{"report_id":"a5b49253-a489-4f0f-9b2c-c342ade88f83","version":0,"status":"done","tags":[],"date":"2026-06-28T10:03:19Z","url":{"schema":"http","addr":"1778winoi.com","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"1778winoi.com/","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"title":"1778win - Plataforma Oficial -1778win.com","dom":{"size":27210,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1273)","md5":"f2ff2ce2d72cc56f57ac137c424da603","sha1":"d6923b4dd91c830e38d2104e879294841f05181d","sha256":"6726a76840a8499abd07b079b24eb81c60511738e4822c9b5888c5bae383cb9b","sha512":"7daddf35b9d08b6341342bf92ec39b4cfa078568b6f8a815b16276c31c678261ff3bc02d701e802f42079d96a223083965bb08b222b3783f49635a397f7b00f4","ssdeep":"384:7amx2WPew05BrcTrD0viMvS+fH+yIqIZqiRPeToJU46AAUX44vqIZqiRPeToJU4o:b9ZRn44BZM/2fy47kbNfaW","tlshash":"d6c2f03318f851671326d1895e922b2fbe43d207c9de6a01b2bc1b889fc7ea78d1715d","dom_hash":"domhash930cd9f58d7216af1c29b6dbd205b83b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"1778winoi.com","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T10:03:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"1778winoi.com","ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-02","domain_rank":0,"first_seen":"2026-06-28T00:59:04.941721Z","last_seen":"2026-06-28T00:59:04.941721Z","alert_count":60,"request_count":30,"received_data":773578,"sent_data":15470,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"node91.aizhantj.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-07-29","domain_rank":4549453,"first_seen":"2025-05-08T02:39:02.894071Z","last_seen":"2026-06-22T00:58:44.678009Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":473,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"1778winoi.com/","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"584611c55da0feb744e08560270311de","sha1":"7a0ecade88acee9a1d51f6a81ba0510d4dc6de08","sha256":"eabfd13d4c1ba015aa0e793de0c49439a6ba713a053bbdadba9157938107daa4","sha512":"23dfe7826c6bdda12399a124fb70f98a0e09084bdcec4710e1ecdfe3f8f49b2ce3b378301c6d99f64dde49654e8a9154c2a2c05908cef371efa8f14082f2ba87","ssdeep":"","tlshash":"75d0954f3cd014b2f35700ad0cafc24db01150155c9fc11044ccc5d65d10dd40d696cc","size":253,"data":"","first_seen":"2026-06-15T17:46:56.223391Z","last_seen":"2026-06-28T17:03:27.393175Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/big_bi1jn2y6.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.280Z","timestamp":1782640967280,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/big_bi1jn2y6.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-e6ae\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g%2FElx3zUXLTCa8qfLpKqxLOHzniWz%2BDWu2b65yYfsjO%2FuS%2BmC3UxuRkc7FWy7JIYSInpRJQUhn%2FY90%2BrHeb1R5LYPl4wRFwkMIRlWYt%2FTxAiLby6GC0H83RrR4CZeM%2Be\"}]}\r\ncf-ray: a12bdb9d8fe9b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59054,"size_decoded":59796,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 992x556, components 3","md5":"aafacc5b5a7ebdfea229cc3834850eba","sha1":"0d932f108c6d374e4aa33f3a2327df40a5bca016","sha256":"5baee32ade311ae8b542f6aa620473e19164957b774decefb48f068c86423623","sha512":"ce63e2db21095f2993edb4a6eee59b0a2f27c8a955588f83ee0a07c01be35db30597b7c4072343cfa4963e2b3a93ef7b3335286e8f6905013e77dd55ea2d5ef1","ssdeep":"768:nl8l0Wpf9hWxrK8KonWGDtPNcuHmshmJvP9UfmqpCOlVjxprktta94HSPDBWHrGq:lmPNyxrKpRGN2shuPef/lA2u1","tlshash":"b3430293792543dab85d9b0ff5856e662f3d73eff1b044580cd88340b3028eabca1989","first_seen":"2026-04-10T09:58:36.946755Z","last_seen":"2026-06-28T10:04:41.997919Z","times_seen":4,"resource_available":false,"data":null}},"time_used":693,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":335,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/icon-program.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.283Z","timestamp":1782640967283,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/icon-program.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-5ca\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zffm7vaa7QnNBz%2FAZdmEXQgXfii%2Fv8oQKT97z%2BLYmNipOA04aqO25cuNtqmmToWjIRuNgCKTBQl3w2h1WsrNXsRBNVyF0L6bgvfXEQavhgKKpruhDvT7YRgk9E04Z6G%2B\"}]}\r\ncontent-length: 1482\r\ncf-ray: a12bdb9d8fecb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1482,"size_decoded":2166,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"46689b939ec06c1e39f14b0ba55cae3a","sha1":"4e689aa5ee8eab356952976c3b10681fff032c9c","sha256":"97bd6f7c5fa7364d3e121cc93a6bbb6981f654a89f1ca5363a63464771c9d865","sha512":"66bce240fe395c7243e909817fd583a477adf7c649de3eba9c4f59938daf694279ee5cd7821e550a61b264b8ad689f3aa6d573b6df5f8419e53e4e9c072bf9ca","ssdeep":"","tlshash":"8631e91429a38b19194363f04eec3a17e63f169d95219a0c7a707b4bd0b9c757493bb1","first_seen":"2026-06-28T10:03:21.725898Z","last_seen":"2026-06-28T10:04:41.988023Z","times_seen":2,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":352,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay34.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.291Z","timestamp":1782640967291,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay34.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-8bc\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2SLeVYwahw3NVOiO1svCFShoO3huor2dM2uvfC8DPR%2FOrd0QWW71WXoyX23SNjU672aLAmgihfc5pZQOJRndBK%2F1kTNdvU88lcgNtT17XrWIeiIjOL4XOZVbkP5yDgxm\"}]}\r\ncontent-length: 2236\r\ncf-ray: a12bdb9d9ff4b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2236,"size_decoded":2916,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"10a8b352460b82b2ff606e0af2af81d3","sha1":"7f189aafe2c17555041a856ab13d180ab7285ee6","sha256":"bb1f31d7088e287c97e40e338b2be8b972b824502501a4d35e2a5e86c4441cb6","sha512":"9b700cb80fc8703e8e154f166828bd1dcc23db610ebb5cf16effb95f5a97812731ea37077863d400b535cdc25f66b12b355a44908aec47fc156db79562ac1773","ssdeep":"","tlshash":"d0414b000a9b8892448149b672604a3ca4b0ada63d9de7850886f5fa50781ecac7f08a","first_seen":"2026-06-28T10:03:21.728886Z","last_seen":"2026-06-28T10:04:41.990067Z","times_seen":2,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay60.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.294Z","timestamp":1782640967294,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay60.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-930\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FibfJUrdOQv7VMQ028PlL91YmWdcHHoYxaiUEln%2FvsBRvssHvc1wWBid04rMmkkBoucUsvgOCVjL2bM6zzFd6vqLXfYS3rWV%2BAvimiJ5tH2ffv1lQbdOLxnm%2BtDck%2FQ0\"}]}\r\ncontent-length: 2352\r\ncf-ray: a12bdb9d9ff8b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2352,"size_decoded":3036,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"987695bf5329bb84eb1d86d8111fb7fd","sha1":"8c2edbde5d686825619864c7776b2ddb08fcfac2","sha256":"f9711112758b3e48e441fa18a7ca702bc0302c2b2b35fb38260696a945b9ef34","sha512":"a7fd3c2f132f69f90537055abba97a77602b15d0f2e21ae9e04d9da0e29486677479f0f92c1a0e982703b41e172b882f0df67e6d336e04f6b229726df0ae1f56","ssdeep":"","tlshash":"d141dab72a9a2b5c0c434fe26351f1e71c8f7b126bf62845d550d1af722b4f23292971","first_seen":"2026-06-28T10:03:21.73165Z","last_seen":"2026-06-28T10:04:41.99371Z","times_seen":2,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/styles.min.css","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.261Z","timestamp":1782640967261,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/styles.min.css HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-7f4a\"\r\nexpires: Sun, 28 Jun 2026 22:02:47 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cvCH%2FQ58NRZQs403XVxtNCBaxPShg2fL1bQBl%2FyqVk71tN5f8AmN4R5guSp8k33GzfKw2KLmn7EvRky%2BJ02SRTCoAsIhlT%2FRnZ9Up53TEUT%2BwxUDXf3zWjzFgueJUt%2Ff\"}]}\r\ncf-ray: a12bdb9d6fdfb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32586,"size_decoded":9676,"mime_type":"text/css","magic":"ASCII text, with very long lines (32408)","md5":"c08a2e64ecd195ce078363fb32d67833","sha1":"ac95dc7f147a2248f710e08bfac4e41ae8ce0fe1","sha256":"2d78afabbf159d29fa1e4efe2907b7f06287e99d0493c2ca78ed338ed7d7ec61","sha512":"46bdfe2f5c14d97179432083fec43562629ed7c97a54a4ec49a94cc457db94b5db98cbaa26e8b422e27dbc0cca3bbd844f9db5b6f08691f25b6a5e0b879fa3ef","ssdeep":"384:efTKBAT3sV3NQ3fDnhGvpI6Mb6MiaAEOWypP:e4Q3MMiY0pP","tlshash":"cce2f965e721323d7a279016b1e1adce799c5405c62386bef9132624cdcfab24793bcc","first_seen":"2025-11-07T05:16:26.758465Z","last_seen":"2026-06-28T17:03:27.346304Z","times_seen":34,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":373,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/big_2tk1unc.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.277Z","timestamp":1782640967277,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/big_2tk1unc.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-2693\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jSPPSinm8NdX%2BnBksTW3LwaEFo2HZupzIIYfYe8WqQJsEskGuBQzG%2B2dNDx%2FAowSmSyXGaHE079Smm%2BQWJA05KMlfOe7ObxxbuVZzCRmbKdKIQ2eJf1Ls5YsRManyPxq\"}]}\r\ncf-ray: a12bdb9d7fe5b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9875,"size_decoded":10597,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3","md5":"085fd6a91d1064100b0e11c41131df69","sha1":"25d0a5fd5367994c536536b4af59897b6b21bb5f","sha256":"5bfa145a384b12818769245955b23c33d468ff93706b7f0809223e6c8652c759","sha512":"cfdf1898f2620ac6fac4432a9f38887cee4c1431beed6b5bc636757245984e4b6038c664dcf471cc62b0c8bc30fb9ef32c48badd7dedde8a0f1c394dcc9b3d62","ssdeep":"192:N6IFQkM5QCZnNPX+alDEieAymUoyuCVqhZj2aHSLNv+sOeF:N63FNPXBDEQhhF2awGsOY","tlshash":"c912af273f4d3b42dc3d3274b2a1dc35594be706a094750151f67145778baec0928ef1","first_seen":"2026-06-28T10:03:21.736989Z","last_seen":"2026-06-28T10:04:42.014405Z","times_seen":2,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":378,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay33.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.290Z","timestamp":1782640967290,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay33.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-682\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sfIUWcMdbahLhaQoxa7bo7e3I3LXFW8NUSaf%2BYhG8UKvp%2BumLqLKdt3f%2F7Rf6h8M9sxT%2F6fAIvAa%2BldLeFTGFsvm1Bnzm5rJlDeymN%2FSRn0U0O0EUv9CFFy1dBt7m2zE\"}]}\r\ncontent-length: 1666\r\ncf-ray: a12bdb9d8ff3b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1666,"size_decoded":2354,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7d14772bb39f9531a240e93898b69416","sha1":"388e98ae40610b092a98d08503af598b69f28517","sha256":"398fe37f76f53236194ca9e149a996da010eb37582e52d7863b6f65d6a9a6b6c","sha512":"13114beb58c582657227eee39f155a54f1b492ae39bbc895dd0c0b3fa27cbfe7cdf2c0e831c32de89bca9d47764dbc25c547c1f536e6db18d59b60bf5e2ccaa8","ssdeep":"","tlshash":"6e313a0ecd504632fde9d8093a56fcb1413d4da863b6e75d700280e296921a1b83e0ff","first_seen":"2026-06-28T10:03:21.738812Z","last_seen":"2026-06-28T10:04:41.986171Z","times_seen":2,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":390,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/big_lu84dqs3pn.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.274Z","timestamp":1782640967274,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/big_lu84dqs3pn.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-1155b\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x6jo5HN6ADxplOKSUq6qeMCSek6TLo53pAirr6oH23ZykEie%2F%2Bib4jha0eoYiTBCtdv%2F5jcDdELahsD1MXwYhT29vZczkXBCfwA3RIibuCX15jaWUM3J%2F2iaR7nx5ibj\"}]}\r\ncf-ray: a12bdb9d7fe3b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71003,"size_decoded":71738,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 740x415, components 3","md5":"717051cb4b84185fea88039ebc987acc","sha1":"ac02743e5e83f9108bc168d515b2cae7dbbc9bea","sha256":"64bdecc33a5c66fc12beaf379279afb56f86c3ebc75353a1f568e105e24481c7","sha512":"9fd789d4eaddf1afa6a5393fe2a7e36ca821134a9654e70ca92a412039b0d1b8bb9465f0b5c46e60cd5e5c67b8945e7d537a660331179545bd7ee4b48dc217ab","ssdeep":"1536:V+gfxdH08aJWLHa0mkpbqGWYaTxH2oTlr3y+K5tElRlGRZMFS:UgJEc60mmbqHhd8+0+lTw","tlshash":"4663129436d3347bf8780dc63e4d9ba07de61e221ce2e50adb8c1e6ad7092495d710be","first_seen":"2026-06-28T10:03:21.740525Z","last_seen":"2026-06-28T10:04:42.002079Z","times_seen":2,"resource_available":false,"data":null}},"time_used":723,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":369,"receive":354,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/icon-24hr.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.281Z","timestamp":1782640967281,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/icon-24hr.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-73c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xn45xNhpyFPsDGNTwCC3qLFg3hg2go7eEV9cIO7GKFCJSTpLD9LVsa%2BOQFsQgelKT4RaXXk3Pnhsfq%2Fc80Aw%2FiKSEehqIPsircBFJ1EE8zam8yUrF%2BmII07d0YBxcb5H\"}]}\r\ncontent-length: 1852\r\ncf-ray: a12bdb9d8feab503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1852,"size_decoded":2536,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"accef008875ec3b4df27f2b63be34019","sha1":"9a27c3ebd654b2b1f927b5a3a5c46eca3f95d853","sha256":"a28734395fe078a9f5c6434a329d0542b2835c3ac0edd826d3ad28d003c1053b","sha512":"aa972903294a992165342e2b738ed1954e624b0657d30a85867a94ff62ff3107861e23b63b6dbe95e9b24b909c8220c9d8706e5328158c5b3b2245208cd65b1a","ssdeep":"","tlshash":"5b31295d282661a1d1594dac110d3eeae080eb878820d94347e3f0d7a702d3728ae758","first_seen":"2026-06-28T10:03:21.742733Z","last_seen":"2026-06-28T10:04:41.985032Z","times_seen":2,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":369,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay61.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.295Z","timestamp":1782640967295,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay61.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-53c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=brLiF0NCtHF8KtFK5HY9PdDOLN1GElGx9%2BRTIagIfMi7EGIUlZjrZD1b5fAV92nYsY02Y96Lv7uU43DRniE7FQNzDwSuozJh3TzPuDZ%2FPZhQ9wLC9AfRaDhhJmW1m%2FB%2B\"}]}\r\ncontent-length: 1340\r\ncf-ray: a12bdb9d9ff9b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1340,"size_decoded":2024,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"55a0c89d647c70162d7e256be8383f18","sha1":"0c5ec148ffb1f430cdaebccb9943c58d089007f8","sha256":"a363a1d1bd3af4b8b5984bfd8c974fd68387033113948027c282044d369a94ef","sha512":"604ce27c48acf3137fa258da5bcb25c86ca6ef88850cff8003eb51173fe115ec5bf19c87fc0a610ee32872b5226902791b2051b25f44b0751fde7fe70b1df71f","ssdeep":"","tlshash":"872128282f0faa80eced4465dced30901824f3801c1968e4a1dfa84db20c5209a31976","first_seen":"2026-06-28T10:03:21.746975Z","last_seen":"2026-06-28T10:04:42.020048Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/logo.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.272Z","timestamp":1782640967272,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/logo.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef884-10d3\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eO4c9KnRlA7%2B09rcciRsH9U5toKhw8m%2BYasxsXjq4FuzPHq6b9eHLoiI7mFXGDdb0knhusm%2BdkPXFpR%2B%2BvZwCtf%2FLa7a8iPV3kpJAyVHgiD%2FJIq8npbbhVJYTZqu35WN\"}]}\r\ncf-ray: a12bdb9d7fe1b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4307,"size_decoded":4879,"mime_type":"image/jpeg","magic":"PNG image data, 449 x 150, 8-bit/color RGBA, non-interlaced","md5":"ed7d2e2f08edabb87ee43302ce7dbacd","sha1":"a4c83c7df6886b936d7f629ddecb5a6570c54dc0","sha256":"ac7e2673ab3fefab0e99615ccd0827e538b9b24d63b564d08afb131581c74515","sha512":"773a85f673693ec9eb233d46e8c57fbe39d4a196fe97e3875ba82c057977012d946e4dad37f04f9570bd08aaa9c8e060c87298a96e007f77ad3a0404738f7df3","ssdeep":"96:NDxeUKPsDMt8PBx8AgVCL2WO8v3W5N3u+:Nlms+mWAgm2nu+","tlshash":"ea917da91cc4c260f5f8d12c437f56c1d5c9bcb0e1847ede3ad3860329894fe82196e6","first_seen":"2026-06-28T10:03:21.74907Z","last_seen":"2026-06-28T10:04:41.992227Z","times_seen":2,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/logo.png","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.273Z","timestamp":1782640967273,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/logo.png HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 21 May 2026 12:20:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef871-45dbc\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JWzL5rzdf89E3r25dbm1oRNn%2Bf%2ByAI3NfPWphbkRu9Kj7sS6tm7DfkYktBCXN3uAgWEPbzvfGNDZQgMJks8pexifIV47sbNUkB2M83gNHi8eS3l4ASVU1VLOPw%2BCqPGx\"}]}\r\ncf-ray: a12bdb9d7fe2b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":286140,"size_decoded":286573,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"a755150bcd71b833850cac75245b0d36","sha1":"470ec6f1d866c2a94cfd55fd8aab655d33a61df6","sha256":"0683989dae33551d79f31fe8083f75a0d434ed58e88c24c9dd8d1a7b8603f673","sha512":"995f225e1cd224594765b2cc5cff31d3d344845a3f371fda25e5684ab3619224d516729d7ddc901b2fdd9f320d1a88bf21d2e555e5b4342d0b2cdc2b98cef0fb","ssdeep":"6144:MjVQ9OqPthYZG8vV9B6U8o7wHZibUjBJzVytdxC7ua9UL9QwyO:Ky9OqPkM8vV9BQo7wHcYJctC7J9kQwyO","tlshash":"6654234e01d96101499ee16b4ce9f029411ee20f7570da237f34eec943b9bf7b2b22a5","first_seen":"2026-06-28T10:03:21.751028Z","last_seen":"2026-06-28T10:04:41.987076Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1047,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":359,"receive":688,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay22.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.289Z","timestamp":1782640967289,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay22.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-744\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lYrIufK4KRmt5JwIK8%2Fm9RiAhd%2FxNf6OsaVTvkGD%2BUivX2FhSkux6HmLVwiRBp6Ezw5f6v3zM79wjw0MOzw0ntlG3AvifU%2BVBfDtF1DvErnUN6MirEOyBLnAePSfX5%2FX\"}]}\r\ncontent-length: 1860\r\ncf-ray: a12bdb9d8ff2b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1860,"size_decoded":2546,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6beb638b1ecc228ce387a0b7f2243c6a","sha1":"024de5f7738ead7847ef0b9d51c87ad8927518e2","sha256":"feb492b0ed5a17ee1e88a3628ba0371b7f23f7c2c74746edfe506d7ce7b00680","sha512":"ce9aba347100018eadb631161450c215397f9472d96c680a11a94b196e821736e888fa85b6f45e23f7a1e84a616fe867e014ff23f31a206d7c5cee7b49a638e8","ssdeep":"","tlshash":"8931e95f17f44f1ad672cc594c04d1b3691ac4928fe4629ee964bf588c0bf074bd09c1","first_seen":"2026-06-28T10:03:21.753427Z","last_seen":"2026-06-28T10:04:41.988877Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/gaming_license.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.296Z","timestamp":1782640967296,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/gaming_license.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-9c8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SPkfw5GeQuF55Ad2K6Oz6qs6cwlkL4FKufyfjsO3ZgPpji6XQp3%2FruJ5q1lS2G9kxEDT2M%2FsHNz%2BCEem2WFgfhmzqGMkWkt%2BH1Cbbvbt%2BiacnhcI2BeoeEJy%2FZC8a9Vt\"}]}\r\ncontent-length: 2504\r\ncf-ray: a12bdb9d9ffab503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2504,"size_decoded":3192,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"533e4ae2a2c40a92049c734a84c9130d","sha1":"889bdf83df2015bd11100b1cd4e8ae2f02eb0af3","sha256":"f2ba8a16978e33d87225c482b1f809a1aae2764b31f5cd3c3ef4d0ee8fbbe1ab","sha512":"295d249d4ac28c570a6a1085e6ef14a91f5419d263cd5b414d3329da426ad7f73c99d123932dc23ffd2dcafcfa99e864afdd1c7585035a8c014ea2bc0a1f9fac","ssdeep":"","tlshash":"d15107d620aaba3a4fc7cc3950ec15489d02bcf9c203e99209654691c0f405636ac3fb","first_seen":"2026-06-28T10:03:21.75502Z","last_seen":"2026-06-28T10:04:41.984296Z","times_seen":2,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/sr7.css","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.259Z","timestamp":1782640967259,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/sr7.css HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-e96\"\r\nexpires: Sun, 28 Jun 2026 22:02:47 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F%2Fm%2BsancNK9V5xuBPIeMMV6xHEf3NQPVAw0oFu8MoCMQ0ponkvefpsmVyIlNhwscETKjY4S47j8g8OrkyWJK9rm8EG1LOkNTBOnXUkBLldWcOQzmX3RIG1q4GF39PXN7\"}]}\r\ncf-ray: a12bdb9d5fddb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3734,"size_decoded":2199,"mime_type":"text/css","magic":"ASCII text, with very long lines (3284)","md5":"a55c4b1afc2a38d5fff2134a98657a3e","sha1":"60e924bf46abc71d419be3c4b021f217663eac7d","sha256":"72b9b2e853aa8287a2ce374b726953f34a823e0c86d6f83d0a7bb0f8298ca276","sha512":"8b32cfb6da57797c9724a276f41ed5e3538dc1abbaa543ca4ba1aa1eff8d79be9e8086bcd4345c4afdc6d55efd16ea153b92b07c9c7db3d9d3e3d0462e11d7b6","ssdeep":"","tlshash":"bc71662611e06064452bf6056ce07b6db76dc456ebb31acdf68ff22c43ce416249c6c9","first_seen":"2024-06-17T00:33:38Z","last_seen":"2026-06-28T17:03:27.387217Z","times_seen":79,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/mmenu.css","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.260Z","timestamp":1782640967260,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/mmenu.css HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-57cc\"\r\nexpires: Sun, 28 Jun 2026 22:02:47 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O4Wig2QW9d6mohfJeryV1JYRXfsi2pWf6m%2Fv9u7K9XXHBsw9P0ulyflRyp2K13x4o3yD%2FbVlFg3q4eMXAdhOyPshx5etturvB%2FbZZvWHflphCI%2F6E0xxu0Iyu5qIv3dR\"}]}\r\ncf-ray: a12bdb9d6fdeb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22476,"size_decoded":5796,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (22320)","md5":"771946dbca7c90045beabc4e92bae48f","sha1":"8b4e30f5e88a01fd947bfe58fa4c4aba92b73e69","sha256":"af66a941da725f7c3b9eed48a2e2c391aff9731c44c3c92bc8df30dd7fb349bf","sha512":"ba8a17fc6f674418f60a7289b59d6a4d0aa8a3a384eefb53d8c0e6d5a2c2a9b70807ef59b4376b55b755f00b5a33bd4bde02ac1b967c16806df8a2c051179f82","ssdeep":"384:ekerNSm873aiH68pdPCj0uGoUmCraebiQyCEsp:ekpm87KK1403opCraekU","tlshash":"d8a252d1b5a03432351fe33f869cdabc4b2cdd50ea1209abf167a3542ec65d79072c66","first_seen":"2025-11-07T05:16:26.756092Z","last_seen":"2026-06-28T17:03:27.351372Z","times_seen":34,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/big_2q85mvt61f.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.279Z","timestamp":1782640967279,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/big_2q85mvt61f.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-fea6\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BSNBeK7gRSsvgYP4ZkoISsNqsYoQQ0gwtMtQa4vjfANj%2BT2rEGb7EdwBgGQj5YnN8Xpe5O4GmzsxanXiMZXdoXARteuAc985nVCq4vcZr69NJqDJr%2FouCBJYVR5kvhPo\"}]}\r\ncf-ray: a12bdb9d7fe7b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65190,"size_decoded":65293,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3","md5":"c9e40eb262da17c9695bdbc76ef95cd8","sha1":"8f84a4276340e377d1554ba3b8a739f2fd64c1b5","sha256":"d32d66bb74710972d44494016c360ee345440c4f5c171ba17290b783fa6543d4","sha512":"d72c05068af1dc4cd75ce7f379e2feaffd81e0ba48c375222730fee571d4509be8539988ed8ea05be2f33c1c68ef9c7ed76ac472a9aa252b3a57406f7a917561","ssdeep":"1536:G2rc1qaDWGmsa8JY5+xt5TM1N1JQ+M4YIxOUov8xgVSt8s8:NY1ZWwa87ji1JJMj+OUC5Q8","tlshash":"c95302920a482471c84d61f09bfb05fe86bee0a0cdbb03e5d350a1adff45a991dbdc94","first_seen":"2026-06-22T14:08:01.009987Z","last_seen":"2026-06-28T10:04:42.005828Z","times_seen":3,"resource_available":false,"data":null}},"time_used":731,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":374,"receive":357,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/icon-book.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.282Z","timestamp":1782640967282,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/icon-book.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-634\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Na1eKkL7RZ9W78DdBMJrpAG677NrYY%2BU60lppXE0USputNytRMGBVbSajZLmDM%2Fd8gYWHod1ACOSY%2B3Sx7ejzX63qR3SxWAvjbKew1wHyD%2F7OBUXYxLlmT4vDCPIL8J0\"}]}\r\ncontent-length: 1588\r\ncf-ray: a12bdb9d8febb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1588,"size_decoded":2272,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0736455163b5514fef529e03fb2bc4c0","sha1":"7a5640531d20c64e419153e6e93ba5e3a04e1b97","sha256":"0b56c00b69a590d1e3a8419f0778d556fd60962ae3ea69f7079bf7c388581ae6","sha512":"512ec5e642167eae52d9e4fe5ee308076a780d0340bf3524de96b47cf442df063fa4e32648b4b5a78c027f20ba307fcde03d09f1b62b79144db4306c6f7eec4d","ssdeep":"","tlshash":"5c31e84f9ad890618fd1c8bc015e4fbdce724232bd40967736168a87a4c56279cdff00","first_seen":"2026-06-28T10:03:21.761238Z","last_seen":"2026-06-28T10:04:41.998902Z","times_seen":2,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/safe2.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.286Z","timestamp":1782640967286,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/safe2.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-514\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3NPmWquFWWZi61M6W5G6YFIna1LQMlP7CUvZctmRZwec2GGSQ2bptEJ6D7IsihRHxe2Rh6nHRLbhi8Ko4Ovocz4yGXH30rxFtI15T3rB9D0JqpsGj7aL0L0%2BB6Aj%2Fe%2FN\"}]}\r\ncontent-length: 1300\r\ncf-ray: a12bdb9d8fefb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1300,"size_decoded":1982,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b5e02065a5ea9676560ac78fb15a2f12","sha1":"41df19731b7dc8d4d5ee6e695f62f580fb87f986","sha256":"fd6c1797b0934017d47a1115da170636f5654d4239abbf5b0c921124087c27e4","sha512":"a266c68c665184f4762e64421f7539818c41f2b4c13ee7d0e71060575794a7400935e5c4e30108de56261eb406d36485cee5b1fc6caceb25e6c3555bf8c39f77","ssdeep":"","tlshash":"1221a50757bc38bc1b2d037de16a0166b4cdbe2807a485c7a91201261577e45edf4a6e","first_seen":"2026-06-28T10:03:21.763003Z","last_seen":"2026-06-28T10:04:42.003267Z","times_seen":2,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":368,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/safe3.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.287Z","timestamp":1782640967287,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/safe3.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-502\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=66XWtKJaU9D0wh38d%2FHv5M%2B36QZEyQdxLt0oPz0Ii4UtlMQDJWWyhxIbBW89%2BOtceS%2BA0jMQT7gADv0A%2BUMOOBTUgz3I%2BTfCN6u1phGW1iJdTe8eFP5qTQzxYxtUpNDH\"}]}\r\ncontent-length: 1282\r\ncf-ray: a12bdb9d8ff0b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1282,"size_decoded":1970,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d059279492f03d6d089ceef3499ab2c","sha1":"3e4f5263ff8702089736dab49a426e56ae223ac1","sha256":"19197711a6e0cc31839ea273edc9211a2dc9cef271bbac0adbd847938dd82e47","sha512":"7d8043666271c208bb178b1208c30296ab014298e4e693f79b605b1e8e99799fb3d57fbf960e0a00fc712fa5b2d52dc99202f7631938de520748c4852ecc480c","ssdeep":"","tlshash":"3521f80984319c25dc0dc8a41ab862e7e22f11ac1588970cc64f708397088a639a6c86","first_seen":"2026-06-28T10:03:21.764612Z","last_seen":"2026-06-28T10:04:42.013534Z","times_seen":2,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay16.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.288Z","timestamp":1782640967288,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay16.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-adc\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sw83FlGHtGnPqPxvhOtEYDx21u5%2FFHg96xFIM5XLLT05yEmWvZcicdRGUsw8wGJiNauW53T7I1wC5Wi1ko4Tnc5k7msnnGrKfPDKm0aKwq%2F4FuEpUHAAvlIrNT2E1Bza\"}]}\r\ncontent-length: 2780\r\ncf-ray: a12bdb9d8ff1b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2780,"size_decoded":3460,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"45030a24d98c5d9b6cb93cf439f45c5d","sha1":"26546cc0c1775c139cddf8cc7cf6e6023f85f353","sha256":"9ce7a39f8a4a25e4f6bea472c692ca78f3aad21def45a4c22d68aba1d39e3f8c","sha512":"17ff45e146dfa8b7c913ee59a15f1cdf56fbccab15fb7733eba9943f655454870d8a1c297a20d6e54720cd14f0c58ef7c972a273cf741be118b6fc0b6e834800","ssdeep":"","tlshash":"eb511a698f4fe211cdc4fd083acd293be1c24269a256979a3d8463c3845b0e1b3a3182","first_seen":"2026-06-28T10:03:21.766396Z","last_seen":"2026-06-28T10:04:42.000034Z","times_seen":2,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":367,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay48.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.292Z","timestamp":1782640967292,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay48.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-9b2\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4skv%2B8QDWfqI3uv5mVsR2%2FknamC3xfkupbYBnfksW%2Fr9uR0f6INl1NtGQ0u3ScJ8B6K%2FWK%2BnUPpGc4qa1SBYWW%2FpC4zbxxoXJw2hf9vOHprQnlSUG5CmOEmYnHY9ErNK\"}]}\r\ncontent-length: 2482\r\ncf-ray: a12bdb9d9ff5b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2482,"size_decoded":3170,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f819662ebf07c68d9c3f7a85912cc738","sha1":"68b29eb046242d209ad56312e7a4b5d7375dc6d9","sha256":"707d3ca5da19f2ef1487a816caea5e096875e5690dbfbf00bd3bd699bac5c330","sha512":"64774a609ae669ee2412e8b10e30cb7d3b0195332619039474489cbd71e97229574cdb38dd44f1fde8fa95778679b380d835aaa7044b17cf53d621b652c47dbe","ssdeep":"","tlshash":"61512c8c7f689e9cc2212925f73dff065851b0646d9bcd04055d1ab2d333cd2c8b84b4","first_seen":"2026-06-28T10:03:21.768094Z","last_seen":"2026-06-28T10:04:42.000966Z","times_seen":2,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/big_zbs8nimp.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.278Z","timestamp":1782640967278,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/big_zbs8nimp.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-1d8b5\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GYVpMGNQi0%2Fgi9MfT1Q7BjYbgQgambczQ51Cq8g36iTZBdMrGT3phI8ewBsBZNjvUc4VqxI20EliDPayrhLYVoXpRBJc%2Bxl9TOCq7EvmwOIU7OQ2n%2BjiDBW0YOOlMy0S\"}]}\r\ncf-ray: a12bdb9d7fe6b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121013,"size_decoded":120185,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1004x666, components 3","md5":"731424622bd550ec8801e623106cb310","sha1":"ced8ca5d9cf156e62085704c3b86a831d8f708fb","sha256":"3460a73a7a961db1be2f10e1e9de610cf68bddc79542b6801d2b9416b19a8ebb","sha512":"0ccf71dc4821d6f29aba086503a85a0b6c376292207d35725b7af1c7fa555391d10e4d7e7eceee19eba8bf64872afee57fbb86e9572231ce30aa99573839b6ca","ssdeep":"3072:15fuksi+PSe1wlnWrS5d8W9VdibPjxIZRVCH7Gx:15fuvN1wlXD9VdiLjcCc","tlshash":"cbc312d18390919689ef672867b9bbfc278a3e14a44033c4da215372fb9cd1c8178b8c","first_seen":"2026-04-14T01:28:18.791976Z","last_seen":"2026-06-28T17:03:27.342494Z","times_seen":6,"resource_available":false,"data":null}},"time_used":906,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":373,"receive":533,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/icon-partnerships.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.284Z","timestamp":1782640967284,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/icon-partnerships.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-61c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FePxyyaxNZbyCCAgYlTOzCUE2uJddltAXN6ylBEfgFjO4RGvhBAyFnJaIW1EP5xWPGTnoOcjkntUGxqCa0EMSN3D%2BPNNM7h%2Fl%2BIrvqOnsLSrdy%2FrPZqYp%2BLnEiLQYJuC\"}]}\r\ncontent-length: 1564\r\ncf-ray: a12bdb9d8fedb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1564,"size_decoded":2252,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c355d5725041d33e9904f3e34ef54e63","sha1":"64ff871ecd6e4c6e742831389cae736df7502c6a","sha256":"3771005fe242aa3a97e73ddffe09b4422703dd860ad32139a842ffe86068d00e","sha512":"fa67c0a0cbccce91dd946a37b095eac2b8826d8964d38930f9a68125ecf9afbd5957721f40861e676c81238027011921171cac33b3d7233c74fd99f49eee9a72","ssdeep":"","tlshash":"60310aacd2f73b05c831973b3d001619f8dcad666347210d8d11da32142b8f4a0616ae","first_seen":"2026-06-28T10:03:21.773661Z","last_seen":"2026-06-28T10:04:42.01268Z","times_seen":2,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/safe1.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.285Z","timestamp":1782640967285,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/safe1.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-41a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vd%2BzeLE2C3Ho0kDw5cYsGaL155SR6rUnDyfzaNwdhqQDMAQWKKBAzkJt%2Bt61GLjBT2l1Dman5inTu2zRq1cAghlRC0qWHLkpaLCu%2BhMW3Fx%2BIFmgrTxDHNJUFg0nAH6J\"}]}\r\ncontent-length: 1050\r\ncf-ray: a12bdb9d8feeb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1050,"size_decoded":1734,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bb3daef7183220a3f29e4eee8e4b1c3a","sha1":"fcaf2460a05f3b0cf4be6917e3bbedc486d5faa9","sha256":"d466371f868064f737fd07cd39259c27007e4269b7c22b22c01b153c82b5e5d2","sha512":"782c5f1d4c5ac36b29734d6a4ab632994183303f5e62abdbbdc391fe15bc605bbbe7180246d694a474f5640c7997d9e8e2fd86fcb828cba6fb269969ef0a6226","ssdeep":"","tlshash":"dd11b94e1a6587e1f7299b56b08a3041e3d3953255c5132264844c4cb3dfb282b30603","first_seen":"2026-06-28T10:03:21.775391Z","last_seen":"2026-06-28T10:04:42.015951Z","times_seen":2,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay45.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.293Z","timestamp":1782640967293,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay45.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-772\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r8eLvWIRNYxfJRxkR%2BMXN6vvJON2RekbZCP3FGR7k1wD7PS6tUubJJFdoGXkxOf0IBu14ykKZe3ZTCcCPGrkymcEY2pj%2BD9h8%2BvXFVuf39tthHYdvhImPAmQeLGZrZUB\"}]}\r\ncontent-length: 1906\r\ncf-ray: a12bdb9d9ff6b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1906,"size_decoded":2588,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cff93b3c7b642ef554f5d6f701c683a3","sha1":"4c4f73aa898bfec6448ec027f151edfa7e08f4ed","sha256":"4171ba6018631c6d6ba6f9f87af8b30876b42f73a62afcee4e40f3a77511e48f","sha512":"faec30c808a0bac222457b18ea0fb7647f3caee87a78b4af8e36366477e4dedacba8e8a33b16a55c91602110b3b1e43fb98ac8f91b1c2d334ef16066bd560289","ssdeep":"","tlshash":"3b411bb8dea20b7dc70e7906a40741da4ccd35208621e6f2d1107b40b17c335bea5b5b","first_seen":"2026-06-28T10:03:21.777937Z","last_seen":"2026-06-28T10:04:42.01827Z","times_seen":2,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":390,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/pay59.webp","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.294Z","timestamp":1782640967294,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/pay59.webp HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\npriority: u=5,i\r\netag: \"6a0ef870-e02\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7aIDv7lzacCy0C6RY4X9jgv4NWbqR6PDCxzxsLYuO%2Bclo5NaK6q4MppIczPuxKM%2FlqhjLlg1lJznsiGcxTh4g%2BAsbh0mjZTS4baTybb5Q7f0JMEz%2BZs2FvLnGASy4WvL\"}]}\r\ncontent-length: 3586\r\ncf-ray: a12bdb9d9ff7b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3586,"size_decoded":4270,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"512dfe0ac6f6fac5af482dc8ed236b62","sha1":"a7724b6fd6b5041a14f65c86fae35e66d909e21b","sha256":"c1ef04d0c3088937b08b1b9ef1fd0c763ec4e33c7d99d5afd7bec6cd1c390843","sha512":"2461c11422f8556e13f6dd05e0af5c80d7c330ab3aaf3d843519bbc73fda26a43acbf6a950da132caac4ed5627d2369f55829198896744f72142542ca44da89f","ssdeep":"","tlshash":"6b718e29e6716fe2f94e29c1fa7108b45bec967890577498c61f4bdc420d116e0cfe0d","first_seen":"2026-06-28T10:03:21.780177Z","last_seen":"2026-06-28T10:04:41.983174Z","times_seen":2,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"node91.aizhantj.com:21233/tjjs/?k=zwokww6hbbz","fqdn":"node91.aizhantj.com","domain":"aizhantj.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.979Z","timestamp":1782640967979,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tjjs/?k=zwokww6hbbz HTTP/1.1\r\nHost: node91.aizhantj.com:21233\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T16:32:19.025044Z","times_seen":16797539,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/favicon.ico","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:48.428Z","timestamp":1782640968428,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/favicon.ico HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:48 GMT\r\ncontent-type: image/x-icon\r\netag: W/\"6a0ef871-c25\"\r\nlast-modified: Thu, 21 May 2026 12:20:01 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d475Z%2B%2B4F%2BgMYDbgMVmisddIKargZ4BYjhcXjChw13WI4jWjODESlucyYxWBXGUuZBXLYeH79kTINQhKAYzb1fJDt9a0UUWX%2F3rvisCKyEBPhwdsADJPi1pajsmvNEoG\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\ncf-ray: a12bdba4a849b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3109,"size_decoded":3789,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"eb3cba14138f37fe62d6517def189a4b","sha1":"b3b25ffb26e60d973b9949f17f86e97df2cde0a9","sha256":"810b6b9ce38bfa26bb0bd619aa738c9817853d51644469847b16c6849d3042da","sha512":"f3d3683bc1ea122ae4e3f1fe093ff960568b76260b8c9548960cb209271279e48a1bd29e93908c87d04b705fbd561790d9f5bddb93b28a1dd966926040fbfcc0","ssdeep":"","tlshash":"4a515ddfdbb70aa16f1d1b773de058554aae7ca02193313418775416515052376c84ce","first_seen":"2026-06-28T10:03:21.789941Z","last_seen":"2026-06-28T10:04:41.991299Z","times_seen":2,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T10:02:46.565Z","timestamp":1782640966565,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 21 May 2026 12:20:20 GMT\r\ncontent-encoding: zstd\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=snKygvRrLWFUU2WqyrOA1MnOXN07l0AltZKbR97VdsLXd4i9ZRZR2bhubn1UFrnbt4uGZTz6WNwb8jKGxEZNtWfq2hElGIzXzm1uGScZoh1d7OPLeNt%2B%2BSbnQrwktgyx\"}]}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a12bdb993fbfb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27147,"size_decoded":5036,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1273)","md5":"5828bcf37e0049f4ecb9806d074534fa","sha1":"a997c9327a72e8b03f40b6c31485d1d351f427ef","sha256":"768bffd0d73aed15a03514a15b098bac5aa6eff4fd749f40bdfcb15772b7b816","sha512":"9c1cf6cf714c241ea06d79a293a08b563ad8b7bbb94a03eb3711fce032f12019a8f3eed36c624661c16ba6f92dc45168b3210a399174f6805679c30ad0611708","ssdeep":"384:Z9mx/WPfw05BrcTrD0viMtpS+fH+pIqIZqiRPeToJU46AAUX44vqIZqiRPeToJUF:e9+O8n44BZM/2fy47kbNxau","tlshash":"c2c2f03318f451670326d1895e922b2fbe83d207c9de6b01b2bc1a889fc7ea78d1715d","first_seen":"2026-06-28T10:03:21.794334Z","last_seen":"2026-06-28T10:04:41.981416Z","times_seen":2,"resource_available":true,"data":null}},"time_used":453,"timings":{"blocked":-1,"dns":9,"connect":18,"send":0,"wait":425,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1778winoi.com/static/cdu90v4a/big_dop72t4k9.jpg","fqdn":"1778winoi.com","domain":"1778winoi.com","tld":"com"},"ip":{"addr":"104.21.69.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1778winoi.com/","date":"2026-06-28T10:02:47.276Z","timestamp":1782640967276,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1778winoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 May 2026 11:20:05 GMT","end":"Mon, 24 Aug 2026 12:14:55 GMT"},"fingerprint":{"sha1":"14:19:D0:CA:75:30:83:3B:5B:1F:FE:F8:6D:45:88:E6:AE:FD:3B:46","sha256":"B3:56:43:B1:A1:44:2E:EE:30:5B:5A:10:E1:DE:82:08:F1:AF:20:1A:BF:9B:0E:57:3F:1C:B4:8D:9F:FF:E4:AF"}}},"request":{"raw":"GET /static/cdu90v4a/big_dop72t4k9.jpg HTTP/1.1\r\nHost: 1778winoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://1778winoi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 10:02:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2026 12:20:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6a0ef870-3724\"\r\nexpires: Tue, 28 Jul 2026 10:02:47 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0HgJtjA8bHfBzBRcy9A%2F3JgNdVqOXRtcO9Q%2F2xYGIKFv16CGEVZ4cjzwJUbtxBH4sL09KafKDIzl6%2FdArg9jEbvBanbxpEWBM4KbC8A1BjV9oc5CRpveqPn%2B2T4EjYC9\"}]}\r\ncf-ray: a12bdb9d7fe4b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14116,"size_decoded":14847,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 297x170, components 3","md5":"a1736ab3585a29e81b5521aa794b95ed","sha1":"ab30722521a532340d6e4d67620a12a5e28a1354","sha256":"e06f41a8b4a0ef09abecc354d32319b1c4121d7d20dabea74fae29ffec443c03","sha512":"6ce39d61f59f119e0b86c70286246b6fee969404a6c7fa0b95757655aa85ea9c174a7f8b27a67c7bab5af6173662a263ba57bbf8d710c0e848b7708970184166","ssdeep":"384:0Y+B7l+9sdZkJZefcQO/mqY174JswFFRftTqywzTt:6Bg9sUeUQO/z+4qwF/9GTt","tlshash":"1852b007a919f614995ef6210f0f235ae94ca1c91bddb6c2204467f20fc4c4fab6fe55","first_seen":"2026-06-28T10:03:21.800483Z","last_seen":"2026-06-28T17:03:27.392086Z","times_seen":5,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"1778winoi.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}