sent_data":929,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dq38rjje7qjm3.cloudfront.net","ip":{"addr":"54.230.245.159","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-03-24T19:11:01.50764Z","last_seen":"2025-09-25T02:51:35.77746Z","alert_count":0,"request_count":1,"received_data":55103,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"saturday.ucloud141.xyz","ip":{"addr":"23.237.196.139","port":443,"asn":30058,"as":"FDCSERVERS","country":"United States","country_code":"US"},"domain_registered":"2025-09-11","domain_rank":0,"first_seen":"2025-09-27T02:47:38.333623Z","last_seen":"2025-09-27T02:47:38.333623Z","alert_count":1,"request_count":1,"received_data":28057,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"d1yw1n0ddlrqxj.cloudfront.net","ip":{"addr":"3.164.210.160","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-05-16T19:12:53.181636Z","last_seen":"2025-09-23T02:47:11.019571Z","alert_count":0,"request_count":1,"received_data":325307,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"pic2.imgdd.cc","ip":{"addr":"172.64.40.153","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-18","domain_rank":0,"first_seen":"2025-09-05T14:19:28.122603Z","last_seen":"2025-09-23T02:47:11.501955Z","alert_count":0,"request_count":1,"received_data":30658,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"image.uc.cn","ip":{"addr":"47.246.2.227","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2003-03-17","domain_rank":508436,"first_seen":"2014-06-05T05:07:08Z","last_seen":"2025-09-23T05:04:22.901635Z","alert_count":0,"request_count":1,"received_data":588824,"sent_data":446,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2025-09-21T22:11:30.846888Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":869,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lib.aidegelin.cn","ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-10-16","domain_rank":5562002,"first_seen":"2024-06-10T09:15:43Z","last_seen":"2025-09-23T02:47:11.579191Z","alert_count":0,"request_count":4,"received_data":74618,"sent_data":1705,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"lib.baomitu.com","ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2014-08-10","domain_rank":1463145,"first_seen":"2017-02-05T17:15:56Z","last_seen":"2025-09-23T03:06:37.888271Z","alert_count":0,"request_count":7,"received_data":1343272,"sent_data":3143,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2456425ef47800f2c433de9a40421db7","sha1":"7fc1749974048bf9847f1e98992d31d602bd99ab","sha256":"5a776692b7d97978aef26743c7b96f85000d52df15f6c88dfaca7fdb2ffd6810","sha512":"0b10a9d843c5dfe79d46a150bd651cfa93246938d16bb9035ebeafe176ac6b4422ec256ac82eec7060d31c40b76f3cd21591511b7f4ee8febf315d75df2382dc","ssdeep":"","tlshash":"af31e102e0be041264ca704b4c7b0a29e396861fd16bdc10ffccc09dff2ebb545a9684","size":1800,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.851321Z","times_seen":1179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5996d1b1400c488e449b30b844512fc0","sha1":"fdf7c7db66907c69376c77d00ab7d127978b10d4","sha256":"bd383df11f45e6416ab3205f5befd3756381aa634cc84b5774e62e2366782626","sha512":"3d80aa12f3cde8737a7dd35f60b897bfac7288221a1e4cbfed7b76f14c436c65815ac03b3720ba96bf7740a470d02bf49624f64c53ad825f14c908935438c1d1","ssdeep":"","tlshash":"81e0c0db70170871a19f85b627f5a5247153760d78092823fdfdc8242f5858b481659c","size":389,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T02:14:05.972704Z","times_seen":2112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ceb4b2bd09a110f8145b846030e937ee","sha1":"72674a9344b1f554ecc9d17a2244d440a33bece0","sha256":"4afd1ab18c540e75c6173158a8a7bb1518203470be1dff1ba0b9741eefa61511","sha512":"fb6e69ca0f2868b3fc4e8e623702f24c40e6956afd2098716b8340f18eeb31d03a127460b3536751da25d9a36c5efb4175629f65839dba15f032ea4960ff70da","ssdeep":"384:xLvWIpWx8/fWabR8shtJaLol3xyiR463TkIWm4V8eUgAt7PiuVokl20fAfP6etRe:xLvW6Wx8/fWabeshtJaLol3xyiR46Dku","tlshash":"3862dc01d87e083360da508b8c77a81db301925b9265a490fecfc69cf7bdd7b5ba95c8","size":15239,"data":"","first_seen":"2025-09-27T11:59:25.930758Z","last_seen":"2025-09-27T11:59:25.930758Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/dom2/js/app.js?t=2000","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a3f4fceac3aaa07ab39c37a1a57cb23","sha1":"64335fd33622b3e834d1692052140fb5c9f0f38d","sha256":"e69a3bbbf99aa148d69fbbdcf7d235e5e449493d0541a1b9838cc9173acfc5df","sha512":"960f3a4573dcf295162ff75b631dbbf6c550fe54fb00386fd1a89c9f14c193a644c2e860567a13cdc59d0fd8b77eaf4435e2e2753ca34efa7e938d86b17380e4","ssdeep":"384:dY4LdPWuR7zRWL+OiTYAzWw4hZyJcPLWgueje:dYM9puyJcPL4eje","tlshash":"4e925e0d63fd14238b5370b89e4e59013625a41f580b9e1cbe5d63c42f8aa39d5b9ff8","size":20524,"data":"","first_seen":"2025-08-16T10:36:16.595403Z","last_seen":"2026-01-13T10:53:12.969531Z","times_seen":885,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-F8MXJQGLN1\u0026cx=c\u0026gtm=4e59n2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"89beb875f9ea2d35323b4435d76fe5ac","sha1":"38c376e1d286b6ffd70414a28df270ab21d9f47a","sha256":"22304a6150566e4e1cde8ef341cdd82560c7c427dac91465b922b880fe768e95","sha512":"b9a608c0b62302ca05eaece28322b0c18ffa47f4d7cd322fde6ff875634fb99f5f94aef9e360bbbb545771a04715669674890d3498f9b1533eccae27acf8b112","ssdeep":"6144:pBTpmM2/RNpvYqkD1g1/9G1SvuVcH0+23WBc:nNmLRYly/Ldk","tlshash":"3d940ace73c674265396f078907f018ba5bb28a2b45cc899f189dce42d74a9a4137f7c","size":429598,"data":"","first_seen":"2025-09-27T01:09:49.50809Z","last_seen":"2025-09-27T17:17:38.323526Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2456425ef47800f2c433de9a40421db7","sha1":"7fc1749974048bf9847f1e98992d31d602bd99ab","sha256":"5a776692b7d97978aef26743c7b96f85000d52df15f6c88dfaca7fdb2ffd6810","sha512":"0b10a9d843c5dfe79d46a150bd651cfa93246938d16bb9035ebeafe176ac6b4422ec256ac82eec7060d31c40b76f3cd21591511b7f4ee8febf315d75df2382dc","ssdeep":"","tlshash":"af31e102e0be041264ca704b4c7b0a29e396861fd16bdc10ffccc09dff2ebb545a9684","size":1800,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.851321Z","times_seen":1179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"459a47c0672c92d5154de34beb92ec1c","sha1":"08090ceff33408d9eca34717c48157f735156e7e","sha256":"811d5f2b21041ffe2b7fed3af2158a2db61ea3ebc6d64789310b0d2af4f203c6","sha512":"fd409d5e5d028c0f09565917801ed7e72a147783ccc9177c517410569e4242759676b37ce946fa5667f998f06fbeb33773fba7bf45ee7a29139e6ca2545c973b","ssdeep":"","tlshash":"45017b4551cfe6a208427388545d672d59c3fac9e90ecd35369dc28d0787e79c577504","size":703,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.838824Z","times_seen":1175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48e95071af8e13a9f053f6b8e6616160","sha1":"81e27c19e6bf3184472165ebc074dba5298898a3","sha256":"cae605b2340a7f0771830968d3456a26d986189aa5419f1289535616036bc571","sha512":"94485f4100cbb6b1608db9f5953726f92407982a0953b1c9850fc83c9094c138f7f513be6d7eadbbaadbb19f9b3ffd1fda21ac672d0351099b7ba123bdfe49a3","ssdeep":"","tlshash":"61e0689212c9e17314417b0c3a6a6b6e69c2f1c9ec178a26320dc688035bd26c877848","size":431,"data":"","first_seen":"2024-12-28T05:20:01.826794Z","last_seen":"2026-03-16T16:48:21.688404Z","times_seen":260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0019af317b3cb1b6fb3d7fd967982861","sha1":"0cec856853fc049bce59dc6e2f690748d132d3b2","sha256":"3ea5576bc08643e97076394e9937aefcc02a701a7c756e5b0dec596930bfb0c3","sha512":"e766a696565b04ffee0686d4861bb3c169466b32e459455c7b73a0da3da4681e85b2d8ea6a1e16b1cac56fbec374b5e131a31d78cae72bef31b1e3f0f38dcd65","ssdeep":"","tlshash":"eee0abea3c95813959a919a6a373ca1874510a493c8afae1d58e88816e35fe818ce64c","size":433,"data":"","first_seen":"2023-09-28T07:46:27Z","last_seen":"2026-04-26T02:14:05.990942Z","times_seen":2365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/video.js/8.11.8/video.min.js","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd80d821580c7bc6517a4f4ecf95606f","sha1":"5fbd5cd6b275ffe5cff253d1086053e18fc10b24","sha256":"d87427e0e5c1f978cb1e6b9cbd3e7f24db9b5e72ee9a472428cc23c549c46af5","sha512":"4d62ccc0a8ec6967b4e0935af394cf95d2d7661821e5210cb0fc86c3c0bff6df880e7ce252424ffd56ce7b41affd97d0d1d8d279b2097e99fd922808b237d7a9","ssdeep":"6144:O40gTDf3RzJV4hsNHSaBQr/fRTbSZnHVSEkUpfEb3YgNg+5RPrpM6DVSB3UAIxqQ:O47TDfehiGWn4uEb3YgnsB3j8","tlshash":"fbd45c943394613742da9097946f0305733a9e6d6808c06cf92dfeda3de8e49b17bbb4","size":640727,"data":"","first_seen":"2024-05-05T16:59:28Z","last_seen":"2026-04-16T11:14:17.888586Z","times_seen":424,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/axios/1.6.8/axios.min.js","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b5b3d36fde8ffe8ed76b1efbfc65410","sha1":"d63107d0912fdb387530d5ce2d512c928d73d122","sha256":"29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304","sha512":"3c96b7a1048b59107bc0767b190fe0faacafeabe266ee8668836fc06348567c359d9ae36a13b40ab99f4b9c580c1c403962900b64b9bfad3d50b0e27a76ed60a","ssdeep":"768:9pQ6+qD0M+7+/kmCACM3aem6eWQi79xpQXQVqQU+h3ghJskJFAn:9pQTsCI9XSMqTXg","tlshash":"7b13d8c9b6d2f06153a77175802f200bf23aa926a44d8454f224ece6bcb950e9367f7d","size":41481,"data":"","first_seen":"2024-03-15T17:36:33Z","last_seen":"2026-04-26T02:14:05.958943Z","times_seen":8133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-PS9RJ64","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f2863331321b63103511447f50d1893","sha1":"6baee29ac06b7f3c680e78dd6d64564c730882f3","sha256":"2baf94627f7e8edccdef7e61510a64a2f19e96320b146e48b56836fdbcfbae93","sha512":"4d4b294af29f1974bffb21d54581063251c19e84cfcd80bfe227515434176d5c781623f771fee331d566d893b7be324b1bbc7f3e5d59f360aa3b133a16603ecd","ssdeep":"3072:lmxhu/D62GmMgmdpl0RP18YqkLPW8RthKUfgHiUXB/G1SvuV8fnUex9:GpmMgmdpBYqkD1ghG1SvuVcDD","tlshash":"ac6408cdb3d6b4624393a478503f018bb57b6992f44cc899f186d8d42e74aaa4237f7c","size":321784,"data":"","first_seen":"2025-09-27T11:59:25.859774Z","last_seen":"2025-09-27T11:59:25.859774Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cbd25c55be97243937e91abac175054d","sha1":"f7fe27ef95bbc157d8fe9988edcbed5a5981b4d8","sha256":"423c14716994f1855c96955ac9af78b269a105a688075ea39030f9e00cd5b58b","sha512":"3f79aa9b48a9d619bc72189216d974bca8443060dfd91cfc33c4a4fcf4791457c07169a89b99ea7c4e38c2b9709c72a8e62da2bc12de51ca82e44081417f62db","ssdeep":"","tlshash":"8bf08b24f2b1201520cf30cf5e73a835e2f54412e5d66150e289caccfb7f9a0891c1dc","size":549,"data":"","first_seen":"2025-09-27T11:59:25.93786Z","last_seen":"2025-09-27T11:59:25.93786Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6ffca1d2bc18d5143907ddcbe8b0a0f8","sha1":"31ac493e6ce023e4663a66ce83004e38db9624ac","sha256":"be124937f915e3437478f5831aafbb41d69981b6cd8aa2f7242cbe72aec515df","sha512":"a55ec8998a96aa9ad26160d6de261dddb8ea4a84603bfd2f086d91a38cdd827d7087e6b52e825d5a29e1d1a3261e614a120775de92f88f890562e284f0496e72","ssdeep":"","tlshash":"de01cb0551cfe6a208427388145d672d59c3fac9e90ecd35369dc28d0387e78c577404","size":703,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.841952Z","times_seen":1167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d40bff9e7ab52432f239f43912c6ff83","sha1":"08eeb1ceaea1bf7e026bf01147810d10ac73bb3c","sha256":"79a6e42140cb908a2893b59c0ba30d50646574aa26083b3fdeb4fb2c3fe8a507","sha512":"ded7a9b9441478af6651f301b6aad3f72a512eaf5dcd52dbefdd590cd854c928078207dd077387757e3c46095af614a4914236583f90a0d0549d69e65a426fcd","ssdeep":"","tlshash":"c501cb0511cfe6b208427388141d672d59c3fac9e90ecd35369dc28d0387e78c577404","size":703,"data":"","first_seen":"2024-12-28T05:20:01.837032Z","last_seen":"2026-03-16T16:48:21.69384Z","times_seen":257,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"701b542ba9dd5d422c9854ba53b3ccca","sha1":"4e894661dce3d435c5b523feef50961b21d0779a","sha256":"53dde39a0500e285ee649e26e38b0696b8c55ddb6d433291acd322f3c4766147","sha512":"8a6af6c4d7dcee788746e413ca77343284bc10842de35605dbad2c53ab26b8d49f22130adf96e068890ba1a07ddf01c470230ae2d23051156bcb33fbcc356b55","ssdeep":"","tlshash":"4af0e945e0fa481155d930575c67853df2e5e629e0558154f69cc28ceb1dab405284cc","size":473,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.852755Z","times_seen":1192,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5cc28bf456c1e9b59f32921424d2558c","sha1":"3b382e320b5308f11b77fda3697825be53ede7f8","sha256":"d2bec0843ef88389f49bf2542db5a90a5a5d26799da66ee7a7559bc501c41f64","sha512":"b75e374ec9136cc1d1684dfa2b7c133c28f6053d2533f3e7aa5fa51e945cd8ca37e0fee60346c02b599b4bbdbff5f38702d58b26f2878de1af5723d3dfc71cd4","ssdeep":"1536:4qRayr4vUfiVq/uwGr6wRrU4hitUiDn/RKApz5bdRC4kdLiBH+/NobDvWf564etf:4qRayrWUfiVq/uwGr6wRrUYitUiDn/RP","tlshash":"1393c452e679492738c7536f2cb5740df340514a43293480abd9cb1cebfcea72ae66d8","size":89517,"data":"","first_seen":"2025-09-27T11:59:25.942774Z","last_seen":"2025-09-27T11:59:25.942774Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e035c56330b35d5f3bedb9e92e1a7aa","sha1":"4abcc45ef30b306c730f9c7104b1126a12a94b89","sha256":"c056681f81f8b3f55df3872bbc66406ff90b558abd6b76947344ffedd4215df0","sha512":"e524b6925bddc409dd13010ced4e974f58a5109adee93236a6f8edd6958630b6a1f9b6043afd18b24ba66628f5acff0043755d09f8c6d97c108d344b526f4cae","ssdeep":"","tlshash":"b7d02b389e58875167fca2d90e816f163efe113d6790c48466b608ba1b59f361045370","size":285,"data":"","first_seen":"2025-09-27T11:59:25.945089Z","last_seen":"2025-09-27T11:59:25.945089Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d9b9f55c9daef16de2b81d26734b61c4","sha1":"090f872a1aa10bc5c74cbac1119368feb94e1513","sha256":"ef94e1d76d6e86d97ef03e7bedcf6ad578a4be28341a2bd12d5731ae2995ce97","sha512":"9f0ca177a5b59cf8f6f72f7faef95c128916350450444334ee3ba4beaa07d1a867299b08e5840be8b926fdbf91f85bc4c3482ca52bc9c612c54ece58d0294c55","ssdeep":"","tlshash":"f55122eed0ea157722fa56fc8d1c2b6d4982f884d833e432b1fe058d374aa2c6527950","size":2534,"data":"","first_seen":"2025-09-27T11:59:25.952245Z","last_seen":"2025-09-27T11:59:25.952245Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"574676261bd983fc1322ac5bc0dd4da6","sha1":"d6573400a9ae57f57efe147213006027f8a553bc","sha256":"dc76147936e4f37c89e2b6b3c5f44c98751866bfbba2b84ce25941d3ce00a8ae","sha512":"dbf4474181300af99be4b21ba56b85b056bb35ed9a7cf7b36d40d278324a135fd0d45c09e64eb4fe6cd27a27723b172c704e1f49d001448d49ea8be4a3e5aed8","ssdeep":"","tlshash":"a8a0024af2c6269c9166601d9d3e8216706b0f20295c6444a08380510e68924b559465","size":61,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-26T02:14:06.036199Z","times_seen":2454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"325640afa81819437b8bf3b8db57f3e6","sha1":"624ab590ad6a91da55490f7c92724758d9c61871","sha256":"6daae211b1be419a3b05cb192c7dcd7cd1d4c2f493621108a67af96ebb99423a","sha512":"e49c8b5dc6ecfd2b8a28e5cf9a85b305b412ccdcd4ebe177ef8dffce46bfe2a14172c611630ae1a7bd056232d3fe0f991f6ae49e9a2dd5adb017c47174db80d8","ssdeep":"","tlshash":"af216b02e47d043690ca308b4ca75c1df356921be5aa9810fecdc19dff2eb7145a95d4","size":1120,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.836347Z","times_seen":1171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1b378d9c63b20686ac7672a2faf302ed","sha1":"a6fe15d2f7f2c4deafcbeba13d7ab3a88fe8aac8","sha256":"36ff9e347b5aa7b54cf5eeee20ca23c4f546294b1672c0d4851b8c88a946eee6","sha512":"2271884fd942475362ba46026a38d5542c52e688863624d7168130d5534a412fbe4a888f8620f0885039e36685aa86870f1d070b2c4f6a75a723c4e37638d36a","ssdeep":"","tlshash":"6bf08b54f1b1601520cf30cf9e73a835e2f54412e4e66150e289caccfb7e9a089580dc","size":549,"data":"","first_seen":"2025-09-27T11:59:25.960287Z","last_seen":"2025-09-27T11:59:25.960287Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4c26f6fdade131a51487cd286f3e210c","sha1":"774afd724c340ce922f2ab3484128c4dc7143777","sha256":"4e4ed7f4115860858aba4265b64ab50cd72cd18bb6499f798698f423259a487a","sha512":"8f87f3191edaecd266fe557f063c2cf4f5e7f9d2e993da94b9f57dc997c55300a96e108f2ca6e58375efae2d480a5a397f5bbe1800ef6b6c53b68e6bd2b9551c","ssdeep":"96:zcB7vsxWAtUvhOvdF/O4Q6D4PnOUumjnXKBwjnPjEmjno66sWjn7tn:4B7vsxWAtUvhOvdF/O4QIqZZPDjrU6Q1","tlshash":"61919d05d56d082754ca608b8c67646ca356910bdb2678d0ffcf8accfbbde5a0eb61c4","size":4393,"data":"","first_seen":"2025-09-27T11:59:25.962868Z","last_seen":"2025-09-27T11:59:25.962868Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6f408421d47d2a207002b3c3377c2651","sha1":"f7e5fef2dd03b1f724eee52e8402cb073c27ff22","sha256":"e7c22aa6f8fd68515d799a96bd4429608331a381211f9efb456d11bb7abde5b7","sha512":"3de81d8678c6afbe3513e3067ee94b2998b85e16ba811ddcd117b34112de628251b4dca61046c8293666c609ac7b72dad9e499c79594c4b40f0ccef95c768e0d","ssdeep":"","tlshash":"7fe0201c70f1200011cb70879f776c3153f51021e9c79640b1c9c5e95faf5a0d1591fd","size":350,"data":"","first_seen":"2024-08-19T21:30:30.317465Z","last_seen":"2026-04-16T11:14:17.936327Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"45fc4cea5c48dc7851b16cc357f7a8da","sha1":"a045e505ab064c618f133f450e0698e21024cd12","sha256":"e9758cd46299712b2c0a6b10bebce2eed22407e5d049f173a703961b6136bc7c","sha512":"81ab4d6ed79879d231d5e23f954772e1ffac53dbbb1198a5eefdb7d6f483573a9602fbd63b2d636c30ff2c5447cd6ad17745e19892b078cf3fafb8729762993a","ssdeep":"","tlshash":"3421c066b1d894372a92b65c651e3f1eacc1f0c6ec1bc91b32efc2cc4786916d943548","size":1231,"data":"","first_seen":"2024-12-28T05:20:01.849094Z","last_seen":"2026-04-16T11:14:17.93504Z","times_seen":922,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"587c43654d7186f7dfc57551442bf5c1","sha1":"528131b91d7f415623ad94eefd5f040b39b8b866","sha256":"18b2e4cb735646ca3c3f34837d75d368feb368908e2a8138e78508f0c45d7215","sha512":"66808f958b2c221f3335d4f620d9dbb6422736650955a403fdc3fc07174ed4a896db50ec019917d9aee7abe44b3d2e5a268d88882a2c96654226614bd9c21d79","ssdeep":"","tlshash":"a980002000a800a002a200a88e0ea30b2203002302000a20bb8c8200ef3832ba282bc0","size":35,"data":"","first_seen":"2024-05-10T21:36:49Z","last_seen":"2026-04-26T02:14:06.041736Z","times_seen":1690,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"998c080687f182393da8b367fa6c16a2","sha1":"ded0a2109341bf19235a843c26a15bd69873708e","sha256":"ff4d7cbc45a2b10e0444c1bda194f096d455a66daaa5960276283b8a781d85ec","sha512":"ea386a4b2b5be714d4a3376eebc7bb76d66e39b7f5c892d18480578af3182a5796368c2c875f6e6f7c8a71d874c54e5afcac4478fd31a61b494e1899cf50cb79","ssdeep":"","tlshash":"54e0201870f1200411cb70879f776c3263f41021e9c7a540b1c5c5d95f6b4a0d1991ed","size":343,"data":"","first_seen":"2024-05-10T21:36:49Z","last_seen":"2026-04-26T00:22:38.836856Z","times_seen":2051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"428977771066b7903ca98d06d15d081a","sha1":"37211b73dbeec335bf7db06beb1d481f0909401d","sha256":"340a1ae78fcac03c268fe8374347c39b6f836d7bc6d5e13a6f6b15db88f926bb","sha512":"1e3638315edad90d3586077c993dec0c7f38aede886d5f5b4f0959f433952f8232ad5510b56ce43962262e76e0a946beb51832b5f6f4c63f634f343c933a1b3f","ssdeep":"768:xL80q31fehwCWm0bhqTCVj++/mEXcbr3ZxFcg4edOPNv4aXGGmEz9BXa6Ev0hqu7:y0q31fehwCWm0bhqTCVj++/mEXcbr3Ze","tlshash":"18d2be01e5b54d6bb087463f1da7350ef301539b826ba4407b88861ddbbce2b19e9bcc","size":28370,"data":"","first_seen":"2025-09-27T11:59:25.971085Z","last_seen":"2025-09-27T11:59:25.971085Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7b7b41444779ff002c15c81b49797886","sha1":"c6786f961ed7410341b9369672ab22086106ab28","sha256":"afa18debd2776bf79eefd1f44e2b241fe6ec1824a596ff3010b38d8928c8b372","sha512":"1c620a5702a5a7d1ffba07d40ed20b4595aa6ae856c4baedb5f881e788dfdfc336a36659afcdeb7222c356fb08d6a79c87ff51068fdb9aed380427ebeec1b39c","ssdeep":"384:xLHhD6jSBV0ug7a2bXIRL+vnaoaCz0WyTJaS/wOpvS/eSm1mvxnY3Kvg3t7A6Nz1:xLHhD6jSBV0ug7a2bXIRL+vaDCz0WyTt","tlshash":"ab92ce11d46e0c33a4da40cb9c67a81ca310924792646450ffdf879cfbbee7b5b962c9","size":19478,"data":"","first_seen":"2025-09-27T11:59:25.972739Z","last_seen":"2025-09-27T11:59:25.972739Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-26T08:03:55.052421Z","times_seen":137324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3a8c8cc4e8a402ca479bed055368a149","sha1":"4b0126bfcb193a5508ee4ab605f2507a9a2f68ff","sha256":"98bfab5409f792a82c177a78dd84c8383edd3f2d4e89a4ace3c4722fb3a641ee","sha512":"95d51a292168a0c88269710bc5cb2b1e42d444ce07ff13d4f5a63c6eeb3b58105c7ba6fc9608b3e3c623fbe2075e9f758f37f33c42ebb425ad7874b90e3ef1f3","ssdeep":"","tlshash":"74f08b14f275601670cf30cb6eb76935e2f54056e4e6b590e289caccef7f96045581ec","size":573,"data":"","first_seen":"2025-09-27T11:59:25.975364Z","last_seen":"2025-09-27T11:59:25.975364Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/wenming/cs.js?t=1758963244","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4b9f0eb8d00d2a1194e7ad860f8d241","sha1":"03bb233d1549ddcf03d62b7084155e809683260a","sha256":"a3a32bf77c293120f9ae2c1065a8cef196bcbb0eb91eacfb12e8cf72344ede0f","sha512":"13494214ebfefc385c5bedb628c6e01ab93e3666943f28f0f4803284cdc0c6a09ec9c64291599834ceaf2170339d559456da9468709a5fcb91db35700b7c8818","ssdeep":"384:KJo4BQQEBa+NUF2jCYT8/iSP1DDw0n8vtqUuy30B2AC2GIraTv2:KznEKAI/jb8vMUV0Bzraz2","tlshash":"c762c03697554e9bae71c4fbb0d99f343fb90c928022467333ee4f99c66bf984045106","size":15013,"data":"","first_seen":"2025-09-27T09:12:14.170326Z","last_seen":"2025-09-27T11:59:25.894572Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-26T08:03:40.797317Z","times_seen":313385,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8afd5339167d8467cc70c1abb847d0d3","sha1":"b37fdbe014396c72da0904fc3b1818cc60d4bcfa","sha256":"e066eea6a2973f2fe0b20c27395999e407337b712b7adc35664ba3353335cf3d","sha512":"dca04c2402f098565a85115e3a7119cd2a0ca5119fe3f3be11949512f8d79cbde646fa4a1ddec5dba0e3bb1e2742aa037e8c405e52264862910b6505f71acb62","ssdeep":"","tlshash":"b4319c06e07e0426a4da708b8c67882db3a6d31be5a59c14ffcec19cbf7db7509685c4","size":1724,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.838376Z","times_seen":2051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7d1b3022ddcc28ecb8c19d1a4577ce51","sha1":"f8b362a87c2a62f8ceb40650dfeda2382bad89bb","sha256":"ca1fe87c845b9c7567f84b9325a5b3072766033adf008962048075eabb4d0de4","sha512":"a1c1f933620be0e0bc12dc2e177db9ec2fd3c9ef2b741adb42f5460d1704083e49fc505687f7d5f97f600f400157ced099fab32285d4a755905597d3f2749aa5","ssdeep":"384:xL2h/rPV6BCYej7UJx6tc2jlt0TDN1azr3EakH2ZEgitqEqPtDE8O7NU4LhP1tfb:xL2h/rPV6BCYej7UJx6m2jlt0TDN1az2","tlshash":"6d42be12d57d0c6720d6418f9cb7a41ca301920a52296490ffefc79cfbbde6b1ae66c4","size":13057,"data":"","first_seen":"2025-09-27T11:59:25.979639Z","last_seen":"2025-09-27T11:59:25.979639Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1bc0726f86115f4d9e7781e4a78cdd51","sha1":"e70c0caa79917dc7990976fb90d16108edea931f","sha256":"116a44ae698e95c82d618f3efd0906140e565e045d5077c77ab66cf213cd90bf","sha512":"c5ef69cb814cc2c501e563636214995faf3a7c9e5e2188d4d78d56455b2766b0c664d86665c9ccd682b42a18474ceba0ec622de29527369e6b32fc30babd81b9","ssdeep":"","tlshash":"dbf08b54f1b1201920df30cb9e73a835e2f54412e4d66150e689c9ccfb7e9a089180dc","size":549,"data":"","first_seen":"2025-09-27T11:59:25.980953Z","last_seen":"2025-09-27T11:59:25.980953Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2456425ef47800f2c433de9a40421db7","sha1":"7fc1749974048bf9847f1e98992d31d602bd99ab","sha256":"5a776692b7d97978aef26743c7b96f85000d52df15f6c88dfaca7fdb2ffd6810","sha512":"0b10a9d843c5dfe79d46a150bd651cfa93246938d16bb9035ebeafe176ac6b4422ec256ac82eec7060d31c40b76f3cd21591511b7f4ee8febf315d75df2382dc","ssdeep":"","tlshash":"af31e102e0be041264ca704b4c7b0a29e396861fd16bdc10ffccc09dff2ebb545a9684","size":1800,"data":"","first_seen":"2024-05-10T21:36:48Z","last_seen":"2026-04-26T00:22:38.851321Z","times_seen":1179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/vue/3.4.21/vue.global.prod.min.js","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"517eb7db94ce7c31c2714b624d21d199","sha1":"67ff00b81b694121ba0e0be167b1a6734c90b462","sha256":"173e4a0c8fa4c5af6ae229174a2841f0644f5b2a0c4f4cb5a49de418c15c17e4","sha512":"b65b6f8c90f5a549d7540a742fd89dfe6711fb3734c6c20a98f30992c11c949eae13223c0fa7995a94748d25565135ce29c99e04cc8d0fe2d01f81027ffe562a","ssdeep":"3072:FuT801GSOKvKE8RMsKtU77uR3oWNCfp6m:FuN1GUyhlHhEm6m","tlshash":"5de328a57141b03217ea55e250bf0016f23a1829780d80e8f57decdb397595aa0fffba","size":144109,"data":"","first_seen":"2024-05-10T21:36:49Z","last_seen":"2026-04-26T02:14:05.930744Z","times_seen":2201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/dom2/js/com.js?t=2000","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c26e51298663c661407a22e72b1bc289","sha1":"4dc0304d21f823695fb9043cb29065c762a316a1","sha256":"609c4a8555dd1067b20b26d21104db4b2faeb54fab27a2ed638d786fd953d838","sha512":"130f2cb48ca6f315f4b2e911709755f4267bad6046bb6cdc8fe7bdd5eafb95808079f00d718b828fce2e973a8929b2af13b96570032f68217f525fc6e30ec805","ssdeep":"192:InJ1qCyaVN7knlgBYKVcUpgdR/skOTmlNW4abL+12WOu1jwxR+BTisLzyiRUy9+0:a9VdknnBRFmmlNWpH+1vHNwD0","tlshash":"2d32a34cedf6512b52bf20ae2d9f10412530084bb94d5925be2c0dd86fc5abb4a67fb8","size":10943,"data":"","first_seen":"2024-05-29T22:16:34Z","last_seen":"2026-04-26T00:22:38.824811Z","times_seen":1202,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f14afd1f04112385c3b4e2ebb21e3cef","sha1":"701eee3da1b5842971ff3ecc9ca3e600daee8ad3","sha256":"6c8f1e554ac96a0be4d9c46b9c4b19626d0961ce9012c07ba8a83bb852e7f73b","sha512":"fb66e3d6c870fed965f186176099596bdd5d1b8572ce3c46ed18352ea13757a4a8be25d0476f8fc77f833d664d382520750110fbbbc39330ef49092be32f1050","ssdeep":"","tlshash":"28018101a1c885732763f75c2406df3d39caf290dd065e243a9dc69c13add5448af915","size":663,"data":"","first_seen":"2024-08-19T21:30:30.358094Z","last_seen":"2026-03-20T16:26:27.899201Z","times_seen":895,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"image.uc.cn/s/wemedia/s/upload/2025/27a1e3a72fece63c3ff55f2c96c993a5.gif","fqdn":"image.uc.cn","domain":"uc.cn","tld":"cn"},"ip":{"addr":"47.246.2.227","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:57.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.uc.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 12 Feb 2025 01:41:07 GMT","end":"Mon, 16 Mar 2026 01:41:06 GMT"},"fingerprint":{"sha1":"C0:14:EE:1B:74:3A:15:9D:77:E6:65:2D:13:AC:EA:A3:2A:18:31:B7","sha256":"6C:70:26:61:D6:D7:B9:29:F0:3C:55:96:FF:41:8B:63:D0:E9:FA:62:F5:C3:22:4B:0B:CD:20:D5:A1:49:C9:98"}}},"request":{"raw":"GET /s/wemedia/s/upload/2025/27a1e3a72fece63c3ff55f2c96c993a5.gif HTTP/1.1\r\nHost: image.uc.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/GIF\r\ncontent-length: 588276\r\ndate: Tue, 23 Sep 2025 04:41:04 GMT\r\nx-image-resized: 1\r\ncache-control: max-age=432000\r\naccess-control-allow-origin: *\r\nvia: ens-cache7.l2de4[0,0,200-0,H], ens-cache24.l2de4[1,0], cache3.ru3[0,0,200-0,H], cache12.ru3[2,0]\r\nage: 66\r\nali-swift-global-savetime: 1758602837\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 23 Sep 2025 04:47:53 GMT\r\nx-swift-cachetime: 431964\r\ntiming-allow-origin: *\r\neagleid: 2ff602a017589743377587112e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":588276,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"27a1e3a72fece63c3ff55f2c96c993a5","sha1":"bf9989d04a868d7a45fcf27da02450de6bef26fc","sha256":"0ad6d37b508254cf891ea7dab296571d845f42c9fdb96a993732abd8d7cd3448","sha512":"329b02e1821741f6fba8d126793aa613038cee9189aebf1b585d41fc9b12d660ae065784b19d78d367a8a03426ff15e57ddf6add0b9f1b45ea4021180b766a2d","ssdeep":"12288:QGVv12k/eFG28UWXrTIN1vpzR596dSk6LvOhCwfcXCJXKu1sWlk:3vgk/ejZYrTIzn2YKJcS1Ne","tlshash":"21c4231e8397225c3ea4149952e7bb9d12f51ee91c24073de6b639337603df248c8b9b","first_seen":"2025-02-22T00:58:41.209836Z","last_seen":"2026-04-25T04:24:19.280537Z","times_seen":4467,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":0,"dns":0,"connect":26,"send":0,"wait":28,"receive":104,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.878871.com/images/68cd75b0a9a4d1d4d7b74d0d.gif","fqdn":"img.878871.com","domain":"878871.com","tld":"com"},"ip":{"addr":"46.3.193.147","port":443,"asn":209372,"as":"SIA Singularity Telecom","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"878871.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 17 Aug 2025 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"BC:26:F4:C1:C8:C6:3B:DA:12:7F:21:FC:D6:BE:49:A5:E4:50:52:1B","sha256":"B8:25:07:CF:94:EA:E1:1F:8E:56:9C:15:43:02:60:E8:5D:46:F8:09:EC:82:34:C8:6B:EE:19:1F:BE:9C:73:DB"}}},"request":{"raw":"GET /images/68cd75b0a9a4d1d4d7b74d0d.gif HTTP/1.1\r\nHost: img.878871.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-length: 0\r\nreferrer-policy: no-referrer\r\ncache-control: max-age=600\r\nlocation: http://image.uc.cn/s/wemedia/s/upload/2025/27a1e3a72fece63c3ff55f2c96c993a5.gif\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":588276,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":906,"timings":{"blocked":97,"dns":0,"connect":258,"send":0,"wait":258,"receive":0,"ssl":292},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"img.878871.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/css/91captions.vtt","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9xx656.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 05:12:40 GMT","end":"Thu, 27 Nov 2025 06:10:19 GMT"},"fingerprint":{"sha1":"B8:0F:1B:BA:C6:6D:C8:50:9C:06:B6:4C:8B:BC:72:2B:62:35:1A:F9","sha256":"B4:3E:AB:88:26:F5:E8:A3:DB:14:88:86:30:67:60:71:D3:42:DC:2E:5B:DB:0B:70:8B:72:CB:80:BD:C8:A4:B1"}}},"request":{"raw":"GET /css/91captions.vtt HTTP/1.1\r\nHost: 9xx656.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 437\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 12 Aug 2025 16:36:58 GMT\r\netag: \"689b6daa-1b5\"\r\nj-cache: HIT\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ozMwAZUpFF4%2BS29ItW46Zsnol84ZxvWf5DxSJLfBJoIAonfS0DSn5%2FC9A5sG1pmq4O9fnGHp1QYaw0kmKtmdQ4ra64RYlbM7\"}]}\r\nvary: accept-encoding\r\ncf-ray: 985ad505dad87127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":437,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text, with no line terminators","md5":"edf433826814554115bd765290e0d436","sha1":"1cb1a9dc3204530a6de52e78477aa81db2b8a7a4","sha256":"dc3553bc02e1423e4b67cd2581e8e167f9827f780186a496d55e71e44fe6d8c7","sha512":"33f6b523af4709a07c03b72f7e2858c05a6ed45bc5c1d63b4ee1bbd3cfd6f5fb2238a387303d8e4cc46c089e094b1c734c2d8570da898b4cfeff5d7c04c2c06f","ssdeep":"","tlshash":"c720000000000000000000000000000000000000030000000000000000000000000000","first_seen":"2023-11-03T18:35:23Z","last_seen":"2026-04-16T11:14:17.872453Z","times_seen":452,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgsa.baidu.com/forum/pic/item/79f0f736afc379310792153aadc4b74543a9112e.jpg","fqdn":"imgsa.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"119.167.237.48","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /forum/pic/item/79f0f736afc379310792153aadc4b74543a9112e.jpg HTTP/1.1\r\nHost: imgsa.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: JSP3/2.0.14\r\nDate: Sat, 27 Sep 2025 11:58:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 201722\r\nConnection: close\r\nAccess-Control-Allow-Origin: *\r\nEtag: 1467ddc461ae6674f94ca6fe574b7ae5\r\nExpires: Mon, 27 Oct 2025 11:58:57 GMT\r\nLast-Modified: Thu, 01 Jan 1970 00:00:00 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":201722,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"1467ddc461ae6674f94ca6fe574b7ae5","sha1":"49be422ec46a752799b38dd20934c89eb32b501b","sha256":"0653272344587235a12f15339402617e769ec59485cacccf05b3aa595722d590","sha512":"bdbe276245ee9d18b17e189155368d8df21a728540297e07ee94be501cb9c55a77e4d688026cab3846ddd23d379ab121d891b3fdaa6d59a8ac2935eef956a511","ssdeep":"6144:FEZ5ZCsnPSU5H7WdjgP026k7k2SrhUJ5kJEucd:Fq5ZpnKSKlkwvijld","tlshash":"8e14121cc21b0bb13e1d12e15967d09a8ecbcaa506b0673f7d48fdc57056a2cebe49a0","first_seen":"2025-07-29T03:46:51.299852Z","last_seen":"2025-10-24T23:45:57.198778Z","times_seen":1122,"resource_available":false,"data":null}},"time_used":1466,"timings":{"blocked":-1,"dns":0,"connect":255,"send":0,"wait":323,"receive":629,"ssl":259},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-F8MXJQGLN1\u0026cid=446079045.1758974337\u0026gtm=45je59n2v9102926192z89102893467za200zb9102893467zd9102893467\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115691064\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115691064\u0026z=307859679","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:59.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:39:23 GMT","end":"Mon, 01 Dec 2025 08:39:22 GMT"},"fingerprint":{"sha1":"42:CA:DF:AC:84:77:2A:0C:CC:0B:0C:7D:2C:7F:F7:A4:90:1B:05:F3","sha256":"4E:E3:F5:47:6B:82:78:8F:EB:24:48:87:45:0A:2B:B2:1C:6C:5C:89:6A:E4:47:C7:0C:F5:35:47:93:B2:F2:BE"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-F8MXJQGLN1\u0026cid=446079045.1758974337\u0026gtm=45je59n2v9102926192z89102893467za200zb9102893467zd9102893467\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115691064\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115691064\u0026z=307859679 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 27 Sep 2025 11:58:59 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-26T08:03:16.379Z","times_seen":821174,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":71,"dns":2,"connect":15,"send":0,"wait":34,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.719979.com/images/68cd75a7a9a4d1d4d7b74d0c.gif","fqdn":"img.719979.com","domain":"719979.com","tld":"com"},"ip":{"addr":"46.3.44.108","port":443,"asn":209372,"as":"SIA Singularity Telecom","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"719979.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 17 Aug 2025 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"39:90:54:85:0F:95:F3:14:E5:10:91:0F:FE:08:B9:A1:3B:4A:D8:29","sha256":"37:C3:65:87:73:80:C9:B9:E5:FE:D2:FA:23:72:0A:4E:7D:08:DC:D5:95:52:2A:C4:51:F4:C4:E7:D6:54:48:B5"}}},"request":{"raw":"GET /images/68cd75a7a9a4d1d4d7b74d0c.gif HTTP/1.1\r\nHost: img.719979.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-length: 0\r\nreferrer-policy: no-referrer\r\ncache-control: max-age=600\r\nlocation: https://pic.rmb.bdstatic.com/bjh/3ee3d89847d/250521/fccb3f44322eaf9efc2d31bc11f3b4e9.gif\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":368765,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":1482,"timings":{"blocked":599,"dns":0,"connect":283,"send":0,"wait":284,"receive":0,"ssl":315},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"img.719979.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-F8MXJQGLN1\u0026cx=c\u0026gtm=4e59n2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:57.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"GET /gtag/js?id=G-F8MXJQGLN1\u0026cx=c\u0026gtm=4e59n2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\nexpires: Sat, 27 Sep 2025 11:58:57 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142182\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":429598,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"89beb875f9ea2d35323b4435d76fe5ac","sha1":"38c376e1d286b6ffd70414a28df270ab21d9f47a","sha256":"22304a6150566e4e1cde8ef341cdd82560c7c427dac91465b922b880fe768e95","sha512":"b9a608c0b62302ca05eaece28322b0c18ffa47f4d7cd322fde6ff875634fb99f5f94aef9e360bbbb545771a04715669674890d3498f9b1533eccae27acf8b112","ssdeep":"6144:pBTpmM2/RNpvYqkD1g1/9G1SvuVcH0+23WBc:nNmLRYly/Ldk","tlshash":"3d940ace73c674265396f078907f018ba5bb28a2b45cc899f189dce42d74a9a4137f7c","first_seen":"2025-09-27T01:09:49.50809Z","last_seen":"2025-09-27T17:17:38.323526Z","times_seen":32,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/dom2/css/app.css?t=2000","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lib.aidegelin.cn","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 11:29:40 GMT","end":"Wed, 26 Nov 2025 12:29:36 GMT"},"fingerprint":{"sha1":"31:6C:07:B3:77:9B:EC:F9:BE:1D:F9:F2:61:15:A8:89:D2:0E:A3:BF","sha256":"6B:66:D7:76:BA:7A:20:28:15:90:4F:F5:5D:6C:F8:74:39:C8:6C:1C:B7:23:50:D5:DA:BD:6B:50:4C:86:EA:9D"}}},"request":{"raw":"GET /dom2/css/app.css?t=2000 HTTP/1.1\r\nHost: lib.aidegelin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 28 Mar 2024 03:04:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KxLXDSVKre55dYe6%2BZ6IiKtxTqbqnqo25tIxTAldhsP%2F1tdAKKVAitdzo3OFql%2FD%2Fw0lDyQXT%2Fy1wmb%2FD%2BQjzTBt4Ya9bDUyMxxkA95%2FzIY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"6604de2a-630c\"\r\ncache-control: public, max-age=86400, stale-if-error=604800\r\ncontent-encoding: gzip\r\nage: 56410\r\ncf-cache-status: HIT\r\ncf-ray: 985ad5044b38120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25356,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (615)","md5":"3576be14c7ea84a2982d9a684c12937d","sha1":"d6f94fd3ac4531976ea69b932cc9c13a3c112d6f","sha256":"2f09795aa76d8cb220a80a7a97f4d7ec3567516d9d28418076286855b8ae2b35","sha512":"a85809b72f25707315bb9593873867b35a374cef51f26b2d1fcdb7902cf79a0bfaee3157ced8e83038889fd519fabf84d9139b28c60eef7a8330526d85c41c2c","ssdeep":"384:UfqFcAKK1F7FZO339jRhFZQIHKuLhF3TJgzsV4:U4cY1F7FZOFFnBFW","tlshash":"b1b23e45ee733c05245b915c0ff5a344273d9097c94ece2e7baf73849f4a28469a6f88","first_seen":"2024-05-31T01:32:21Z","last_seen":"2026-04-26T00:22:38.817385Z","times_seen":1083,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":144,"dns":0,"connect":2,"send":0,"wait":6,"receive":1,"ssl":146},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/vue/3.4.21/vue.global.prod.min.js","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /vue/3.4.21/vue.global.prod.min.js HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 144109\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nkcs-via: HIT from w-fc03.lato;MISS from w-sc01.lyct\r\naccept-ranges: bytes\r\ndate: Wed, 17 Sep 2025 00:15:23 GMT\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Sat, 15 Sep 2035 00:15:23 GMT\r\netag: W/\"a3209fa78c96d5c7\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: BRLKoR6HEC_jfhyf-NW32k0ZD18u65xhWeCmGHeVqv8-5eiNm6PwMQ==\r\nage: 906213\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":144109,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"517eb7db94ce7c31c2714b624d21d199","sha1":"67ff00b81b694121ba0e0be167b1a6734c90b462","sha256":"173e4a0c8fa4c5af6ae229174a2841f0644f5b2a0c4f4cb5a49de418c15c17e4","sha512":"b65b6f8c90f5a549d7540a742fd89dfe6711fb3734c6c20a98f30992c11c949eae13223c0fa7995a94748d25565135ce29c99e04cc8d0fe2d01f81027ffe562a","ssdeep":"3072:FuT801GSOKvKE8RMsKtU77uR3oWNCfp6m:FuN1GUyhlHhEm6m","tlshash":"5de328a57141b03217ea55e250bf0016f23a1829780d80e8f57decdb397595aa0fffba","first_seen":"2024-05-10T21:36:49Z","last_seen":"2026-04-26T02:14:05.930744Z","times_seen":2201,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":32,"dns":1,"connect":17,"send":0,"wait":54,"receive":7,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/video.js/8.11.8/video.min.js","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /video.js/8.11.8/video.min.js HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 640727\r\ndate: Sun, 13 Jul 2025 01:07:29 GMT\r\naccept-ranges: bytes\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\netag: W/\"24f71cf3db0ab06f\"\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Wed, 11 Jul 2035 01:07:29 GMT\r\nkcs-via: HIT from w-fc03.lato;MISS from w-sc02.lyct\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: k1wD2KNc4mDAUj-NlXKsAob68k38yKJoSU7RtR_eVDIAU7EL2G1_1w==\r\nage: 6605486\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":640727,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65141)","md5":"fd80d821580c7bc6517a4f4ecf95606f","sha1":"5fbd5cd6b275ffe5cff253d1086053e18fc10b24","sha256":"d87427e0e5c1f978cb1e6b9cbd3e7f24db9b5e72ee9a472428cc23c549c46af5","sha512":"4d62ccc0a8ec6967b4e0935af394cf95d2d7661821e5210cb0fc86c3c0bff6df880e7ce252424ffd56ce7b41affd97d0d1d8d279b2097e99fd922808b237d7a9","ssdeep":"6144:O40gTDf3RzJV4hsNHSaBQr/fRTbSZnHVSEkUpfEb3YgNg+5RPrpM6DVSB3UAIxqQ:O47TDfehiGWn4uEb3YgnsB3j8","tlshash":"fbd45c943394613742da9097946f0305733a9e6d6808c06cf92dfeda3de8e49b17bbb4","first_seen":"2024-05-05T16:59:28Z","last_seen":"2026-04-16T11:14:17.888586Z","times_seen":424,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/axios/1.6.8/axios.min.js","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /axios/1.6.8/axios.min.js HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 41481\r\ndate: Fri, 11 Oct 2024 06:19:16 GMT\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\netag: W/\"2ddd21cb3c65dea9\"\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Mon, 09 Oct 2034 06:19:16 GMT\r\nkcs-via: HIT from w-fc03.lato;MISS from w-sc02.lyct\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: LfX-KLeav7Wt8FLPmWi__HwvIpejl3-AMSiak1evBtQcfiixJ6TcfQ==\r\nage: 30346780\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":41481,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (41442)","md5":"3b5b3d36fde8ffe8ed76b1efbfc65410","sha1":"d63107d0912fdb387530d5ce2d512c928d73d122","sha256":"29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304","sha512":"3c96b7a1048b59107bc0767b190fe0faacafeabe266ee8668836fc06348567c359d9ae36a13b40ab99f4b9c580c1c403962900b64b9bfad3d50b0e27a76ed60a","ssdeep":"768:9pQ6+qD0M+7+/kmCACM3aem6eWQi79xpQXQVqQU+h3ghJskJFAn:9pQTsCI9XSMqTXg","tlshash":"7b13d8c9b6d2f06153a77175802f200bf23aa926a44d8454f224ece6bcb950e9367f7d","first_seen":"2024-03-15T17:36:33Z","last_seen":"2026-04-26T02:14:05.958943Z","times_seen":8133,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/4183327079/O1CN012FP5Rl22AEqETYdCo_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i2/4183327079/O1CN012FP5Rl22AEqETYdCo_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 374564\r\ndate: Sun, 21 Sep 2025 19:41:39 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: a3b55ced17584836995635828e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache2.l2de3[0,0,200-0,H], ens-cache9.l2de3[1,0], ens-cache5.se2[0,0,200-0,H], ens-cache4.se2[13,0]\r\naccess-control-allow-origin: *\r\nage: 490637\r\nali-swift-global-savetime: 1758483699\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 22 Sep 2025 07:02:46 GMT\r\nx-swift-cachetime: 31495133\r\nvary: Accept\r\ns-rt: 13\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9817589743367202888e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":374564,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"05c78725911681297b988fd9b9dc5ffa","sha1":"f20373eaa5110f4e0754bd6d955ffa38eec418b6","sha256":"66b9913ecd8fb1a682d88bb2c90e70a15a8dcebaad3cdd7cece50b7c817318d3","sha512":"910961e0f9ad9ce97537019f6277c07499a5d3d1defe2811aad5a7f2cbed009bc236d32b1f395fb1b34a16c973f48715ff6fb143668d0db6240949dfee6bd950","ssdeep":"6144:dq3hKjl0DgR8PKFrT9VNlCx5AUtX5CXF2/FCOBj0pN/z/K6lLSL24dn94:4KdJJEx5AUE2sjfK6lL2P8","tlshash":"6b84021ee591ec801f8c15c838e7246fbdea4cc01ce1e896e4d5fa5b0da8477446bae7","first_seen":"2025-09-23T02:47:48.549658Z","last_seen":"2025-10-01T10:58:39.137379Z","times_seen":101,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":36,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/font-awesome/6.5.1/webfonts/fa-solid-900.woff2","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /font-awesome/6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://9xx656.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lib.baomitu.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 156496\r\ndate: Fri, 25 Oct 2024 02:16:28 GMT\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\netag: W/\"2f42f79bc09822e4\"\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Mon, 23 Oct 2034 02:16:28 GMT\r\nkcs-via: HIT from w-fc01.lato;MISS from w-sc02.lyct\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: lgKhj0HlcDNwiJMOXJUVx_Wsf018emgWtn6yw0qrA57DeMz2Q-b8-A==\r\nage: 29151748\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":156496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-26T07:55:00.985575Z","times_seen":36039,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-PS9RJ64","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"GET /gtm.js?id=GTM-PS9RJ64 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\nexpires: Sat, 27 Sep 2025 11:58:56 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sat, 27 Sep 2025 09:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 108724\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":321788,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5198)","md5":"6f2863331321b63103511447f50d1893","sha1":"6baee29ac06b7f3c680e78dd6d64564c730882f3","sha256":"2baf94627f7e8edccdef7e61510a64a2f19e96320b146e48b56836fdbcfbae93","sha512":"4d4b294af29f1974bffb21d54581063251c19e84cfcd80bfe227515434176d5c781623f771fee331d566d893b7be324b1bbc7f3e5d59f360aa3b133a16603ecd","ssdeep":"3072:lmxhu/D62GmMgmdpl0RP18YqkLPW8RthKUfgHiUXB/G1SvuV8fnUex9:GpmMgmdpBYqkD1ghG1SvuVcDD","tlshash":"ac6408cdb3d6b4624393a478503f018bb57b6992f44cc899f186d8d42e74aaa4237f7c","first_seen":"2025-09-27T11:59:25.859774Z","last_seen":"2025-09-27T11:59:25.859774Z","times_seen":1,"resource_available":true,"data":null}},"time_used":555,"timings":{"blocked":238,"dns":1,"connect":16,"send":0,"wait":41,"receive":37,"ssl":222},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgsa.baidu.com/forum/pic/item/08f790529822720e45cb67ec3dcb0a46f21fab9b.jpg","fqdn":"imgsa.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"119.167.237.48","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /forum/pic/item/08f790529822720e45cb67ec3dcb0a46f21fab9b.jpg HTTP/1.1\r\nHost: imgsa.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: JSP3/2.0.14\r\nDate: Sat, 27 Sep 2025 11:58:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 415712\r\nConnection: close\r\nAccess-Control-Allow-Origin: *\r\nEtag: b4860cf91af556ad9a56b9b6e76ea9cc\r\nExpires: Mon, 27 Oct 2025 11:58:57 GMT\r\nLast-Modified: Thu, 01 Jan 1970 00:00:00 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":415712,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"b4860cf91af556ad9a56b9b6e76ea9cc","sha1":"7ca35b63a9e3bb1f7735b4703a947e56fe5d1381","sha256":"d86024f52767a95a6b51b5adcb9c247ff5e4a2b44f322d47ce6d10da4fc98b80","sha512":"f960f13122cf87b581e2c7e611aaffa95935d4567eeb90798681a5834ffc060f9f7fe68a8cebd573f5e37cce2846341034ca91a3c2a41ca050c034b5f3c7b4f8","ssdeep":"12288:jo++39upZ1FUl6ZCkFxpE7TmLRPM3MMSdF:8+yupZrJZ5SYFMaP","tlshash":"6d94231bd061100abd962ef6f328a67cc9245dc6b1e1faff77d32f90a35621e0528647","first_seen":"2025-09-27T01:09:49.521744Z","last_seen":"2025-12-07T16:56:56.845535Z","times_seen":1005,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":-1,"dns":0,"connect":209,"send":0,"wait":270,"receive":718,"ssl":245},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.jiuse3.cloud/hls/945905/index0.ts","fqdn":"cdn2.jiuse3.cloud","domain":"jiuse3.cloud","tld":"cloud"},"ip":{"addr":"23.237.196.139","port":443,"asn":30058,"as":"FDCSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:58.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jiuse.cloud","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Sep 2025 19:46:35 GMT","end":"Wed, 10 Dec 2025 19:46:34 GMT"},"fingerprint":{"sha1":"E5:12:80:F0:31:60:54:04:8F:19:F4:FC:16:26:C6:13:FE:78:B7:B6","sha256":"57:15:E6:87:BC:5E:13:29:77:37:57:03:83:55:6B:A7:F3:19:17:4D:75:38:11:56:57:DC:4E:0F:4C:1D:70:E8"}}},"request":{"raw":"GET /hls/945905/index0.ts HTTP/1.1\r\nHost: cdn2.jiuse3.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://9xx656.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 11:57:18 GMT\r\ncontent-type: video/mp2t\r\ncontent-length: 542004\r\nlast-modified: Mon, 18 Mar 2024 17:01:08 GMT\r\netag: \"65f87354-84534\"\r\nalt-svc: h3-27=\":443\"; ma=86400, h3-28=\":443\"; ma=86400, h3-29=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nserver-id: FDC-LA-100G-32T\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":542004,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"7087e7318360ca561cc1d99eb533dd8d","sha1":"b3ae833ac299c9c1ac5785c0c7b4f48e228dfcf0","sha256":"9665c2321a3adc6b74a5654f7817d4ccff400d56c3f04252a60ed16a24267ba2","sha512":"f7617c90e82d69595da392a7ebefeb756413c983e7b0f02bf826b8407de60f5bbf0fa94d2fde89411805f34f99efe2336b593702cd14bbabeaef9de4ed53993e","ssdeep":"12288:koPj+y8ju1caG1fyndSDDdf3m+hS+zTeypzrRf5nXltibj:3PjIu1st+eduGFT5XRf51+","tlshash":"b6b4124c576806eb611332c62aacdff76f424d141f949fab15e97849fdf42cac83602a","first_seen":"2025-09-27T11:59:25.86815Z","last_seen":"2025-09-27T11:59:25.86815Z","times_seen":1,"resource_available":false,"data":null}},"time_used":884,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":665,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.zyvqb.com/960x80-2.gif","fqdn":"txdy.zyvqb.com","domain":"zyvqb.com","tld":"com"},"ip":{"addr":"61.170.77.85","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.zyvqb.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 31 Aug 2025 00:00:00 GMT","end":"Fri, 28 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"03:BB:1B:82:23:07:1E:77:57:F6:F0:3C:6C:F3:D2:65:9C:C6:37:13","sha256":"53:DC:EC:15:A0:E5:90:86:66:D5:4F:3F:E6:7E:DA:9F:86:FB:AA:D2:2C:A1:18:1F:61:28:6F:EE:9A:81:31:4A"}}},"request":{"raw":"GET /960x80-2.gif HTTP/1.1\r\nHost: txdy.zyvqb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 297407\r\ndate: Thu, 11 Sep 2025 09:47:26 GMT\r\nexpires: Sat, 11 Oct 2025 09:47:26 GMT\r\ncache-control: max-age=2592000\r\nlast-modified: Tue, 15 Jul 2025 19:09:14 GMT\r\nvary: Accept-Encoding\r\netag: \"6876a75a-489bf\"\r\naccept-ranges: bytes\r\nvia: cache9.l2cn3022[0,0,200-0,H], cache41.l2cn3022[1,0], ens-cache7.cn6020[0,0,200-0,H], ens-cache18.cn6020[1,0]\r\nage: 1390291\r\nali-swift-global-savetime: 1757584046\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 15 Sep 2025 15:33:18 GMT\r\nx-swift-cachetime: 2225648\r\ntiming-allow-origin: *\r\neagleid: 3daa4d2617589743373862917e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":297407,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"be1029d05fc8d15a4cb3f6288d367533","sha1":"f8ddedc7a9f691dbce177b93fbe2ded9aa9507f4","sha256":"46a7073b45a7579ab9f2500891645dafe94550654b523bbe315eb7fcfc15e791","sha512":"5f560abc53c6800b424c29ba38776cab24278062d353efed5cac05d0554cfbdc1415fbf2e786e67b3ab57b959c82f8b81c7d30f9aa22b411f7dd4362ec8201ef","ssdeep":"6144:fMvfw5r61Qp6juuUCSYi6sBOCpSPL0QcuZ/F+dITXsI9Av77hQDC:fyfw5rWQp6uuU+VLCkD0QcuDAAa5","tlshash":"15542316137343b475399570679db46087aee8841ae3da3b43835cf71a2bcf4d9acae0","first_seen":"2025-08-16T00:23:54.138942Z","last_seen":"2025-12-28T20:44:46.671288Z","times_seen":1533,"resource_available":false,"data":null}},"time_used":1989,"timings":{"blocked":-1,"dns":0,"connect":271,"send":0,"wait":270,"receive":1171,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dq38rjje7qjm3.cloudfront.net/51dhz/960x80.gif","fqdn":"dq38rjje7qjm3.cloudfront.net","domain":"dq38rjje7qjm3.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.159","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:59.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /51dhz/960x80.gif HTTP/1.1\r\nHost: dq38rjje7qjm3.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 54606\r\ndate: Sun, 21 Sep 2025 12:20:40 GMT\r\nlast-modified: Sun, 17 Aug 2025 06:47:49 GMT\r\netag: \"762805a4b28fb1bbd2c9d25908bfed5b\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: q52nMFKOvR6rvQrJIX7lz8H1uUBMZaeKO06ceiRzTY7TjXbcDBPqFQ==\r\nage: 517100\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":54606,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"762805a4b28fb1bbd2c9d25908bfed5b","sha1":"54e5adc1a18dff1db97d13637cb06e8cb3f5843f","sha256":"239a656bea097db140656ddc995d970af6cc390b94858170f044b196f920fe57","sha512":"e37edbd8b4172b92763ae216a7e49eae7c32ee1978ac4be54eb9add470e719d11dd737737c5684649df5a37b9e976938f75b4b6b5354dd4bc373205446774d45","ssdeep":"1536:CIG9QqbPaEuPeaw1SXdZtP/5SIpIsMpkimJLqsS3A:/G9QuPaEuPm4dZt5SIpIbILqPA","tlshash":"cc33023cc999a9c2c51ef4307aba038a3ca49a590b499f6b4d185ecf24c3d3e3635617","first_seen":"2025-09-23T02:47:48.550993Z","last_seen":"2025-10-23T12:12:57.363039Z","times_seen":830,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":19,"dns":0,"connect":8,"send":0,"wait":9,"receive":9,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/font-awesome/6.5.1/css/all.min.css","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /font-awesome/6.5.1/css/all.min.css HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 102641\r\ndate: Thu, 17 Apr 2025 00:24:30 GMT\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\netag: W/\"187adb852a6e99c3\"\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Sun, 15 Apr 2035 00:24:30 GMT\r\nkcs-via: HIT from w-fc01.lato;MISS from w-sc09.zzzc\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: 51IHe1Jr7dWrYbJ01orbIA0eRrJwRfrU3oeDrj_9GmiX3FkJmVfADA==\r\nage: 14124866\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":102641,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"9402848c3d4bbc710c764326f8b887c9","sha1":"b6e555166eb1381392e00adcde9bf8863f16ff01","sha256":"c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7","sha512":"0d33903bd456087de9a46a9c59a100d41219382eb1c5a97012cc3d73641078021fb65f957a0a2f96779ed5cf505f84dcb6758c9f5dd36727be822326f1ed8bc0","ssdeep":"1536:iwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgSLCJ:O709gMGFiyPG9ZiSLCJ","tlshash":"79a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-26T07:43:57.441113Z","times_seen":24007,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":27,"dns":1,"connect":14,"send":0,"wait":15,"receive":21,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/bulma/0.9.4/css/bulma.min.css","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /bulma/0.9.4/css/bulma.min.css HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 207302\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nkcs-via: MISS from w-fc01.lato;MISS from w-sc02.lyct\r\naccept-ranges: bytes\r\ndate: Fri, 19 Sep 2025 23:29:49 GMT\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Mon, 17 Sep 2035 23:29:49 GMT\r\netag: W/\"86a0b30cd392f170\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: onfsauywUI_W-45Hzd_cm_-nuVpbMkjqkYf_jxnGNLf9KDPe-zDkTw==\r\nage: 649747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":207302,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"604205736eda4815fc08e1dcda46d3fc","sha1":"9cbf8fd27f50a6a27dec9c66081a520569c679a4","sha256":"ad3a5d3b41d7042369ade00772eead0763e9839d79568fb91ad612b2734bcfef","sha512":"1eac4752424cd1261c6efc54c393fad12cdd393cbf415c00d4926bbda5c9bf8abb9666c36429996aacf4d543ce690bdea317d846fd6d1e8cd618f31cb9306ebd","ssdeep":"768:tZHa2YfD0HK3E4QMMJNdz6CPry05DEJa09DKMzsRLcB73yMBgDFlWxG2A3UaQS+T:9lAe5hFC","tlshash":"f1149992ee503c4f7513882e54d0f7a4272e59c4da1627b7b537b2e0864a78f2937f0a","first_seen":"2023-04-26T18:39:59Z","last_seen":"2026-04-26T02:14:05.945054Z","times_seen":2469,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":29,"dns":0,"connect":15,"send":0,"wait":35,"receive":22,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saturday.ucloud141.xyz/thumb/945905.webp","fqdn":"saturday.ucloud141.xyz","domain":"ucloud141.xyz","tld":"xyz"},"ip":{"addr":"23.237.196.139","port":443,"asn":30058,"as":"FDCSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ucloud140.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Sep 2025 19:29:14 GMT","end":"Wed, 10 Dec 2025 19:29:13 GMT"},"fingerprint":{"sha1":"5C:B6:E6:CD:09:CA:A9:6A:3B:34:65:78:BF:58:AE:75:2F:6C:88:91","sha256":"AB:70:09:C8:DC:E9:CF:1A:C2:BC:4E:D0:B5:87:36:3C:9B:EA:69:6E:04:51:E8:C5:3A:AF:78:CA:2C:BA:E1:18"}}},"request":{"raw":"GET /thumb/945905.webp HTTP/1.1\r\nHost: saturday.ucloud141.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 11:57:17 GMT\r\ncontent-type: image/webp\r\ncontent-length: 27568\r\nlast-modified: Mon, 18 Mar 2024 16:55:16 GMT\r\netag: \"65f871f4-6bb0\"\r\nexpires: Mon, 27 Oct 2025 11:57:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27568,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x229, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"538654f2bf1b069c8e63d83fd4875e40","sha1":"b0a4986a35cb1d3f95eacebd2aad4985ffbb31a0","sha256":"50cebbe3642555afd4c9d62fcc7fd602b08754135dd29860c3b6a2148c9a17e1","sha512":"bb23aa77c828d6536d58afafe7fff4cf4ed71d257ab7f1cf3fd48a1ce48b37c0d685d905b45c67a09f7a4433bfa67def8336cb15112f5429b1085e0ca6497f6d","ssdeep":"768:pLtYalrvyDnlxnXRIXcY7G4lP718QbSyuHSU8tV:pLtYCrvElxnXVMKosL8V","tlshash":"e6c2e0f7ce1b425931a85ac6b2e7beb83f3ee1d11674241a8463b43053528a502fc6f6","first_seen":"2025-09-27T11:59:25.879092Z","last_seen":"2025-09-27T11:59:25.879092Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1592,"timings":{"blocked":142,"dns":699,"connect":179,"send":0,"wait":216,"receive":172,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"saturday.ucloud141.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ds99.img8341816451.com:5658/8888/mbh/6-960x60.gif","fqdn":"ds99.img8341816451.com","domain":"img8341816451.com","tld":"com"},"ip":{"addr":"156.231.115.236","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ds99.img8341816451.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 16:54:16 GMT","end":"Fri, 19 Dec 2025 16:54:15 GMT"},"fingerprint":{"sha1":"B3:D4:A3:50:6A:9A:C4:CE:08:C1:22:22:5A:E4:D2:F8:6C:05:5C:98","sha256":"C0:75:15:07:93:0D:00:E1:41:91:29:C0:63:C9:FE:1E:84:BA:1C:42:58:EF:6B:A7:9D:8D:DD:FC:74:2E:58:C2"}}},"request":{"raw":"GET /8888/mbh/6-960x60.gif HTTP/1.1\r\nHost: ds99.img8341816451.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 309671\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Tue, 23 Sep 2025 12:46:28 GMT\r\netag: \"68d296a4-4b9a7\"\r\nexpires: Sun, 26 Oct 2025 21:50:42 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":309671,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"a095507afab56587d75115dc2765cb7a","sha1":"4263b24e917c2d9d981e7edb0779f0871d846c92","sha256":"0afb8b734081f46df47d1e37b2d848a2a046ec17bb51bac5afbc7256eae2101b","sha512":"de7727a3ea19b49a90f26e01f32e54862339cfdab14b534cdd530c864957ee6e356f2e08c211f5a5d305e982c31473c96a577ed77a207b8f6606aad10f819fc5","ssdeep":"3072:ZTXz3uzTXz3uzTXz3uuljAQn3qctkTC3rull3n3qctkTC3rull3n3qcIRv3g9iwS:lUUJlUQ3587lZ3587lZ34vcvcvh","tlshash":"496412d3b9d84212f1226ee6360741962f2bb10a9c811bd10bf3bddeed578987fc5468","first_seen":"2025-09-27T01:09:49.518583Z","last_seen":"2025-12-20T13:25:32.244202Z","times_seen":979,"resource_available":false,"data":null}},"time_used":1935,"timings":{"blocked":61,"dns":0,"connect":252,"send":0,"wait":252,"receive":1112,"ssl":258},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"ds99.img8341816451.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/api/video/view?id=d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9xx656.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 05:12:40 GMT","end":"Thu, 27 Nov 2025 06:10:19 GMT"},"fingerprint":{"sha1":"B8:0F:1B:BA:C6:6D:C8:50:9C:06:B6:4C:8B:BC:72:2B:62:35:1A:F9","sha256":"B4:3E:AB:88:26:F5:E8:A3:DB:14:88:86:30:67:60:71:D3:42:DC:2E:5B:DB:0B:70:8B:72:CB:80:BD:C8:A4:B1"}}},"request":{"raw":"GET /api/video/view?id=d47851ac96fd6f0d88e6 HTTP/1.1\r\nHost: 9xx656.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: application/json; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u7tr22m0yRlfeW%2BQoxbTJZP1G5Vm5j6B5IUjf5OJnfP9iHyJrnk0QC8qXmaRds%2F%2F768BNMQ1PacRA%2FhkaqFMKc%2BUsxo2HrKi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-request-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Cookie, Authorization, Origin, X-Requested-With, AUTHORIZATION, Content-Type, Accept, Sec-Fetch-Mode, Referer, User-Agent, Accept-Encoding\r\naccess-control-max-age: 8640000\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\nexpires: Sat, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nj-cache: MISS\r\nx-rtag: AWSG7\r\ncf-ipcountry: NO\r\ncf-cache-status: BYPASS\r\ncf-ray: 985ad505aad77127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6298f063ad6a3c5d5a6d619923896ce7","sha1":"7468573efd80ae031df41f9f52cdc96193ac9478","sha256":"febef4e826c2862868495c7466082227fef1f10b750a536b77f83bac6a2f0c46","sha512":"7432babdd3a24ab5f7f161bebba8742f89e670e3a0c4a816211aa70fe5a6fe522d264161b8e2bd30574d930f8223327886089db06503b2f10e759f3842752a03","ssdeep":"","tlshash":"2ed0a71d55ad29151f42e2c14f0e94178ec8c25c397025e7cd959a3311d6ed4a6454b5","first_seen":"2025-09-27T11:59:25.884805Z","last_seen":"2025-09-27T11:59:25.884805Z","times_seen":1,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1yw1n0ddlrqxj.cloudfront.net/69xpj/960x80.gif","fqdn":"d1yw1n0ddlrqxj.cloudfront.net","domain":"d1yw1n0ddlrqxj.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.164.210.160","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:59.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /69xpj/960x80.gif HTTP/1.1\r\nHost: d1yw1n0ddlrqxj.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 324785\r\nlast-modified: Thu, 07 Aug 2025 09:57:20 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 27 Sep 2025 04:45:24 GMT\r\netag: \"0d6580263fbbe0f9dc26c0cec2807433\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 dbd8987d44df68dae5505300fae9f718.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P5\r\nx-amz-cf-id: e5MRK4IHA6vkfJH5XtOYsJcs2RRdEqbfDTg7LBJ5i2CHYn9iBNu_UQ==\r\nage: 1245527\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":324785,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"0d6580263fbbe0f9dc26c0cec2807433","sha1":"1c1d50bd1de89232d8a658703c5c9613cd5dab88","sha256":"4b72f4e44b4ef34916abbdd08546ce90a6de4e1cfd218b3e7ea78eda424fbfab","sha512":"af3c3f0326e4bab8fbd6fb5f7ac6922d4877b4375d3da7c00c49e8552275b99e8e39cd24865daffcd5cd499245f8b83c635058b588ffd815020c3011d8b356f8","ssdeep":"6144:Hg76XS2t1PmkQA2wnkcQzMza4xeiTlwpWRFlDWetEyQt9ubbS:A7SSujnkcQsa4BTflaWguXS","tlshash":"be64223e79b0230b6345bbeeb7e65df6de461591d952e50b8c0cec4234ac07e227a91c","first_seen":"2025-08-16T05:14:47.365412Z","last_seen":"2025-11-16T08:00:32.749478Z","times_seen":1257,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":31,"dns":4,"connect":14,"send":0,"wait":16,"receive":43,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/favicon.ico","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:59.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9xx656.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 05:12:40 GMT","end":"Thu, 27 Nov 2025 06:10:19 GMT"},"fingerprint":{"sha1":"B8:0F:1B:BA:C6:6D:C8:50:9C:06:B6:4C:8B:BC:72:2B:62:35:1A:F9","sha256":"B4:3E:AB:88:26:F5:E8:A3:DB:14:88:86:30:67:60:71:D3:42:DC:2E:5B:DB:0B:70:8B:72:CB:80:BD:C8:A4:B1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 9xx656.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6\r\nCookie: _ga_F8MXJQGLN1=GS2.1.s1758974337$o1$g0$t1758974337$j60$l0$h1267725716; _ga=GA1.1.446079045.1758974337\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:59 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Tue, 01 Sep 2020 15:07:12 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EomU8NHkk6LMmWXRSGHr%2BDbk6tZz96YaXR26zralQ2pyvanurJ6rFdoo0wgjKvsZFB3TTUfp9CtMGrPieq0Nuq0eW%2FJBGJaa\"}]}\r\nj-cache: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 47\r\ncf-cache-status: HIT\r\netag: W/\"5f4e63a0-3c2e\"\r\ncf-ray: 985ad516cbac7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"79687d77e084027caf9d01059a41ec8c","sha1":"19482bfa446c6482b0e40d43f77cb08bfa56c64f","sha256":"b7d9a1e430882d4dc17134f461ef9ff06fdfb19c3f197df3221f39fdd5e8d40d","sha512":"901b500265706d5d8bdae07d468c166000be3603f6f7978a92257a1ae075aa9dcf0fb3b9e9961b05ec7fab5013c2d60b5e190370ef042454e3911e2b03f13375","ssdeep":"48:L1PLt087+FHqthfaMRjWemTwWj0PmUgDffRzHWKH:1LObpojWem/4PmU+Brd","tlshash":"806234000261e50cea565730e34ec2f9af4fccb19277594b99d07da7b6ce32a520169d","first_seen":"2023-05-08T13:06:20Z","last_seen":"2026-04-26T02:14:05.944196Z","times_seen":2388,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-F8MXJQGLN1\u0026gtm=45je59n2v9102926192z89102893467za200zb9102893467zd9102893467\u0026_p=1758974336694\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=446079045.1758974337\u0026ecid=1267725716\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115691064\u0026sid=1758974337\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2F9xx656.xyz%2Fvideo%2Fview%2Fd47851ac96fd6f0d88e6\u0026dt=jiuse35.lol%E6%8C%81%E5%AE%B6%E6%9C%89%E9%81%93%E7%9A%84%E7%BE%8E%E5%B0%91%E5%A6%87%EF%BC%81%E5%81%9A%E8%B6%B3%E6%B5%B4%E5%85%BB%E5%AE%B6%E8%80%81%E5%85%AC%E5%BF%83%E7%9C%BC%E7%9C%9F%E5%A4%A7%E8%BF%99%E9%83%BD%E6%94%BE%E5%BF%83%E3%80%8E%E7%8B%A0%E8%B4%A7%E9%AB%98%E7%A7%91%E6%8A%80%E7%9C%8B%E7%AE%80%E9%98%B6%E3%80%8F%20-%2091%E8%A7%86%E9%A2%91%7C91%E8%87%AA%E6%8B%8D%7C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=1250","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:59.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-F8MXJQGLN1\u0026gtm=45je59n2v9102926192z89102893467za200zb9102893467zd9102893467\u0026_p=1758974336694\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=446079045.1758974337\u0026ecid=1267725716\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115691064\u0026sid=1758974337\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2F9xx656.xyz%2Fvideo%2Fview%2Fd47851ac96fd6f0d88e6\u0026dt=jiuse35.lol%E6%8C%81%E5%AE%B6%E6%9C%89%E9%81%93%E7%9A%84%E7%BE%8E%E5%B0%91%E5%A6%87%EF%BC%81%E5%81%9A%E8%B6%B3%E6%B5%B4%E5%85%BB%E5%AE%B6%E8%80%81%E5%85%AC%E5%BF%83%E7%9C%BC%E7%9C%9F%E5%A4%A7%E8%BF%99%E9%83%BD%E6%94%BE%E5%BF%83%E3%80%8E%E7%8B%A0%E8%B4%A7%E9%AB%98%E7%A7%91%E6%8A%80%E7%9C%8B%E7%AE%80%E9%98%B6%E3%80%8F%20-%2091%E8%A7%86%E9%A2%91%7C91%E8%87%AA%E6%8B%8D%7C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=1250 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://9xx656.xyz/\r\nOrigin: https://9xx656.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://9xx656.xyz\r\ndate: Sat, 27 Sep 2025 11:58:59 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0\r\nreport-to: {\"group\":\"ascnsrsggc:158:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":28,"dns":0,"connect":8,"send":0,"wait":18,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/video/view/d47851ac96fd6f0d88e6","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-27T11:58:55.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9xx656.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 05:12:40 GMT","end":"Thu, 27 Nov 2025 06:10:19 GMT"},"fingerprint":{"sha1":"B8:0F:1B:BA:C6:6D:C8:50:9C:06:B6:4C:8B:BC:72:2B:62:35:1A:F9","sha256":"B4:3E:AB:88:26:F5:E8:A3:DB:14:88:86:30:67:60:71:D3:42:DC:2E:5B:DB:0B:70:8B:72:CB:80:BD:C8:A4:B1"}}},"request":{"raw":"GET /video/view/d47851ac96fd6f0d88e6 HTTP/1.1\r\nHost: 9xx656.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: True\r\naccess-control-request-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nage: 7200\r\ncache-control: public, max-age=7200, stale-while-revalidate=600, stale-if-error=604800\r\nexpires: Sat, 27 Sep 2025 12:57:20 GMT\r\ncache-key: dom2:6b18f526fef87efa10c6f19ffd5d037f\r\nghash: 6b18f526fef87efa10c6f19ffd5d037f\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W1tG113VD%2BhzjuO6saqIdXYmRlzbWltKDJi0A9e2A9E259oXyf6Xj8wDBtZDGe1AhxqyzYXeoV2t4SvyCpGBm3ajx10wGMIX\"}]}\r\nj-cache: HIT\r\nx-rtag: AWSG7\r\ncf-ipcountry: NO\r\ncf-cache-status: MISS\r\nlast-modified: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-encoding: br\r\ncf-ray: 985ad5007cc20b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Axios:1.6.8","description":"Promise based HTTP client for the browser and node.js","website":"https://github.com/axios/axios","common_platform_enumeration":"","icon":"Axios.svg","categories":["JavaScript libraries"]}],"data":{"size":155436,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2532)","md5":"e32d734eb21dc7592066d6f80cc04247","sha1":"abc85bddc7d27a38e32b0aa24113393c40894aa8","sha256":"8a4d0793e2498262cdd0504f0c6cc932d53fa9353d8e42a0e1c658c26111170d","sha512":"fa57ee860a11834fe806c96272561d3562fc253b7069fbb1afa339b1104307b066a6d9a84843a7734a2a350c0778857f16ff4a2822aeff578e04d8c40e9ccadb","ssdeep":"1536:+0nZRCbLprxKLwiBqkdQEMAZPON+q//7BnHFfiT0q9IhPH/MH:1nZRCb2MMH","tlshash":"4ee3516164f5597311a3d2e927292b0aefc190c3e61bc214b7bd07c48fd6e9bc88366d","first_seen":"2025-09-27T11:59:25.890978Z","last_seen":"2025-09-27T11:59:25.890978Z","times_seen":1,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":125,"dns":0,"connect":1,"send":0,"wait":379,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/wenming/cs.js?t=1758963244","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lib.aidegelin.cn","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 11:29:40 GMT","end":"Wed, 26 Nov 2025 12:29:36 GMT"},"fingerprint":{"sha1":"31:6C:07:B3:77:9B:EC:F9:BE:1D:F9:F2:61:15:A8:89:D2:0E:A3:BF","sha256":"6B:66:D7:76:BA:7A:20:28:15:90:4F:F5:5D:6C:F8:74:39:C8:6C:1C:B7:23:50:D5:DA:BD:6B:50:4C:86:EA:9D"}}},"request":{"raw":"GET /wenming/cs.js?t=1758963244 HTTP/1.1\r\nHost: lib.aidegelin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 27 Sep 2025 08:54:04 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GlRDSK%2Bkc6QYeBG7SBIWWES5UlceqCKaV13%2BnV0i8KwOyYEcJGu6hrRw5Cja%2FxuHmqrq8MIRVtQQ9JmWXlqBfHc4j9%2BA8r2B%2B9nvNKb85f8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"68d7a62c-3aa5\"\r\ncache-control: public, max-age=3600, stale-if-error=604800\r\ncontent-encoding: gzip\r\nage: 1258\r\ncf-cache-status: HIT\r\ncf-ray: 985ad5043b34120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15013,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (15013), with no line terminators","md5":"e4b9f0eb8d00d2a1194e7ad860f8d241","sha1":"03bb233d1549ddcf03d62b7084155e809683260a","sha256":"a3a32bf77c293120f9ae2c1065a8cef196bcbb0eb91eacfb12e8cf72344ede0f","sha512":"13494214ebfefc385c5bedb628c6e01ab93e3666943f28f0f4803284cdc0c6a09ec9c64291599834ceaf2170339d559456da9468709a5fcb91db35700b7c8818","ssdeep":"384:KJo4BQQEBa+NUF2jCYT8/iSP1DDw0n8vtqUuy30B2AC2GIraTv2:KznEKAI/jb8vMUV0Bzraz2","tlshash":"c762c03697554e9bae71c4fbb0d99f343fb90c928022467333ee4f99c66bf984045106","first_seen":"2025-09-27T09:12:14.170326Z","last_seen":"2025-09-27T11:59:25.894572Z","times_seen":14,"resource_available":true,"data":null}},"time_used":287,"timings":{"blocked":135,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/dom2/js/com.js?t=2000","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lib.aidegelin.cn","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 11:29:40 GMT","end":"Wed, 26 Nov 2025 12:29:36 GMT"},"fingerprint":{"sha1":"31:6C:07:B3:77:9B:EC:F9:BE:1D:F9:F2:61:15:A8:89:D2:0E:A3:BF","sha256":"6B:66:D7:76:BA:7A:20:28:15:90:4F:F5:5D:6C:F8:74:39:C8:6C:1C:B7:23:50:D5:DA:BD:6B:50:4C:86:EA:9D"}}},"request":{"raw":"GET /dom2/js/com.js?t=2000 HTTP/1.1\r\nHost: lib.aidegelin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 May 2024 09:09:25 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"664c64c5-2abf\"\r\ncache-control: public, max-age=86400, stale-if-error=604800\r\ncontent-encoding: gzip\r\nage: 34239\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FeHDGR7J12PpBdvjGdFrOitM6tgwalhkRvzfmm5Dvq2ZZFNZLGC6A4rYOqrHugHuEBX%2BdVz3z5Ujk3DYp3SvzCMUvfb0mIEyuSOBEIld\"}]}\r\ncf-ray: 985ad503bee356b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10943,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4224)","md5":"c26e51298663c661407a22e72b1bc289","sha1":"4dc0304d21f823695fb9043cb29065c762a316a1","sha256":"609c4a8555dd1067b20b26d21104db4b2faeb54fab27a2ed638d786fd953d838","sha512":"130f2cb48ca6f315f4b2e911709755f4267bad6046bb6cdc8fe7bdd5eafb95808079f00d718b828fce2e973a8929b2af13b96570032f68217f525fc6e30ec805","ssdeep":"192:InJ1qCyaVN7knlgBYKVcUpgdR/skOTmlNW4abL+12WOu1jwxR+BTisLzyiRUy9+0:a9VdknnBRFmmlNWpH+1vHNwD0","tlshash":"2d32a34cedf6512b52bf20ae2d9f10412530084bb94d5925be2c0dd86fc5abb4a67fb8","first_seen":"2024-05-29T22:16:34Z","last_seen":"2026-04-26T00:22:38.824811Z","times_seen":1202,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":2,"send":0,"wait":9,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/4183327079/O1CN01CD8zl122AEq4vor6O_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i3/4183327079/O1CN01CD8zl122AEq4vor6O_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 319464\r\ndate: Thu, 11 Sep 2025 06:30:40 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 4f85b0a017575722403893566e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache1.l2de3[0,0,200-0,H], ens-cache11.l2de3[6,0], ens-cache12.se2[0,0,200-0,H], ens-cache4.se2[12,0]\r\naccess-control-allow-origin: *\r\nage: 1402096\r\nali-swift-global-savetime: 1757572240\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 11 Sep 2025 07:33:24 GMT\r\nx-swift-cachetime: 31532236\r\nvary: Accept\r\ns-rt: 12\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9817589743367202884e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":319464,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"3b4e1e5b74fe0776bb434f7d694652f2","sha1":"b594dcbdaa8cb359727d0678cc62c34fd26d01dd","sha256":"eab8319def7cc367d3e97ba20eb2ff5ef094ef3e4228132c2edbeffa9807404f","sha512":"560af9f9c794d8e265947c9a8e5e6344390bb550154132c33e6483782c17299d4c605e003f27fb25450789ed052bb1ed12a7e474b0c63fef40113e4428a83ca1","ssdeep":"6144:4a4IlMuRv/HzD12jZu7h1I90xpo137RnTwBscD1Yrnn6MjzxNMt:MM3nTD121u3I9gpUrRT2Dknn6MJNMt","tlshash":"366412fc00480606b7a6eb4f415d2e74663e1c8b56e37d10a7f6f6e9a1c634a972b334","first_seen":"2025-09-14T03:16:08.429947Z","last_seen":"2025-10-31T07:23:02.004931Z","times_seen":1031,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":8,"send":0,"wait":25,"receive":28,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"monkey.ygvyp.com/img/5Aky960x80.gif","fqdn":"monkey.ygvyp.com","domain":"ygvyp.com","tld":"com"},"ip":{"addr":"180.163.146.80","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"monkey.ygvyp.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Wed, 29 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"A9:9D:51:17:CF:12:B7:24:5B:90:A6:A1:FA:CD:19:91:0A:34:16:4D","sha256":"34:AD:12:A5:C0:85:C5:B1:95:BD:EC:57:AB:2D:30:B1:C9:94:BA:5B:B1:3F:57:3C:D3:2C:C3:C6:64:03:10:D6"}}},"request":{"raw":"GET /img/5Aky960x80.gif HTTP/1.1\r\nHost: monkey.ygvyp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 64293\r\nstrict-transport-security: max-age=5184000\r\ndate: Wed, 03 Sep 2025 18:33:34 GMT\r\nlast-modified: Wed, 03 Sep 2025 18:11:15 GMT\r\nvary: Accept-Encoding\r\netag: \"68b884c3-fb25\"\r\nexpires: Fri, 03 Oct 2025 18:33:34 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache6.l2cn8000[0,0,200-0,H], cache1.l2cn8000[1,0], kunlun1.cn7174[0,0,200-0,H], kunlun5.cn7174[1,0]\r\nage: 2049923\r\nali-swift-global-savetime: 1756924414\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 03 Sep 2025 18:36:09 GMT\r\nx-swift-cachetime: 2591845\r\ntiming-allow-origin: *\r\neagleid: b4a3921917589743374914725e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":64293,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"d9f6598b319318a166c181f654ce7f62","sha1":"f5b35abf5609eaf997dce69c436dd4bbe1f0077b","sha256":"ce7176172d6d66e858554c65ab34570db437004e5f394a68f6ed11d4b4261cc7","sha512":"7cf828df55b21fce7fb12b1373843b07cc2691c3314af71f44390a14122a4eb953b06fec8eb0ea0016f61dfe4e2a79bea1cbda8443e0e4c998b902412279fd60","ssdeep":"1536:zGoTBiH1rN5JUhwdaQZP3JRp8XAdlnTCN6+VjP/:z5TcVvqwj/Jj8XAdls6+Vj3","tlshash":"b753026561623e6065aa9d7989721c281d6cd70c6c60c9dbe3b4cf9436337fb20a8b87","first_seen":"2025-09-05T14:19:52.585591Z","last_seen":"2025-10-07T18:49:37.952178Z","times_seen":205,"resource_available":false,"data":null}},"time_used":1492,"timings":{"blocked":135,"dns":0,"connect":251,"send":0,"wait":280,"receive":546,"ssl":280},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.asdf010.com/3391/1372/1372-750x150.gif","fqdn":"txdy.asdf010.com","domain":"asdf010.com","tld":"com"},"ip":{"addr":"61.170.77.88","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.asdf010.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 11 Aug 2025 00:00:00 GMT","end":"Sat, 08 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"9D:B9:12:D2:FF:03:B1:12:4A:A9:BB:8C:63:B3:8E:4C:13:B2:AD:A2","sha256":"2D:73:98:56:B7:1B:30:BB:FB:0B:0C:FA:42:4B:EC:F8:10:1F:14:E5:AE:C5:D1:6E:34:F5:D8:13:11:93:AA:01"}}},"request":{"raw":"GET /3391/1372/1372-750x150.gif HTTP/1.1\r\nHost: txdy.asdf010.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 83576\r\nstrict-transport-security: max-age=5184000\r\ndate: Sat, 20 Sep 2025 11:49:18 GMT\r\nexpires: Mon, 20 Oct 2025 11:49:18 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache11.l2cn3160[0,0,304-0,H], cache11.l2cn3160[1,0], ens-cache26.cn6020[0,0,200-0,H], ens-cache1.cn6020[2,0]\r\nlast-modified: Mon, 20 Jan 2025 11:12:18 GMT\r\nvary: Accept-Encoding\r\netag: \"678e2f92-14678\"\r\nage: 605379\r\nali-swift-global-savetime: 1758368958\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 23 Sep 2025 11:16:41 GMT\r\nx-swift-cachetime: 2334757\r\ntiming-allow-origin: *\r\neagleid: 3daa4d1517589743373704065e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83576,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 750 x 150","md5":"a2af208da40e0cafc5784edf983fcfb1","sha1":"c4d7b42d729c16f36e7df61d61d146a6f88de6a8","sha256":"fc7676b63f42cc9a2b96c486eb5796cdf112515d4163bcbce27127a7438d6ceb","sha512":"5f4df7888aaa0bdb55ba678fdacdcc84996271050f701fb9a37612ef0e95e3253e200f4a5150561b1290007a8d0cdb8de8036d49bb31e23d291233c1f432ae32","ssdeep":"1536:+pwHkmScCIE9hSwhn5VGGrQTBERggRX4XSzcm/SEEQ3BsYlCbh7kYK9HHo:LQcC7zhn5VwBERDdrBfwbh5K9o","tlshash":"6e8302cdf9216882d860597d6f2f8a18d6840dfa4afa75ccb37f94ba140cb1f155222f","first_seen":"2025-01-25T18:45:03.520659Z","last_seen":"2025-12-28T17:35:32.088892Z","times_seen":1842,"resource_available":false,"data":null}},"time_used":1356,"timings":{"blocked":107,"dns":0,"connect":233,"send":0,"wait":265,"receive":660,"ssl":270},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/css/91captions.vtt","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9xx656.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 05:12:40 GMT","end":"Thu, 27 Nov 2025 06:10:19 GMT"},"fingerprint":{"sha1":"B8:0F:1B:BA:C6:6D:C8:50:9C:06:B6:4C:8B:BC:72:2B:62:35:1A:F9","sha256":"B4:3E:AB:88:26:F5:E8:A3:DB:14:88:86:30:67:60:71:D3:42:DC:2E:5B:DB:0B:70:8B:72:CB:80:BD:C8:A4:B1"}}},"request":{"raw":"GET /css/91captions.vtt HTTP/1.1\r\nHost: 9xx656.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: track\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 437\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 12 Aug 2025 16:36:58 GMT\r\netag: \"689b6daa-1b5\"\r\nj-cache: HIT\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YEzLGE8YD4FBgL%2Bz7EZB6UAyrr0YDAvVd4AquZEpPf%2FsueInbtMIXFrd%2FWeayM%2B0FojrEFDOD7OFWTDjEuDjAhJXsVmQ31WN\"}]}\r\nvary: accept-encoding\r\ncf-ray: 985ad5052ad37127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":437,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text, with no line terminators","md5":"edf433826814554115bd765290e0d436","sha1":"1cb1a9dc3204530a6de52e78477aa81db2b8a7a4","sha256":"dc3553bc02e1423e4b67cd2581e8e167f9827f780186a496d55e71e44fe6d8c7","sha512":"33f6b523af4709a07c03b72f7e2858c05a6ed45bc5c1d63b4ee1bbd3cfd6f5fb2238a387303d8e4cc46c089e094b1c734c2d8570da898b4cfeff5d7c04c2c06f","ssdeep":"","tlshash":"c720000000000000000000000000000000000000030000000000000000000000000000","first_seen":"2023-11-03T18:35:23Z","last_seen":"2026-04-16T11:14:17.872453Z","times_seen":452,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"66387795cyr.com/8d0342d851f4479bb91574463ffcd666.gif","fqdn":"66387795cyr.com","domain":"66387795cyr.com","tld":"com"},"ip":{"addr":"208.98.45.140","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"66387795cyr.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 17 Sep 2025 00:00:00 GMT","end":"Tue, 16 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B1:84:72:1C:36:29:EF:A7:DD:D7:C0:BE:0A:57:2E:83:A4:4D:01:E9","sha256":"4C:13:F4:62:59:6C:F7:46:86:F9:1A:85:EC:E4:A7:6C:66:D4:7B:A2:64:ED:F7:07:41:CB:42:E6:0C:FA:80:CD"}}},"request":{"raw":"GET /8d0342d851f4479bb91574463ffcd666.gif HTTP/1.1\r\nHost: 66387795cyr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 566054\r\nlast-modified: Thu, 18 Sep 2025 09:20:08 GMT\r\netag: \"68cbcec8-8a326\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":566054,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"e75c11d21c6ee27bedbef65804a29648","sha1":"54576e99b183b63c2d964eed296d18a2b3e1c70a","sha256":"4133028ac6449f416fd943d7e9dd4f8f1e6d6c5585a7245d3cc3cd54eaeeafb3","sha512":"68ff2aaaf3c1849e63108a265c8c429ead3fdda78a244a0ed080eb470e44b6244c25ca862dabe177f08219d378a0d2ef8193b26a7e3c77cb1611dadd902e87c3","ssdeep":"12288:D89ucaJPucaJPucaJPufX5tttPjxJd3xJd3xN:tsssv71JPJPN","tlshash":"0bc42292049c0ca8f7b408d6acef9ed7acb727144431ad0b339ab6d913c546567e68b3","first_seen":"2025-08-22T07:35:44.220343Z","last_seen":"2025-10-18T03:40:06.99283Z","times_seen":222,"resource_available":false,"data":null}},"time_used":1935,"timings":{"blocked":-1,"dns":656,"connect":156,"send":0,"wait":211,"receive":721,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"66387795cyr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic2.imgdd.cc/item/68ba8dbb5c6a33cf8ff545b2.gif","fqdn":"pic2.imgdd.cc","domain":"imgdd.cc","tld":"cc"},"ip":{"addr":"172.64.40.153","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pic2.imgdd.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 Aug 2025 00:50:34 GMT","end":"Tue, 11 Nov 2025 01:50:31 GMT"},"fingerprint":{"sha1":"3C:54:78:5D:17:24:BA:63:6C:A0:DC:DA:57:30:1A:0E:72:66:25:6F","sha256":"FA:39:AB:F2:ED:7A:EE:30:E1:A6:A9:C6:E2:C6:21:74:96:C2:01:D9:51:18:F2:80:12:C1:45:E2:1C:7D:60:E3"}}},"request":{"raw":"GET /item/68ba8dbb5c6a33cf8ff545b2.gif HTTP/1.1\r\nHost: pic2.imgdd.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 29924\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncf-bgj: imgq:100,h2pri\r\naccept-ranges: bytes\r\ncf-polished: origSize=29931\r\nlast-modified: Fri, 05 Sep 2025 07:14:03 GMT\r\ncf-cache-status: HIT\r\nage: 107501\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bh0utpmaC%2F1jrCYrgmji%2Fj7mLD0kTkKp8UwWQFLLjpwwLPPUKuJn4ARwEkMTMSbHthF9Dfp9jvI3sGr33Pepmx78wjCuSyWsi%2FU%3D\"}]}\r\ncf-ray: 985ad505f8550b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29924,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"984f674750ec997a1fd6923c7074bf17","sha1":"9cd5f8a105710b117469c9596a581d3fbeb3d0f0","sha256":"ed2d31f34ac0e0c3cf74b45d7926054c65d03d0dc18acbcd9eca15f0e58ffb0c","sha512":"8eda53344265e522dae8d2ad94e6f2cb0385a308c48d1541081bf386ca8bf64765729306ef6b557da4d87399d2fa5e9c37395114b459198e13c2d4b433de8610","ssdeep":"768:9kpccCG/aw/RCWoEqkJFkQ9g81SjxsEsYlNQOEk+Nd:ypCCaSgW3zG8yxTvl7P+/","tlshash":"33d2f119c6c5a650d1d2b4f1636142069849eee3d0bd587811fbeca77d04caebcfaf09","first_seen":"2025-09-10T17:33:37.056231Z","last_seen":"2025-10-14T08:04:18.70906Z","times_seen":257,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":48,"dns":0,"connect":1,"send":0,"wait":9,"receive":1,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gome3f-1005-ppp.oss-accelerate.aliyuncs.com/siteadmin/upload/img/1956991405553025025.gif","fqdn":"gome3f-1005-ppp.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.108","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:01:19 GMT","end":"Tue, 03 Feb 2026 06:31:07 GMT"},"fingerprint":{"sha1":"6C:EE:57:9F:65:29:D7:D3:C1:99:78:B2:75:63:E0:EE:44:D4:84:F4","sha256":"B7:0E:2A:7E:2D:89:E5:97:44:5D:54:7F:D1:95:50:EF:72:09:42:B9:A8:8C:B3:A7:B6:8B:3D:24:9B:AF:45:C6"}}},"request":{"raw":"GET /siteadmin/upload/img/1956991405553025025.gif HTTP/1.1\r\nHost: gome3f-1005-ppp.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sat, 27 Sep 2025 11:58:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 149586\r\nConnection: keep-alive\r\nx-oss-request-id: 68D7D181CB855092549B122E\r\nAccept-Ranges: bytes\r\nETag: \"04097D4E607CBFDBE9E124E719FE0B89\"\r\nLast-Modified: Sun, 17 Aug 2025 08:08:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3490189916732208515\r\nx-oss-storage-class: Standard\r\nCache-Control: immutable,stale-while-revalidate=86400,public,max-age=86400\r\nx-oss-ec: 0048-00000111\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: BAl9TmB8v9vp4STnGf4LiQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":149586,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"04097d4e607cbfdbe9e124e719fe0b89","sha1":"7e1ba0961da9dfe989f890858187118ec97ac016","sha256":"6a6558f884eaf6ecfcf17ae3303bea182cfd28bc1befcc921898ddc7dbb86cff","sha512":"974a5da53bf10bc6486f3f81257edde413073b29d1ef0ca264be6142a1b21d66c8a41edb16b57bf4813917b5c296ad0c05863e63bdc6ecd4d234380df9efd3d2","ssdeep":"3072:5u45KTnJWVa/Kxq8aLm0/gkMPwjYz8wPwjYz8wPwjYm:5u45OdjmF1PwI5PwI5Pwd","tlshash":"95e3022441833c77efbbaabde02147058b49f36e5889b07a34c072c5713c6669fb95b4","first_seen":"2025-08-19T14:55:34.73665Z","last_seen":"2025-10-10T09:40:30.848825Z","times_seen":465,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":85,"dns":0,"connect":21,"send":0,"wait":183,"receive":62,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.baomitu.com/video.js/8.11.8/video-js.min.css","fqdn":"lib.baomitu.com","domain":"baomitu.com","tld":"com"},"ip":{"addr":"3.174.113.65","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baomitu.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 27 Apr 2025 00:00:00 GMT","end":"Thu, 28 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:D8:9D:CD:3F:9D:0E:C2:9D:87:F7:FB:9A:9F:CE:1E:3B:FB:4D:8A","sha256":"D0:D1:93:F4:86:C9:C6:E8:13:99:C4:15:85:A7:81:69:02:5C:4D:8D:B8:F8:70:67:43:BF:1C:FC:6E:BF:BE:3A"}}},"request":{"raw":"GET /video.js/8.11.8/video-js.min.css HTTP/1.1\r\nHost: lib.baomitu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 45760\r\ndate: Wed, 14 May 2025 00:58:07 GMT\r\nx-qstatic-hit: 1\r\nlast-modified: Mon, 01 Jan 2018 00:00:00 GMT\r\netag: W/\"50432b46b3c0f221\"\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncache-control: s-maxage=315360000, max-age=315360000, immutable\r\nexpires: Sat, 12 May 2035 00:58:07 GMT\r\nkcs-via: HIT from w-fc03.lato;MISS from w-sc04.bjwdt\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8faaeb2babd4389379340cf1f074266a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P6\r\nx-amz-cf-id: ewzd2uIZzveElLPjBhnRiN8oavOm50xLTImdhZLs2xCZjydmbzJ7rQ==\r\nage: 11790048\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":45760,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (45760), with no line terminators","md5":"9576cae2eb08f656230aed0e26732fbe","sha1":"3f2acbd2eb0ddae7c5fa0ebd81a892760a809746","sha256":"87590de8c7bcfa547adf9a7924bdb91a1733cb7ac308c40d5bbff34f82734dd9","sha512":"ef2816c090a412c23bb0da97b47c99bfe5bd78267002035c630695eed74bbd6b43c539804892f28a01ce86e7ddce217cd764bdf469c033c26e0c8736f8fa648b","ssdeep":"768:GVGmgN6zb1wM1EVXjbrhomAUvN6wwJCDDV7Dz:9mgs9l1EVXjumAUvN6wwJCDDV7Dz","tlshash":"6e238650f418cef9133e8181edc0eb26d33ef429dd9168a4e5677e6c8dea187252b2d4","first_seen":"2024-03-28T05:58:57Z","last_seen":"2026-04-23T23:03:56.972333Z","times_seen":1467,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":32,"dns":0,"connect":15,"send":0,"wait":56,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.asdf010.com/3391/1372/1372-300x200.gif","fqdn":"txdy.asdf010.com","domain":"asdf010.com","tld":"com"},"ip":{"addr":"61.170.77.88","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.asdf010.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 11 Aug 2025 00:00:00 GMT","end":"Sat, 08 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"9D:B9:12:D2:FF:03:B1:12:4A:A9:BB:8C:63:B3:8E:4C:13:B2:AD:A2","sha256":"2D:73:98:56:B7:1B:30:BB:FB:0B:0C:FA:42:4B:EC:F8:10:1F:14:E5:AE:C5:D1:6E:34:F5:D8:13:11:93:AA:01"}}},"request":{"raw":"GET /3391/1372/1372-300x200.gif HTTP/1.1\r\nHost: txdy.asdf010.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 347651\r\nstrict-transport-security: max-age=5184000\r\ndate: Fri, 19 Sep 2025 17:14:54 GMT\r\nexpires: Sun, 19 Oct 2025 17:14:54 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache38.l2cn3160[0,0,304-0,H], cache33.l2cn3160[2,0], ens-cache12.cn6020[0,0,200-0,H], ens-cache1.cn6020[2,0]\r\nlast-modified: Mon, 20 Jan 2025 12:25:02 GMT\r\nvary: Accept-Encoding\r\netag: \"678e409e-54e03\"\r\nage: 672243\r\nali-swift-global-savetime: 1758302094\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 23 Sep 2025 10:36:36 GMT\r\nx-swift-cachetime: 2270298\r\ntiming-allow-origin: *\r\neagleid: 3daa4d1517589743375194238e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":347651,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 300 x 200","md5":"8a346a87b5a8b767acfde443800e7599","sha1":"125dfb57c1a6f8eb4ceb6439bed49de2ae2f7ec2","sha256":"9687cb1ca31d25536ee24d731ac58495a7007a131727e514e5c594032f3a5fda","sha512":"8b0931843710eb859915e7f081d1f3d0689986cb7e6ecdaa2e5034b5442beaaf8a95b06525cde6f9f710029e206067b909f86b30f8bf85aa64245b83cdaced7f","ssdeep":"6144:KTXAiZfKOtVLXGaHpU3FnXgfLmypt3/GFvCulgyMDQ9Aqu3PVX7zQmZ2vjIbL:qAiZfxtVXlHyVX+m+/Ov5gyT9AqufxQO","tlshash":"fc74232d9e77b343f9310faf85baa4f7871fbf51226713e4f2c59b4a689826d5400980","first_seen":"2025-01-25T18:45:03.52357Z","last_seen":"2026-01-24T19:53:08.926511Z","times_seen":1989,"resource_available":false,"data":null}},"time_used":2273,"timings":{"blocked":682,"dns":0,"connect":0,"send":0,"wait":917,"receive":439,"ssl":235},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.jiuse3.cloud/hls/945905/index.m3u8?t=1758977840\u0026m=KsQrgxUGo24DxCXqkGrHGQ","fqdn":"cdn2.jiuse3.cloud","domain":"jiuse3.cloud","tld":"cloud"},"ip":{"addr":"23.237.196.139","port":443,"asn":30058,"as":"FDCSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jiuse.cloud","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Sep 2025 19:46:35 GMT","end":"Wed, 10 Dec 2025 19:46:34 GMT"},"fingerprint":{"sha1":"E5:12:80:F0:31:60:54:04:8F:19:F4:FC:16:26:C6:13:FE:78:B7:B6","sha256":"57:15:E6:87:BC:5E:13:29:77:37:57:03:83:55:6B:A7:F3:19:17:4D:75:38:11:56:57:DC:4E:0F:4C:1D:70:E8"}}},"request":{"raw":"GET /hls/945905/index.m3u8?t=1758977840\u0026m=KsQrgxUGo24DxCXqkGrHGQ HTTP/1.1\r\nHost: cdn2.jiuse3.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://9xx656.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 11:57:18 GMT\r\ncontent-type: application/vnd.apple.mpegurl\r\ncontent-length: 12938\r\nlast-modified: Mon, 18 Mar 2024 17:01:11 GMT\r\netag: \"65f87357-328a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nserver-id: FDC-LA-100G-32T\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12938,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"b1981e3475840f7be05e04c795770f82","sha1":"8de1c7b701fd50b8eeb79b5180d843926b1dd960","sha256":"417a93ec3ded480a0f7c423071e763e92b2ecfa0754b92033b47ffa8d73c5b4b","sha512":"4eb792193bbe6961bfee33d0dea8d074c74eba10af5be61ecbdc0609b583b37375d6a42080c116029377fb5339f0d59ab433b5f8a35be486744068f837dab565","ssdeep":"48:OfpDjbWn5OBMRC4+efQ2XQfcJzDKBqtte5KvuppLn/IH52HxA/+A+c:OfhCnCeI2WqGBitJupRgHoHm2AN","tlshash":"8742a546d08971dd005e8e69fa825cd6d21f9ca2fe5deed0e8a54bd104b2a732bcc037","first_seen":"2025-09-27T11:59:25.90949Z","last_seen":"2025-09-27T11:59:25.90949Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1914,"timings":{"blocked":0,"dns":1259,"connect":163,"send":0,"wait":163,"receive":162,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lib.aidegelin.cn/dom2/js/app.js?t=2000","fqdn":"lib.aidegelin.cn","domain":"aidegelin.cn","tld":"cn"},"ip":{"addr":"172.67.211.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lib.aidegelin.cn","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 11:29:40 GMT","end":"Wed, 26 Nov 2025 12:29:36 GMT"},"fingerprint":{"sha1":"31:6C:07:B3:77:9B:EC:F9:BE:1D:F9:F2:61:15:A8:89:D2:0E:A3:BF","sha256":"6B:66:D7:76:BA:7A:20:28:15:90:4F:F5:5D:6C:F8:74:39:C8:6C:1C:B7:23:50:D5:DA:BD:6B:50:4C:86:EA:9D"}}},"request":{"raw":"GET /dom2/js/app.js?t=2000 HTTP/1.1\r\nHost: lib.aidegelin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 12 Aug 2025 16:38:53 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=srUWrK%2BnMN4dKMSmn45d6srZxJvxn%2B8SLTkw3nxj3ffKzBbM8yfTPpF%2BKzrpCAh1yjlVt5cngFCZv8JxiuUC%2BZlvMqxqQW4TpXm1Ar6UBiM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"689b6e1d-5054\"\r\ncache-control: public, max-age=86400, stale-if-error=604800\r\ncontent-encoding: gzip\r\nage: 56410\r\ncf-cache-status: HIT\r\ncf-ray: 985ad5043b35120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20564,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"7a3f4fceac3aaa07ab39c37a1a57cb23","sha1":"64335fd33622b3e834d1692052140fb5c9f0f38d","sha256":"e69a3bbbf99aa148d69fbbdcf7d235e5e449493d0541a1b9838cc9173acfc5df","sha512":"960f3a4573dcf295162ff75b631dbbf6c550fe54fb00386fd1a89c9f14c193a644c2e860567a13cdc59d0fd8b77eaf4435e2e2753ca34efa7e938d86b17380e4","ssdeep":"384:dY4LdPWuR7zRWL+OiTYAzWw4hZyJcPLWgueje:dYM9puyJcPL4eje","tlshash":"4e925e0d63fd14238b5370b89e4e59013625a41f580b9e1cbe5d63c42f8aa39d5b9ff8","first_seen":"2025-08-16T10:36:16.595403Z","last_seen":"2026-01-13T10:53:12.969531Z","times_seen":885,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"72939229dww.com/59efc9e6fdcf477dbac83d170f3b31da.gif","fqdn":"72939229dww.com","domain":"72939229dww.com","tld":"com"},"ip":{"addr":"104.160.179.230","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"72939229dww.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 17 Sep 2025 00:00:00 GMT","end":"Tue, 16 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"EF:0A:03:05:E2:CF:F0:74:F0:BA:39:98:AA:F8:B1:63:AF:32:4D:C2","sha256":"18:19:58:40:00:2F:A5:0F:AA:18:6B:1C:0F:14:9D:54:B8:FD:06:C0:6B:1B:41:3B:2A:34:21:69:AB:4B:99:C9"}}},"request":{"raw":"GET /59efc9e6fdcf477dbac83d170f3b31da.gif HTTP/1.1\r\nHost: 72939229dww.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 384361\r\nlast-modified: Tue, 26 Aug 2025 06:51:13 GMT\r\netag: \"68ad5961-5dd69\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":384361,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 80","md5":"bdfbacfa55ac9e1f1f528b65edafb574","sha1":"7c9a20cad7250236396003fdcdfe7ba9f9971184","sha256":"bb968aa373f13190036f9178f567e37934a58cfa7287249b35ce3cedab50ae15","sha512":"23fc1506a9793e9263730c041bd8bcb6b02df1fec73ec6a2faf5e997d32cd6ee33a29afa5e16b06f97cf5eb81097cf2cdb5d972bea87af228bf7fd7b548e7cbe","ssdeep":"6144:+s9fbI/0MTmF/0MTmF/0MTmFaofFoabrfFoabrtdjvWkvjRKvWkvjRKvWaKdvPTl:Z947mR7mR7mhhBtHrRKHrRK0zp34p347","tlshash":"7a841283d0918bad56c386e069886b53bc73eedb14363e73a8e55a1453c35d92cc836f","first_seen":"2025-08-25T08:05:39.912625Z","last_seen":"2026-01-11T01:47:01.266103Z","times_seen":1726,"resource_available":false,"data":null}},"time_used":2769,"timings":{"blocked":978,"dns":667,"connect":145,"send":0,"wait":202,"receive":608,"ssl":167},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"72939229dww.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xm99.img4758972832.com:5658/8888/xm/5088/320x185.gif","fqdn":"xm99.img4758972832.com","domain":"img4758972832.com","tld":"com"},"ip":{"addr":"156.231.115.236","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xm99.img4758972832.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 15:42:46 GMT","end":"Fri, 19 Dec 2025 15:42:45 GMT"},"fingerprint":{"sha1":"A1:E8:B9:C1:2B:B2:AE:55:F3:E5:04:F1:F0:FE:37:5A:14:45:89:F0","sha256":"F7:A8:5B:87:DA:4D:EF:9F:10:67:8E:83:0E:58:6C:E5:CF:FB:74:7C:79:59:71:07:FF:38:E5:1A:F8:63:B8:08"}}},"request":{"raw":"GET /8888/xm/5088/320x185.gif HTTP/1.1\r\nHost: xm99.img4758972832.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 234703\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Sat, 21 Sep 2024 11:54:44 GMT\r\netag: \"66eeb404-394cf\"\r\nexpires: Sun, 26 Oct 2025 21:50:42 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":234703,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 320 x 185","md5":"f1d71d1088c847362bc77a52587d42cb","sha1":"6af460de20fd8dbe7c9f1cbc8bfe1e5e1da8251f","sha256":"4ea1780ec68a19f97755619c508a1448241f53a0b8603cbbe01c94b43577e08e","sha512":"930e747744a5bfbcb47ce9c15535cf0560b318795a86d9f937eabd4208fe2558c3abafb6d14d223cd7dab77d363649377645d29c6ac31e07d47b81f0d8353d3e","ssdeep":"6144:8LITGEdGkNrEdGkNrEdGkLo2EiIk3EiIk3EiIkkyCoqgwEzkQEzkQEzkQEC:8LIiEdGQrEdGQrEdG0lEiIGEiIGEiI0j","tlshash":"7134f1ce1624c3c1236e598715ee5a9d741f94aa624c4c327b7dcc0cf4d3fea92886a7","first_seen":"2024-12-03T18:32:46.314231Z","last_seen":"2026-04-26T02:14:05.943276Z","times_seen":2278,"resource_available":false,"data":null}},"time_used":2360,"timings":{"blocked":528,"dns":0,"connect":262,"send":0,"wait":262,"receive":1042,"ssl":266},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"xm99.img4758972832.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.rmb.bdstatic.com/bjh/3ee3d89847d/250521/fccb3f44322eaf9efc2d31bc11f3b4e9.gif","fqdn":"pic.rmb.bdstatic.com","domain":"bdstatic.com","tld":"com"},"ip":{"addr":"116.114.98.35","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:57.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pic.rmb.bdstatic.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 11 Feb 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:5E:62:4B:78:94:EE:51:7B:90:C6:4C:EA:D1:9D:4C:58:2B:16:39","sha256":"E1:3B:45:92:8E:24:F5:C4:0F:33:C1:0F:FF:43:64:1A:06:7F:E2:82:E7:7F:A5:BB:40:F1:C8:2B:8F:2B:28:15"}}},"request":{"raw":"GET /bjh/3ee3d89847d/250521/fccb3f44322eaf9efc2d31bc11f3b4e9.gif HTTP/1.1\r\nHost: pic.rmb.bdstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 11:58:58 GMT\r\ncontent-type: image/gif\r\ncontent-length: 368765\r\nexpires: Wed, 17 Sep 2025 07:29:15 GMT\r\nlast-modified: Wed, 21 May 2025 08:16:31 GMT\r\netag: \"be5d409eb176eae6100fb51d34b19bca\"\r\nage: 497928\r\naccept-ranges: bytes\r\ncontent-md5: vl1AnrF26uYQD7UdNLGbyg==\r\nx-bce-content-crc32: 3207162974\r\nx-bce-debug-id: qw6SbW25jQrhAhF/sqCOlOwuRO5/EY+oAtmaQkYNgmzdQI0wcywKnlwpVTAKuA5aAxBvpW9u3c2idE615R7Fng==\r\nx-bce-flow-control-type: -1\r\nx-bce-is-transition: false\r\nx-bce-request-id: 19e6d64a-5299-473a-b07a-07ad2498ac35\r\nx-bce-storage-class: STANDARD\r\nohc-global-saved-time: Sun, 14 Sep 2025 07:29:15 GMT\r\nohc-cache-hit: als3un66 [2], suzix66 [4]\r\nohc-file-size: 368765\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":368765,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 320 x 185","md5":"be5d409eb176eae6100fb51d34b19bca","sha1":"4e5d75961cb02e157ffda59d430b4726a1fc4bd7","sha256":"dcd00296bb51dbc3d39789659342b7de63fd2bb257f9e0f9b8006cc1c3170729","sha512":"3a094613dff233ba6f23a5b81ec8e9646f8322e7b17f6155cd3c3f3fd8c8bfe7ab08b99e45006b95149db23f8887a07dd0f00d78801781ffaa98a76fc4894c00","ssdeep":"6144:7Yzuq1uCxHy+JJE3PgVt92k84bw9qsvwtYyxNAqsvwtkOmDa7AFaIEMLbUcthsqG:oT1BQau4bpsvKYAsvKkVAAgwbfti0tM","tlshash":"307423ad1a761bf56a9fad82dc17078e83204a01b02b259b6d4cced4409d3eb7dc8573","first_seen":"2025-07-21T12:24:21.051965Z","last_seen":"2025-11-04T06:46:52.849474Z","times_seen":919,"resource_available":false,"data":null}},"time_used":1319,"timings":{"blocked":0,"dns":0,"connect":200,"send":0,"wait":202,"receive":693,"ssl":224},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9xx656.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"9xx656.xyz","domain":"9xx656.xyz","tld":"xyz"},"ip":{"addr":"104.21.44.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9xx656.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 05:12:40 GMT","end":"Thu, 27 Nov 2025 06:10:19 GMT"},"fingerprint":{"sha1":"B8:0F:1B:BA:C6:6D:C8:50:9C:06:B6:4C:8B:BC:72:2B:62:35:1A:F9","sha256":"B4:3E:AB:88:26:F5:E8:A3:DB:14:88:86:30:67:60:71:D3:42:DC:2E:5B:DB:0B:70:8B:72:CB:80:BD:C8:A4:B1"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: 9xx656.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Sat, 27 Sep 2025 12:46:56 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aO9fy2HAR1%2F6cKYtq1u2Ba1AHHrWdy9m%2FaK5ShkRLwjbJ0GCPjJIR8lCXwI3Bgs7qShFSFdicbsX5BGJxPomPiga%2BxPqJpSs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 11:58:56 GMT\r\ncf-ray: 985ad5042ac97127-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-26T08:03:40.797317Z","times_seen":313385,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tu.365tp.cc:6565/65960x60.gif","fqdn":"tu.365tp.cc","domain":"365tp.cc","tld":"cc"},"ip":{"addr":"154.16.27.74","port":6565,"asn":138997,"as":"Eons Data Communications Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tu.365tp.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 17:16:54 GMT","end":"Thu, 11 Dec 2025 17:16:53 GMT"},"fingerprint":{"sha1":"A6:DB:0C:15:05:75:2B:A4:1E:EB:3C:17:2E:73:43:77:71:29:13:3B","sha256":"63:96:69:3B:3F:B2:CD:73:CF:6B:A1:92:7F:A1:F6:88:9C:29:A4:0F:8B:93:E8:CB:63:E8:3F:0A:36:B4:B4:E8"}}},"request":{"raw":"GET /65960x60.gif HTTP/1.1\r\nHost: tu.365tp.cc:6565\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 349336\r\nlast-modified: Fri, 12 Sep 2025 09:15:29 GMT\r\netag: \"68c3e4b1-55498\"\r\nexpires: Mon, 27 Oct 2025 10:43:42 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":349336,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"c7a5b8ec0ad085adfc47427926da5f8c","sha1":"cf24e8df24f9c07a52f5c6ed083fb6b662a7f464","sha256":"7e1b4187587e5fb281811c778fb7650eb6abab2c7a365231ca85ed9d1b702705","sha512":"794ae6fcb36a4cbbbb3ebd9cc64a9d380fdb7690b12564697b8a74c44bcbbcc8475ca91c2654638909def91abcd0042023fc19ce9dd248aa9d2dee1d0ed7a2cc","ssdeep":"6144:nKvjtvHs52dmAaWFDn+FasxjpcCUs+NGvwh2talaBTSt5tkm3iUqXIo0zO4Bab3Z:eR7TaWDGast2CZP4h2QWKkm3LyJ4BaTZ","tlshash":"6b742379c8734d89601f8b37352bcf33f0d7408cfaa2b2a69d1a7e3d590846961b8365","first_seen":"2025-09-14T22:47:19.434601Z","last_seen":"2025-11-15T07:36:43.445437Z","times_seen":1006,"resource_available":false,"data":null}},"time_used":1425,"timings":{"blocked":73,"dns":0,"connect":176,"send":0,"wait":177,"receive":815,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"tu.365tp.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"tu.365tp.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pg99.img8877710715.com:5658/8888/pg507/pg80.gif","fqdn":"pg99.img8877710715.com","domain":"img8877710715.com","tld":"com"},"ip":{"addr":"156.231.115.236","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pg99.img8877710715.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 15:42:49 GMT","end":"Fri, 19 Dec 2025 15:42:48 GMT"},"fingerprint":{"sha1":"B5:6F:26:80:D1:33:9D:69:92:00:9B:1F:CE:9E:DA:2A:53:E1:7A:27","sha256":"12:50:E0:88:0D:4B:B9:EB:1A:14:1C:27:45:84:63:9F:25:C8:40:8A:48:E6:A1:BD:58:A3:8C:D6:16:71:A5:C5"}}},"request":{"raw":"GET /8888/pg507/pg80.gif HTTP/1.1\r\nHost: pg99.img8877710715.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 559956\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 05 May 2025 10:11:05 GMT\r\netag: \"68188eb9-88b54\"\r\nexpires: Sun, 26 Oct 2025 21:50:41 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":559956,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"02449f7014fca4dfa9d5f399da12b4ad","sha1":"6b166e477f2abdc3de9c81c2aaf9fdaeb20308e2","sha256":"a8d9f157ba36d09879a605db3abe2ff4537c4f13fd6e446608cde279ad0eb30d","sha512":"ebe66453f6e4666c4f4047bdd0af9d8f96659a8f6958171294b8f98b084537ab404402bf349fa1a2547309a5a6b6fc84377cca1e39e2a04b4d7a78a1e58a8381","ssdeep":"12288:YgggUtmJcFfmJcFfmJcFfmJcFfC/PhPhPhPhPO9xkrxkrxkrf:YgggUgc4c4c4c8d","tlshash":"4dc4128dfe769723496331b8c34caa5284b7adf82c75c94761ebc0b4983614126fdc7a","first_seen":"2025-05-24T14:20:55.952511Z","last_seen":"2025-09-29T03:22:58.898419Z","times_seen":864,"resource_available":false,"data":null}},"time_used":2142,"timings":{"blocked":109,"dns":0,"connect":245,"send":0,"wait":245,"receive":1290,"ssl":252},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2025.zqbao.vip/508166/960x80.gif","fqdn":"2025.zqbao.vip","domain":"zqbao.vip","tld":"vip"},"ip":{"addr":"166.88.164.158","port":443,"asn":26383,"as":"ASNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9xx656.xyz/video/view/d47851ac96fd6f0d88e6","date":"2025-09-27T11:58:56.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2025.zqbao.vip","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Aug 2025 06:28:31 GMT","end":"Thu, 30 Oct 2025 06:28:30 GMT"},"fingerprint":{"sha1":"96:3E:6D:F7:26:A0:BF:44:A7:9F:53:E7:79:08:BA:10:AF:30:68:E0","sha256":"88:45:D3:C6:37:45:18:4F:C8:86:E8:44:7D:ED:69:B0:E0:3A:D5:E4:F9:1F:D7:F0:A0:58:3E:92:7E:B8:FA:13"}}},"request":{"raw":"GET /508166/960x80.gif HTTP/1.1\r\nHost: 2025.zqbao.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9xx656.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 11:58:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 375620\r\nlast-modified: Wed, 11 Jun 2025 13:50:20 GMT\r\netag: \"c6d7ccc5d7dadb1:0\"\r\nx-powered-by: ASP.NET\r\nserver: superedge\r\nstrict-transport-security: max-age=31536000;\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":375620,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"2629f618e97fed00ee0333e2a3842ad6","sha1":"5ce71b4e2f12a6934dc215cd4b6e13e3aabe8257","sha256":"e1e02b9576761c6c98ea6842bbcfd056355944ce2e2117692fbcb0770baefe16","sha512":"f4e047bd1806e083b1135c58dc5de11ed53ee91d9b2e5fdabb348b2a36b9aa4ca195e7bbac6c2c2721a8f179457f36c492e8e47441e2879f99a6ebd151d778f8","ssdeep":"6144:+/PEAKbkXlzgZ1KbkXlzgZ1KbkXlzgZ1KbkIj+4IINj+4IINj+4IINj+4IIB:NAP+Z1P+Z1P+Z1wj+4IOj+4IOj+4IOj3","tlshash":"39841232f26c6046d41a414516b177d2128cad647bcab93240fef7b05b34bea4eedf92","first_seen":"2025-06-12T14:42:19.916656Z","last_seen":"2026-01-25T04:55:48.450867Z","times_seen":1906,"resource_available":false,"data":null}},"time_used":1726,"timings":{"blocked":147,"dns":308,"connect":158,"send":0,"wait":158,"receive":634,"ssl":321},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}