{"report_id":"79d6398e-1353-45d4-9c02-0950cf5cb03b","version":6,"status":"done","tags":[],"date":"2026-04-21T10:49:25Z","url":{"schema":"https","addr":"orionstars.site","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":0,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"final":{"url":{"schema":"https","addr":"orionstars.site/","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"title":"Orionstar Casino — Work Application","dom":{"size":9216,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (405)","md5":"3fb783721b6c1f06fc85c85f984f6810","sha1":"11a2ad293c33ca2a1cbc2875ff86807ef6959ee7","sha256":"b1c672fde94d2a37779533491f9b4cfa3aaf2b657df6fd9b05aeecfec92e77c3","sha512":"6df5db72b902486d89b9be724f0c0c4a1351ac28195273976339cfeddfce08df073bceb8075d44f10e93e0a23214b6518184b44685733047b887a14844787b97","ssdeep":"96:nIRmNnSS7KqzPzV5/WOKdjMQ2YXjkiTS7Sg4Gxzcl8bgkR2k3LMTFuZj:WASObzPz/HKdjMznOHkAtRmj","tlshash":"6812756054f55877019b80d57aa55b1b7ee1fa07ce8b6200bbbd8bd10febc82de23115","dom_hash":"domhash08a47e59a5e3e7e2e2753243245e5823","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"orionstars.site","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":0,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-26T10:49:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-19T22:16:46.237507Z","alert_count":0,"request_count":5,"received_data":160079,"sent_data":2824,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":1,"received_data":6776,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"orionstars.site","ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"domain_registered":"2026-04-21","domain_rank":0,"first_seen":"2026-04-21T10:49:25.933033Z","last_seen":"2026-04-21T10:49:25.933033Z","alert_count":0,"request_count":5,"received_data":63175,"sent_data":2215,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"images.unsplash.com","ip":{"addr":"151.101.130.208","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2013-05-29","domain_rank":86676,"first_seen":"2015-08-06T06:03:25Z","last_seen":"2026-04-15T14:18:38.441181Z","alert_count":0,"request_count":1,"received_data":406240,"sent_data":485,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"orionstars.site/script.js","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":false,"md5":"589747022478da1c46722874e8f71487","sha1":"395b618f1cd4595a7bee886cf801316ffef9405e","sha256":"718f5a61a8e38e3a2f931502714efba30bee7b6f7bf8c31d60e21e52ea32dee6","sha512":"b26270d093ed7355b3b43eaf6f4378f94ba3f62ddd34984b3d1ae793991298a09291e03b1b9682b4f84b26f515b55e299f5525a29efd5b8ad4170b3810952b8a","ssdeep":"192:9Aw1X8kWc6skhOvqF5kbMrhEOuhRrQUWSFfgAKXHB8Ld/7gz+g:yOMFovumOGRiOLd/7gz+g","tlshash":"5f22207b316118347fbadbbf63968394b82531023d02a186b99c35454ffce952066ff8","size":10536,"data":"","first_seen":"2026-04-21T10:49:30.868672Z","last_seen":"2026-04-21T11:00:29.297122Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"orionstars.site/apple-touch-icon.png","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"orionstars.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 01:29:20 GMT","end":"Mon, 20 Jul 2026 01:29:19 GMT"},"fingerprint":{"sha1":"15:41:C7:D8:11:D7:D8:63:93:DD:A8:75:E8:AF:AF:FF:B8:37:02:B7","sha256":"98:2A:9C:A2:89:26:31:61:70:20:CB:0B:A9:FF:57:B0:C1:28:A6:A7:E4:FA:7F:D5:CE:53:DC:98:38:3B:DA:8B"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: orionstars.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orionstars.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 28 Apr 2026 10:49:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 21 Apr 2026 00:48:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 26282\r\ndate: Tue, 21 Apr 2026 10:49:04 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":26282,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"fe09dcc4c73f8fb234e3d76ee6ed4abc","sha1":"0d06235a086c0280f6a0ea14ff63b0e2059c2cbf","sha256":"f5a9a9a714ff5a6714d24de4b81d1eb0697bc6c43f66ecc0e3daa5764ef86c62","sha512":"e40357b8a74df2237ede5f6025b0ae3fe86ef90207bd6e7bb945b358a7d127753750c3747636fdc2ed19c191f18a9e9977a04caec342301fa7791201a9551a2f","ssdeep":"768:gIurGxuU2irIMgfsBwZ538kI9KuB12gBqTYjj:zuQuUbsMgfEA5NIwK127w","tlshash":"4bc2f111bd32fc12c7245903f601128a64893aa75f3e983436e9c97ca7b0796f3d7683","first_seen":"2026-04-21T10:49:30.852215Z","last_seen":"2026-04-21T11:00:29.303893Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orionstars.site/style.css","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:03.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"orionstars.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 01:29:20 GMT","end":"Mon, 20 Jul 2026 01:29:19 GMT"},"fingerprint":{"sha1":"15:41:C7:D8:11:D7:D8:63:93:DD:A8:75:E8:AF:AF:FF:B8:37:02:B7","sha256":"98:2A:9C:A2:89:26:31:61:70:20:CB:0B:A9:FF:57:B0:C1:28:A6:A7:E4:FA:7F:D5:CE:53:DC:98:38:3B:DA:8B"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: orionstars.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orionstars.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 28 Apr 2026 10:49:03 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 21 Apr 2026 01:22:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3550\r\ndate: Tue, 21 Apr 2026 10:49:03 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":14829,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"2573c845a26437050c82d1999b51fcfe","sha1":"1f7328c498fc76f29b66479ce1ec09664be688cb","sha256":"54a1337942c24ebf4c26cc8478a2605ff60b1d47bfacec08e253f9a5f037a360","sha512":"da8eb98fcf68a79474848befcb3ea5ed70727cb317956e5185618decbb56027a3a97b8d7777fc77d1749831b6a91893e3919ff0ce94f9395ef6690b04c4c63a1","ssdeep":"192:lFugYRJzb+0ObicS7Ewb+FmrDEVI67ID6GkbakM4bdMYBL3znmTxFg3/5NyF:fwhP6DoYl75k","tlshash":"6d522f71520162057032de1dabb79eaca518b012f90747acba8570d5cffe1a6ce64fbc","first_seen":"2026-04-21T10:49:30.855123Z","last_seen":"2026-04-21T11:00:29.293314Z","times_seen":2,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.unsplash.com/photo-1596838132731-3301c3fd4317?q=80\u0026w=2070\u0026auto=format","fqdn":"images.unsplash.com","domain":"unsplash.com","tld":"com"},"ip":{"addr":"151.101.130.208","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:03.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.unsplash.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 12 Aug 2025 01:21:13 GMT","end":"Sun, 13 Sep 2026 01:21:12 GMT"},"fingerprint":{"sha1":"46:28:F0:69:6F:53:FC:9F:BA:6A:73:37:D0:D7:C8:87:AE:06:47:7A","sha256":"80:93:A2:9A:83:84:21:A8:A0:ED:D9:72:A8:E3:4D:EC:8E:A5:E4:4B:42:68:17:09:AA:D6:6C:7C:1B:9D:2A:48"}}},"request":{"raw":"GET /photo-1596838132731-3301c3fd4317?q=80\u0026w=2070\u0026auto=format HTTP/1.1\r\nHost: images.unsplash.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orionstars.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-imgix-id: 9c1924986fcb9272ffebf1dd69e5f89ff9e7f2f9\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 21 Apr 2026 04:01:29 GMT\r\nserver: imgix\r\ndate: Tue, 21 Apr 2026 10:49:03 GMT\r\nage: 24454\r\naccept-ranges: bytes\r\ncontent-type: image/avif\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nx-served-by: cache-fra-eddf8230229-FRA, cache-hel1410027-HEL\r\nx-cache: HIT, MISS\r\nvary: Accept, User-Agent\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 405612\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":405612,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"2967100189059cbcdf3769ff7440e392","sha1":"baab539958d8ebe5e529a83f9308bf476bdd439c","sha256":"d96c76a8c510b681531393ab203dc93c07c89df583a9a49e2c746c1d510023a7","sha512":"67a52c500181213c87b44a6dd7eaee760137c5854dbc6cfa4bdda2c22d6d1ace5099b468a7b9050801db840da0f1a539a5db27320844c8e5324cbef7eaefec43","ssdeep":"6144:J5huKUD2FR+7VpdCLFDbsEb3KbLhNrFR2635engooc/xVSIzoqYIO4OLHl2K:JnuTiFRUpIVhOnFU6p04IzUHnkK","tlshash":"488423620171605efe0af27159ec59016a8871fafb33e1d3375ebca8b88cb1255f6931","first_seen":"2026-04-21T10:49:30.857858Z","last_seen":"2026-04-21T11:00:29.299491Z","times_seen":2,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":59,"dns":3,"connect":26,"send":0,"wait":53,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://orionstars.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 23:53:25 GMT\r\nexpires: Sun, 18 Apr 2027 23:53:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 212139\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36932,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-04-22T07:23:18.003416Z","times_seen":19093,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":22,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orionstars.site/favicon-16x16.png","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"orionstars.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 01:29:20 GMT","end":"Mon, 20 Jul 2026 01:29:19 GMT"},"fingerprint":{"sha1":"15:41:C7:D8:11:D7:D8:63:93:DD:A8:75:E8:AF:AF:FF:B8:37:02:B7","sha256":"98:2A:9C:A2:89:26:31:61:70:20:CB:0B:A9:FF:57:B0:C1:28:A6:A7:E4:FA:7F:D5:CE:53:DC:98:38:3B:DA:8B"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: orionstars.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orionstars.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 28 Apr 2026 10:49:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 21 Apr 2026 00:48:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 681\r\ndate: Tue, 21 Apr 2026 10:49:04 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":681,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"3aed63a08a3ea514484233f6448bf28c","sha1":"9c6a3db32a76ca777216144cf0b5fbcafd6a1193","sha256":"cd7dc56e404cfe922d9cdac2927247513aea6ef0222007fb11f41c2222d81bc5","sha512":"1fe36c8386ee51768e940ecd0a2acdf0997ce570e30ed1717cad3ecc86d593960c5ea77a1a2536182b68bad5868e3d784b4334b85fad8843ec0d3d33ef83d684","ssdeep":"","tlshash":"c10183cb3ac20c30f99a01304d6d9e728fb65229b9b20a02d14cccb1c8b1483c017667","first_seen":"2026-04-21T10:49:30.861747Z","last_seen":"2026-04-21T11:00:29.287222Z","times_seen":2,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orionstars.site/","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-21T10:49:03.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"orionstars.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 01:29:20 GMT","end":"Mon, 20 Jul 2026 01:29:19 GMT"},"fingerprint":{"sha1":"15:41:C7:D8:11:D7:D8:63:93:DD:A8:75:E8:AF:AF:FF:B8:37:02:B7","sha256":"98:2A:9C:A2:89:26:31:61:70:20:CB:0B:A9:FF:57:B0:C1:28:A6:A7:E4:FA:7F:D5:CE:53:DC:98:38:3B:DA:8B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: orionstars.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 21 Apr 2026 01:53:54 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2089\r\ndate: Tue, 21 Apr 2026 10:49:03 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9052,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"e3b5ab34f27b95cc17982a783077628a","sha1":"102cd83ed01c3b409af0a032e8c688ba1a1af9dc","sha256":"b251e26472dcc7d649f91145e685a41d2522dc54890b7d30cef867d2db282efe","sha512":"66f7d1c6a72d8575d9a605be31a2aeb601e062759afa2ecaf5e0d04d66478a129fb5970451e8541300120b4f877afaca8c34e976560a93a559041327526c0db8","ssdeep":"96:7RJ1O7vSEPIJXeYtWPr/ETQRZalmdikLTf7rg4Gxz1l8TU1DdL2KII:1rO7aEP2uYtWPr/6QRZalmm5L1DkDI","tlshash":"cf12626050d5187301bb80d56aa95b5bfee29247cf4ba200baecabd72ff7c41de17211","first_seen":"2026-04-21T10:49:30.863956Z","last_seen":"2026-04-21T11:00:29.306215Z","times_seen":2,"resource_available":true,"data":null}},"time_used":322,"timings":{"blocked":150,"dns":111,"connect":17,"send":0,"wait":18,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,400\u0026family=DM+Sans:wght@400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:03.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Playfair+Display:ital,wght@0,700;1,400\u0026family=DM+Sans:wght@400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orionstars.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 21 Apr 2026 10:49:03 GMT\r\ndate: Tue, 21 Apr 2026 10:49:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6090,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6b30d0fcdec9c52906df0412dc1256aa","sha1":"d7e5321af840fb40b3f9abb718da756da152b938","sha256":"55b154d5772068f5ec1aadabd1af9fa97115269584737236ac32f05ac3f50dd4","sha512":"c19cbe747aa4e12caa877903c3cf4cd7cd4e944e4092dd9f437a0904da4fc16922f1010e9db40c2fdaf37939d64198ef558d436495e6c29682819850029d13df","ssdeep":"96:jOEaXsXJc+ufOEaX+L0NkOXaXsXJc+ufOXaX+L0NkOxMaXsXJc+ufOxMaX+L0NMe:UwD+rw8+Owl+5JOK29lMOK29qOK29OXm","tlshash":"cbc1de91046ba610d7435cc227cfbe32ee5f611070459a78affe189cac5bc2a9365b0d","first_seen":"2026-04-05T01:31:39.996575Z","last_seen":"2026-04-21T11:00:29.291757Z","times_seen":3,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":84,"dns":1,"connect":20,"send":0,"wait":35,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orionstars.site/script.js","fqdn":"orionstars.site","domain":"orionstars.site","tld":"site"},"ip":{"addr":"37.49.229.75","port":443,"asn":3920,"as":"ESTOXY OU","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:03.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"orionstars.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 01:29:20 GMT","end":"Mon, 20 Jul 2026 01:29:19 GMT"},"fingerprint":{"sha1":"15:41:C7:D8:11:D7:D8:63:93:DD:A8:75:E8:AF:AF:FF:B8:37:02:B7","sha256":"98:2A:9C:A2:89:26:31:61:70:20:CB:0B:A9:FF:57:B0:C1:28:A6:A7:E4:FA:7F:D5:CE:53:DC:98:38:3B:DA:8B"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: orionstars.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orionstars.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 21 Apr 2026 01:26:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3121\r\ndate: Tue, 21 Apr 2026 10:49:03 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10638,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with very long lines (561), with CRLF line terminators","md5":"589747022478da1c46722874e8f71487","sha1":"395b618f1cd4595a7bee886cf801316ffef9405e","sha256":"718f5a61a8e38e3a2f931502714efba30bee7b6f7bf8c31d60e21e52ea32dee6","sha512":"b26270d093ed7355b3b43eaf6f4378f94ba3f62ddd34984b3d1ae793991298a09291e03b1b9682b4f84b26f515b55e299f5525a29efd5b8ad4170b3810952b8a","ssdeep":"192:9Aw1X8kWc6skhOvqF5kbMrhEOuhRrQUWSFfgAKXHB8Ld/7gz+g:yOMFovumOGRiOLd/7gz+g","tlshash":"5f22207b316118347fbadbbf63968394b82531023d02a186b99c35454ffce952066ff8","first_seen":"2026-04-21T10:49:30.868672Z","last_seen":"2026-04-21T11:00:29.297122Z","times_seen":2,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://orionstars.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 23:53:25 GMT\r\nexpires: Sun, 18 Apr 2027 23:53:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 212139\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36932,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-04-22T07:23:18.003416Z","times_seen":19093,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":88,"dns":1,"connect":17,"send":0,"wait":14,"receive":8,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/playfairdisplay/v40/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtM.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/playfairdisplay/v40/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtM.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://orionstars.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23224\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 20:55:40 GMT\r\nexpires: Thu, 15 Apr 2027 20:55:40 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:48:54 GMT\r\ncontent-type: font/woff2\r\nage: 482004\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23224,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23224, version 1.0","md5":"9401d0214a9375f173f72cc417f6fa06","sha1":"e90a941885a5c6851fe6ca752e5b7a1cc186289f","sha256":"28453852ea165c47b5a941be00e418402e1407002ed87507f062a1e316328fe6","sha512":"8cf427deb06d8440cc0f20e4d783946c689c2cc6bb36db566bdf96898819d63c7b4f468e285bb31446d592a56fb1ba03d12d238b6ac6f1a6dd5d2a2e4437224f","ssdeep":"384:XjWBgfEyvhQi76WoZqn7XdrrTTgBOfdvZhCCKwsrsjxiZxG5juBCu/f3gg4:z1JQi1pfrXwgSA5juIuXw7","tlshash":"9ea2d148097543e5c57213a84b5e9d80dee414b07c2bc1aec8ed8e24edfe9526e8bf5c","first_seen":"2025-09-15T13:37:59.974647Z","last_seen":"2026-04-22T03:32:32.971599Z","times_seen":1369,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":149,"dns":7,"connect":20,"send":0,"wait":8,"receive":2,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://orionstars.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 23:53:25 GMT\r\nexpires: Sun, 18 Apr 2027 23:53:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 212139\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36932,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-04-22T07:23:18.003416Z","times_seen":19093,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":92,"dns":0,"connect":20,"send":0,"wait":18,"receive":3,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/playfairdisplay/v40/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://orionstars.site/","date":"2026-04-21T10:49:04.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/playfairdisplay/v40/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://orionstars.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 17:50:31 GMT\r\nexpires: Sun, 18 Apr 2027 17:50:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 233913\r\nlast-modified: Wed, 10 Sep 2025 16:48:53 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21884, version 1.0","md5":"4450ccfb75331d6c98ed7095f1467b7b","sha1":"226df3c3ce53d8e84b2d0e249c6c3930444797be","sha256":"eabce94d4a69e439cd050755c31f9894ac8a78f93e58b063c6c01f370474e1de","sha512":"bd1751cb130fd7d6036ea0940708d987d3b1e251f3914e0414e06ab799bcf3277ba5cc31ddbd598f75e7ed9c8ec7512a334f9af647ff8828ee2d9cdc275df4ee","ssdeep":"384:wqdmjnoiE5KxbZuDUjKtMr+SvGUdsL96OfsPM+/vk/tH15u+day/fKkjoA23HmHy:D8nCyLjNrbvDdsJHfbgcx1kBynKkjohH","tlshash":"06a2e1b5bbb19f0c8268fe7bad304356d8804d6d6eb6c6428002dfb41c9863bd59e589","first_seen":"2025-06-09T01:39:18.532258Z","last_seen":"2026-04-21T23:18:38.627334Z","times_seen":1081,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":66,"dns":4,"connect":21,"send":0,"wait":22,"receive":3,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}