{"report_id":"ac4a1cef-adc6-439d-b58c-ba263cb067d3","version":6,"status":"done","tags":[],"date":"2026-04-24T15:31:10Z","url":{"schema":"https","addr":"win148.org","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"win148.org/","fqdn":"win148.org","domain":"win148.org","tld":"org"},"title":"WIN148 : WIN 148 Mystery Island Survival Adventure Epik","dom":{"size":181656,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (34801)","md5":"3262a60dbdda8c89499c15d736ce0e29","sha1":"3022565582565b9848357d5ebf6f1a83f16e1a44","sha256":"0c98acfaa1ed84ad824f5f9d08c702638ea9a0a940355f5161c8b586cbb2ce01","sha512":"9194099b7858a6715415af719f0f42ebe4249a79ebfd30923b514f8625667e5869537e17bf4a63a7a334c37bfaa70ef02723753107931764328aa3a6d8b65033","ssdeep":"768:9hYWk5F4g5A4WR2vhMA1HtyQP6yHqZhFU5Jv8CuC7LwZFU9889xVEXSog2UmaCUZ:AZ5F4g5A4WR2vhV6yKunREXiQE","tlshash":"5604a463384e111f6217c391a1e8f5bb9e51c90fc9325e45f9aeabccc781f427676228","dom_hash":"domhashcf155cc0f070d164f058f616a27aee7b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"win148.org","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-29T15:31:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"win148.org","ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":81,"received_data":1277524,"sent_data":38442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":3289,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":340593,"sent_data":2252,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-bind-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"378e19c639fc5eb26999204f145d6e87","sha1":"3967539a257b804710a39f669733ccb0653c16ba","sha256":"d3cb5ea23badbae7dcde8f720c7f8af543ae561eca84afe9f87936920aad9a42","sha512":"1abb62b8a831f13ed1ba0a5069207ea5bec77eed2e353c4b7b216e3a52179bbb728516499d0ef4ce0320ebfa9a24d18b477b723717d11de7e2e5942b864aad70","ssdeep":"768:OXCnqZrZK6LtckYVUCKeTDTfr8UrZLHc5Ql0p43fHLt+9TlVcAPnK07+hN0ZXrda:bq5dqLAUVjcw3zVKpJ40zQyU","tlshash":"a213d9b17282a43647d608f684367016e32d2956340ac8ecf1aceec77c77955b2b9e3d","size":41951,"data":"","first_seen":"2026-03-18T09:15:17.846899Z","last_seen":"2026-05-12T09:02:27.47047Z","times_seen":587,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-anim-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"55b12ea4a5e5ddcefab1d262fbc0d8b2","sha1":"bcc63b9b719ee9ec94c0859d4e9876f05cef77a7","sha256":"e8a02555e6fe00cf4382691d569b602f62a67b6fffa922334f4348f2782b61e7","sha512":"bf62b120d5b5ad6b8dfb44e98ed42b9cf9f04719b18433aff98fa4b4e079f4a9c2bcfd3dc5d611710d184f32cba77187a56370ab76815ca4c7f8e680db0f7281","ssdeep":"","tlshash":"4971b8b872c5b5365bd63cd2446b5405fa3964363407c868b168dfcf293a85624b6f3c","size":3802,"data":"","first_seen":"2026-03-18T09:15:17.862394Z","last_seen":"2026-05-12T10:22:31.884863Z","times_seen":539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1b81f958d86c98e88b86960a4dc246","sha1":"eb7c9593cf4980bd7774efec7f9579a9227d021f","sha256":"958c3f227881fbb4eebfe70f950f16384382a519ac0b708a073ae809205e312d","sha512":"bd2a0e6ce8551a58f83c095f7c1c071b061ac495337f58fda6b7e175344003a4687de1185d9ec87b1bfd4dd44fab2d6d54a6081b884c034bca5d6dac989a45da","ssdeep":"3072:dHxofahpFRKNAtM0sK8NQgU9SutUvDK3p9Pd+g3:XofahpF+At5s2gU9SutSDK3p9F","tlshash":"f524c5a53296b03247e154f5d4774002e3296998340b816cf8bceecb7ca9d86b1b6f7d","size":228175,"data":"","first_seen":"2026-03-18T09:15:17.810072Z","last_seen":"2026-05-12T10:22:31.89447Z","times_seen":888,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-loader-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7fcfc2dad8a5a21597675f84c0a2cec","sha1":"b43be391d0a3bf209b3f01cf0f29b68311c03ab7","sha256":"44c1a7b71b2869d83d2f5198514dfb2e60b49c51b1edad87daa2af977842b045","sha512":"cd2e09e595efa89578bc1b4358d69798fa62e91e52eb29ae72999b4136eb6a4d66a0a897d43ad136cb3070303e197a1c5421762c1348e6fff712ba30a49c8b30","ssdeep":"384:Eo39KdedznnHXcxZgulqaa5F4g5A4WR2vCk:F39KMdT3cLgulDa5F4g5A4WR2vCk","tlshash":"1a429360a50be2ac530342b488f5b956757ccd4fb8104075f0604eeedb8ae54bdbba6e","size":12361,"data":"","first_seen":"2026-03-18T09:15:17.817764Z","last_seen":"2026-05-12T10:22:31.882044Z","times_seen":792,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"win148.org/webfonts/fa-solid-900.eot#iefix","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/fa-solid-900.eot HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69bb651d-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":834,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Popular%20Games/Poker%20Kingdom%20Win.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Popular%20Games/Poker%20Kingdom%20Win.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13960\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-3688\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13960,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"612483cb7c4c4aa5e095732e42a4c8f1","sha1":"3e40974bc39bbc1451edd55fc89ecb18253e1d24","sha256":"70726ce960a8f8b35706644ab893f9810d8d27b95bb9a09c6294dcefb13e056c","sha512":"d2793554882b9fb853ca9876f6d64b5a76d01f28a757eed737a57338671f6becd34f85ea8fc1aee96da4b4dbfd63c6ea0fa4983dbe17c38064aaa61609ce2428","ssdeep":"384:KfwxF1TMrwFB8DpG9ahURYghXnTeeT59wSKgNkWMU:K4xNP8DpGfYSDX4S9DMU","tlshash":"fc52bfe21bf5db37cb9e3cfa42d36fa3b13c700d050e45c963166a659b26902f24d019","first_seen":"2026-01-23T08:16:29.857861Z","last_seen":"2026-06-08T10:12:57.619806Z","times_seen":76,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Popular%20Games/Wings%20Of%20Iguazu.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Popular%20Games/Wings%20Of%20Iguazu.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6240\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-1860\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6240,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5d941d4b5b6dfcefc0010f31add7311d","sha1":"daa0295797ff378d35310dfad70312acee3bf7e0","sha256":"417405331f2dcb7467482474ce7da3489a4631a70c9acb89712d503d0435b74f","sha512":"2bdcd387443727b5be7d543f2eaa7d6ef9d8f197b8668b305f5503681458d40fde7091481aabb3de43178d34ff02186549ba6315667f8534bcaa01b124e5a2b0","ssdeep":"96:mV6Elbw+iTEh/IEo/Nz6psMqURF6BVlrMQtKoFhQjhhpvTVzYdQpLzvuhHKmsIVF:UfwMh/UupgBXHtK2IlYdm3iqFYV/","tlshash":"3fd18ee823301e7cf97806b8ac69765a7f316988f256991c50879d8f360de4a7f5304f","first_seen":"2025-09-25T02:02:35.050208Z","last_seen":"2026-06-08T10:12:57.622763Z","times_seen":134,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-casino.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-casino.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-146b\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5227,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11d84174da9ed030c46d7df69e7486e0","sha1":"747a92c88f9760a926f518ba66f83e1ed3b97309","sha256":"abaa7df6ed39ef011610889e1b0ecb24ad24badd7bb5bf863ba46ff817a69297","sha512":"c6fac7d69cfb5a601b94f4d5a11a64412dd53b1680a50deb1e4f9fcdfac19248aa5fcc221168b589e4d42434bd1c5ca7a471c338a18dfbb2e0f9a4c14104d410","ssdeep":"96:sAR9jIvbvmuC/Alpsr5rQPgoJvMzptEL0OhM7tROV0fTPyF7LEXbQjpamgspeDX0:sAfmuH2sr5rQPpEptExM7tzTPyBLKMgI","tlshash":"bbb1687d4350c3bcaed9d5fd9f6290a4908d50ced1bbc34587eac66096e38e9f20d0a6","first_seen":"2025-09-25T02:02:35.010693Z","last_seen":"2026-06-08T10:12:57.591881Z","times_seen":136,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/sabasports.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/sabasports.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-1269\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"1f3020b661a06afe96a458859c3c7cff","sha1":"1a2bdc2e90543265d04d42670522c53105f5acbf","sha256":"ff82fe6d37d4c0a8714b16d18ce5d08f75968e686e1b71c30a783124f7dedc59","sha512":"2da36480856b22b46cc5b39f81ce86787b0ba260b9ebece4a715075c9bb48dbb90acd45b524ed317564f3f9060071ed0ff1ed454aa86a3ca935d018e015541eb","ssdeep":"96:aqQ+8/tARsjA+dRXr2zC0kyUh/jIDuseHh46WMy8HOM9TORnAy:aqz8/OejA+bXrO3ky0/jseCZMy8HOMmh","tlshash":"c1a17d0cf75eac09354268c230f9914399500df4c86a902af504ecdb2ab83f9ca9e5ef","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.269724Z","times_seen":1617,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/bni.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/bni.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-968\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2408,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"f974c6e54d22a2874c8bd0a5e0dd6280","sha1":"c155e13074e0908eebceaebed81db17d3e67f366","sha256":"1c0d8f733026c0d9d8ea471bee766e2398937de1b9c02d023c015757a425cea2","sha512":"2db584e2104003fc6ade26feaf40e73661cfa04128071ce9627865e57006b7514a025ffa7265a6d206aa53d44c39e9d7ff7bb2e8345dc31b9dafd6b26a9e924e","ssdeep":"","tlshash":"df410a4cb786a480e1cda69310ea4223c9154540ced6f56b541ee80b89681f8ddee5cf","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.615003Z","times_seen":1512,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/shopeepay.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/shopeepay.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-a19\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2585,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"410210f0e9a527ac10a6edce706a3e52","sha1":"41ac0fbaf4e303490de0da44bbcc2ddf0957d93a","sha256":"b546d30527e6237059995da8fa60d0ee5b99a8a1beaf0d9ca885323926d9dbf2","sha512":"7e6134ee07e54cd0800c5302d78a289b304b13641649ca46f4faad5df1966a49aa0202390cc06398a7c7a740fc84bf41b17b26a098d11b2d19424412241703e6","ssdeep":"","tlshash":"a3513acef606a90263dfed0834d79413c9036ec4d3f6e072d58ad44614a82f9a9e99d3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.275411Z","times_seen":1533,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/webfonts/digital_sans_ef_medium.woff2","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/digital_sans_ef_medium.woff2 HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69bb651d-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":838,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":838,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Popular%20Games/Three%20Crazy%20Piggies.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Popular%20Games/Three%20Crazy%20Piggies.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5250\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-1482\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5250,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5098507192ef5d73c90657b648e95c6f","sha1":"4cebb84c75b2261a8b2005310dfa34a7fa437061","sha256":"f7b4f08e3c45be0709b621b29c53a6a52172baa0a972066a926ecc75dc2ae71f","sha512":"3636174b8bbc11a026f0360c4258db27444edefba31b50049b9fe1332fad29531d39b728123bf4b46237082056645e3f1bfaeccbe2c6cc4b3301429f438af0a9","ssdeep":"96:m6Elbw+ioqa0QcKpcvWRH3kiS3N8sTFMV/rchZbiC9ue:mfw8v0QwvWdUiiRTFq2Z+/e","tlshash":"06b17f21c3949e29d12873f335b73743dbed791b5e409b8606c44b6e0714695e3cd62b","first_seen":"2025-09-25T02:02:34.963666Z","last_seen":"2026-06-08T10:12:57.619323Z","times_seen":134,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Garuda%20Gems.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Garuda%20Gems.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11216\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-2bd0\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"27772745cae61b61f2ee382e628924b0","sha1":"991cb018e71560b1051d7ff9c9f2a93d16f882c1","sha256":"5221ce94b6d1a18f809d66882c0ddc0c86dc2fcac41133ca9b0e6e1fb9ded1a2","sha512":"3f86964a8b97b1294f1d44570f406e006d8d06c7169410def13672bd8557485cbf05c3a3654dad5ca093d74a56a994bd8a9617900bc81254b5f98aabf038cc6a","ssdeep":"192:DfwG0Tcavn39C4nVpq2edKzZv65Y3kRWFzMluKHdBUYSvFRK24GLhkxDJY:Dfwyq39VnVpqc1v663kRW47DBSNou1Wq","tlshash":"0732c0c703168dbee22e68fab0a49bd5232865560ce22f1712dc27e1775c5d38612e47","first_seen":"2026-01-23T08:16:29.864364Z","last_seen":"2026-06-08T10:12:57.590303Z","times_seen":76,"resource_available":false,"data":null}},"time_used":811,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":330,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/mandiri.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/mandiri.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-98a\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2442,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"e81bd4992f0fe10cad81a83263d92ef7","sha1":"08b015eb1504581d3b9c858fd6770047b3698f70","sha256":"6b00a56d5961243a4cf2e0c59cfae414a8b3b528c7778eb3fae99e52a64913f9","sha512":"f9654ae9fb05790b84233d161227d0838eddb5225e3ea730dbdf67f15c1b2762cd06217e51faafb769c3f1fc38dbced9cb982f015cd6f5fb7a8037cfc4e329b8","ssdeep":"","tlshash":"b4510b8bc1d78d4147e5ca9131f2505f0d5246a0d7f5d029f98fd051a6f82f92a148d7","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.6145Z","times_seen":1510,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/bri.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/bri.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-a54\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"33b1568e97e2d3eb1f0e1fc24c13844c","sha1":"e76fd8087d2b1c706db27e318e728dadbb7cd2d9","sha256":"da04be9d1425d3021cff275d345cc1528863d6f93b48068f7867145424211039","sha512":"730731d241b2dbb9b740b8a592327904f7474fc8038e11b500bca4ec2d240766ef62b97288497765c85fb605a9f70746bcae1a67ab6b75110f9071c3fc0da164","ssdeep":"","tlshash":"25512b9de5274d41a3cddc403874e165c9639dc0cbe1f4a3fb0ec58a5d226e494591d7","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.591349Z","times_seen":1512,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/jenius.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/jenius.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-a1a\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"a526cd682aa74c97bdb4e9062dd3bb47","sha1":"9a576b670aa5ff27c5377431444a5b6e6fad059a","sha256":"887520873e323d8af25fc9ca54158e474139b38d78f0ae1097ba0bd27c09084c","sha512":"bd14d5c0424148137d6093f709b8a22265701ebeae2345415449e022c52f28e3f01e1709c06df9becfbf8af1a28539c6d60ddb0d0b828a4d70762e408f24ba02","ssdeep":"","tlshash":"5f51e729d445af023a0ce44724fa817baa0785c0cfe2f12bd58fd5372d647d999991cb","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.339494Z","times_seen":1525,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Special%20Games/Golden%20Empire%202.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Special%20Games/Golden%20Empire%202.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12044\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-2f0c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12044,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"09386909e40878a0b4ab1b46794244cc","sha1":"8c732eb5e87b37e635736f730acf27aed813a3b9","sha256":"588aa767911fa6e8c1831417242f1f6db42eefe13b5129bf607ff2c165cd1731","sha512":"111623b114ce54c3d95fd31b5e3e6dc9d97d294d3fdebee4e110d1f3a711b4a03751d73ef82a86d6383aba4be8203eb120a3f35cc63ed9b912571e7c7ff4f87a","ssdeep":"192:zfwALWrq6G4yDv81zjjkuo566DC5lE029PRYiOSSGWEn7GhL3zFK2IGZqMUkrSGz:zfwAUG4YCA966Iv27YpzC7+DNIL62/jK","tlshash":"5a42cf1f87549f29d2a29df821894387deb6d288de878358d60f2e12db1c581f648dc2","first_seen":"2026-01-23T08:16:29.853009Z","last_seen":"2026-06-08T10:12:57.617921Z","times_seen":76,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":494,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Popular%20Games/Fortune%20Dragon.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Popular%20Games/Fortune%20Dragon.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5828\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-16c4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5828,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"897df53cdb67ef1b74a7df726fc42400","sha1":"2ae99ca4a0b1c2a3f79e2f5bd55898119dc0784a","sha256":"96be1b48eba2f8db7179d53d2f09013955b73014aa09d36bcd771323f7386aff","sha512":"68fd2972ce8fbac3834692819abb8af0d938907a597c7b15b6c8572cd1bbf2f25985549e651e6d08677c460dbfceaea6587a97b1a0a104cb66fde5becdf7ac55","ssdeep":"96:e6Elbw+ixz/mOl4BrPaRyG3BGZxn+SpZ8hhD7KWkP76cfcSKu3M1W8LuadGcCpQW:efwduOl4IyNx+SpZiJKH75fcnLuatIWg","tlshash":"0cc18d692b98ba94e514c33097f10bc597ccbbb3924e9ba781b291804d3e546a99d1c2","first_seen":"2025-09-25T02:02:35.027683Z","last_seen":"2026-06-08T10:12:57.630332Z","times_seen":134,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-loader-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:49 GMT","end":"Mon, 22 Jun 2026 08:35:48 GMT"},"fingerprint":{"sha1":"64:36:03:BA:E6:36:1D:72:CB:98:C7:11:D9:8E:7C:1F:6A:03:40:33","sha256":"76:A3:36:B6:E9:D6:FC:48:B6:5F:E5:E8:12:BA:E2:18:57:74:80:40:92:BD:73:3F:C0:FA:D2:FF:77:5C:20:44"}}},"request":{"raw":"GET /rtv/012603032146000/v0/amp-loader-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://win148.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3921\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 10:52:10 GMT\r\nexpires: Fri, 23 Apr 2027 10:52:10 GMT\r\ncache-control: public, max-age=31536000\r\nage: 103116\r\netag: \"43c0c1e3818fdba7\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12361,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12245)","md5":"c7fcfc2dad8a5a21597675f84c0a2cec","sha1":"b43be391d0a3bf209b3f01cf0f29b68311c03ab7","sha256":"44c1a7b71b2869d83d2f5198514dfb2e60b49c51b1edad87daa2af977842b045","sha512":"cd2e09e595efa89578bc1b4358d69798fa62e91e52eb29ae72999b4136eb6a4d66a0a897d43ad136cb3070303e197a1c5421762c1348e6fff712ba30a49c8b30","ssdeep":"384:Eo39KdedznnHXcxZgulqaa5F4g5A4WR2vCk:F39KMdT3cLgulDa5F4g5A4WR2vCk","tlshash":"1a429360a50be2ac530342b488f5b956757ccd4fb8104075f0604eeedb8ae54bdbba6e","first_seen":"2026-03-18T09:15:17.817764Z","last_seen":"2026-05-12T10:22:31.882044Z","times_seen":792,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/cq9.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/cq9.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-ede\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3806,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"bf1d52938982261ddcc79fb95c2a67f4","sha1":"f51ff53053d641f7cf4bde754fc958e48d682656","sha256":"c919e7e1680f99113b1a2d673dd57218002ba9ca1b020c51d5aa035778038ff7","sha512":"0d5e74d3d48092626a8c2cee6fea119b29efab3fdf5aebcfa3a61c26dc02cd7ccdbf9e7655cfef3b9effa0fb9497338516bd8e03a85680f100bc286aab7eae7f","ssdeep":"","tlshash":"85716b68e6422841968cf5d6a4a81c637d2f00400b90e930c4dfc46a3eb6ab14b9d6cf","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.337719Z","times_seen":1672,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/webfonts/digital_sans_ef_medium.woff","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/digital_sans_ef_medium.woff HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: text/html\r\ncontent-length: 58296\r\nvary: Accept-Encoding\r\netag: \"69bb651d-e3b8\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":731,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":729,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/webfonts/advanced_dot_digital7.eot","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/advanced_dot_digital7.eot HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69bb651d-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":834,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/poker.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/poker.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-7c2\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1986,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f7358a3ce96703fdff679df4a742014e","sha1":"c013e734b1af0025d3584de388732dd57c287b41","sha256":"16a942ac22edf9d492ffa4c2540e47a9a2e0840cbe2c11880e0eaf55b0a010e6","sha512":"0739a381b2196318e7617b3fc05ab5fb7ed08abc080a67a63b0293df3c24f3681b86bef06ffb4ba76a0e565b61a5a1bf08bb84998ad9a629096da1d73ac4ef6a","ssdeep":"","tlshash":"4f419a3a4260c7fd8ae6e5fe9f61a864508550cd82bbc70586f0865096e39d9f11d0d3","first_seen":"2025-09-25T02:02:34.992525Z","last_seen":"2026-06-08T10:12:57.592404Z","times_seen":136,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/allbet.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/allbet.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-183a\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6202,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"65385a0b00807c78e9ee11e5e845f395","sha1":"856fc5558ff9ab52c6393ae0cbf830cae288d13f","sha256":"9339336ebd83063c8f03b0572ed4a5c91f3c12452145115387cb78d51980ac37","sha512":"452b8c645cbd6a457b2da98743b2de9e07b022e67f503f716946bf5bdeca3a5ab37b7ec759593679485d22ecee3747f48616324fcfec1e8ed569e7eeffc7dca7","ssdeep":"192:aq/ECTu1GWg09EuSqUrf6RxlO8not0Ww66P7g40Hv:aq/nu1GWRaORrLj9L0Hv","tlshash":"bad1af25ef83053188a9ecb095b226b7003fc7841d30d63579eadc995d319bae4fe5c9","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.280382Z","times_seen":1648,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/maybank.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/maybank.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-b4f\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2895,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"ca7aee98071b2d3880f94ca3dc8842d4","sha1":"eee1e7f874e610c4facdd9a8e3002b31a90af582","sha256":"77173f10f7b5dad589d402a81d207260826935ab02ae7cc52f7d9298f6a38eb1","sha512":"6a4850a3964c179cb5b567ed7e616330dd83581f2da688c8345274a25f93d195607f104da1cd8f6f10e3ecf1f3b5856fc33ec05d31ae454300ce89955a2aa583","ssdeep":"","tlshash":"43512aaceb10ac44936dd54019caa63eba334ac0cae9e1da314fcc045b911fce41f2c3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:12:57.628375Z","times_seen":1492,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/ovo.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/ovo.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-90b\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2315,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"c651afdf017b6e14b8ccf644fffb90e3","sha1":"cdefc9ffd4d0a101dd34fa8d0d72f31e20c203be","sha256":"860d314b9b8e36b5b22a81e02ea6d13290d85203ecb2e0ee3803ff5115ded872","sha512":"fc639ac833e9f4f15c6238d0c39ca5753acf20769db0a0a204a1554cfaf5fdb6bdcd75ad8f4fbb3643e9b11a9979548f9d4d6794eab648a875a202e86a293c59","ssdeep":"","tlshash":"d0412b46e6929d06079cfa9164e702bad6610f90e4f0e82b749ed40d0fe42fc6a6d5d3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.338611Z","times_seen":1543,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-slots.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-slots.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1020\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-3fc\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1020,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23b95a3d61204dbae99ee9598c232b84","sha1":"b2d1f47c47ffd9936018f8cd546c5bbc11eda960","sha256":"46ef029cae9dd6690787975ce9693cd0dbbb5bb11a308e22e6782bb1ca551fdc","sha512":"216fcad4ff2d0d72e2228e30299896a089d8a4bea0a231fbeb10fd76d1f28a2e59d18c6829ff8873ca3d24defddbb699522c1591fb159714a0144064718eef3b","ssdeep":"","tlshash":"f611af2d4500f7ec60a1d5b9af66af52207830c9b47e824456e3cf20e282df6f49d0d1","first_seen":"2025-09-25T02:02:35.02144Z","last_seen":"2026-06-08T10:12:57.610424Z","times_seen":136,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-togel.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-togel.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-50e\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1294,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"543c5d9a228553f77ea0d0d61de2c665","sha1":"18f393c1b981e2734dc90562825db6efd2dae323","sha256":"214f275621639f21c27a6bcc94a2f8657eec6c75fa36e2b1d396fe42abccbdaf","sha512":"0ad6e4f0081dc80bfd91b5d9979cf3326bf1dc438a2f03e6df56e0c5e6e27fd6be9e5152b2e96be0051f74717ea7279462d0d66e426064f9dfd1dacd73b7cdb5","ssdeep":"","tlshash":"9e2128bcdbac620c6a47df854b26d3501b4f60b43326e2ba8d5fc2b472034d8c187894","first_seen":"2025-09-25T02:02:35.035746Z","last_seen":"2026-06-08T10:12:57.601065Z","times_seen":137,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/pgsoft.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/pgsoft.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-11d5\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"07fdf68f6b80703be8dff396a5a89029","sha1":"20f259c2d1d5d61f611079cf2a0b9d15166208b4","sha256":"9c318ff5d70915d892c4f289c1e2e8c7008341feca61bb191df37cbfcb43a28d","sha512":"1e3dd3c89973d138ea3706b02b76f9e8c1450b01b01a9c6e51b055b445cfdcd154be5080004028b53a6ac3d7e629aa54ee74e12191081d287620e89cda2c96e1","ssdeep":"96:aqQ5GZ6y9rpNUfJRttoj7YA9IF9s/IPqeW+ygQdnvW:aq3p7YkkAqF9QIPi+y/e","tlshash":"1d915c4df002842536c6ea93c4d3f026a8d34dc1a5d5e72602ab881aaeb71a75d5dbe3","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.289793Z","times_seen":1674,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/spadegaming.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/spadegaming.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-c52\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3154,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"320cfbe4a80279d60708101c0b0e43f4","sha1":"944fff69fc23e6acf1abeada1854e9234805f5e4","sha256":"5737cdb9d5e20e199690ce65b1477bf50e6d76e6ff3af2ae1a3916eb52277f6b","sha512":"cd06cd28bcdbf5a094d9bd2650e182cead0348ae5e904529ade137b00e57261b3b48b4de5ec2801cf5f2ff3e820e2764b9b83d7e3e057e4b3a2ea42f13e83aef","ssdeep":"","tlshash":"99514d5ac712dd80508e8d0738e1e976e53574004b71a938bed98dde391c6e3cc68ee7","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.345664Z","times_seen":1673,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/danamon.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/danamon.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-940\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2368,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"3838d4b8102304883356ccf668653507","sha1":"65c93b99f83f22c41e339cfee892f80d6a0c1294","sha256":"73b1a331ae0d571fdfd8fd37b2d8b61d7bc40b7d5da1cfcedc36bcde48483f75","sha512":"edd8c2d85ed9345f153ba92047cc995fb15c720a6f7e7d8caee162e70c519d021abddf5abf988c5ba54c66702fa8fcb64397b9bac1c01223f555ca8052fd5099","ssdeep":"","tlshash":"b54108acd562d801964fad4030fbc33d8a614b409de1e10ae8adc16625a40ff6c5f0c7","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.588024Z","times_seen":1504,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/dana.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/dana.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-952\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2386,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"0ac7748e31189f27ac5971efcd30a7eb","sha1":"dd29489b4fcd79567d7c278c3eaf6388a76c77a8","sha256":"5c92696fd590f184864bf00db29cb20da1b443dfc93f8377f14461f35b09f547","sha512":"b62c34f57eefae9fd1754964e314dfc792c7466baef2b08c7331889b47a222f0d981f8a03de2db56fa97083e90bed1d011cd9c655fffe7e5f0d84ea82057a3a6","ssdeep":"","tlshash":"2b410ac9f512bd2166587c825dcb81378531808448f1f922989ef04dbe782eabd3cde3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.256165Z","times_seen":1542,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/webfonts/fa-brands-400.eot#iefix","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/fa-brands-400.eot HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69bb651d-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-populer.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-populer.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-dea1\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56993,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9b5331391c7d50582ee916756fbccc31","sha1":"10989f055b81a637a148081ac4011f0ec500d40c","sha256":"2e9b99156dfb4277494ed9647c2b5dabaa3ee655e2183de5f7310723bb72febb","sha512":"23489f7a23267e7e04f8382729c728de5561889598e15cfa1214f8ede30d8271c9dfdab8cc21e81bc82e828b0d6a32ac5c9e748920c8f9dcd690fcb7bd670951","ssdeep":"1536:iuI1afH2p4JUzDb28zmsXytBQKG7QF63cNEF3MnybQa:iuI6Wp4JEDb286sXePnRKFmybZ","tlshash":"d943f2423f007f784a72d285516cd15eed36684f39909f9f7ff38986a26e6181ca40de","first_seen":"2025-09-25T02:02:35.071904Z","last_seen":"2026-06-08T10:12:57.616957Z","times_seen":137,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/uploads/2026/03/Planet-Favicon-150x150.jpg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/Planet-Favicon-150x150.jpg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 19 Mar 2026 03:32:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb6e40-1153\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4435,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82\", baseline, precision 8, 150x150, components 3","md5":"0d587dbba7b1cc4ac652fd721a68a296","sha1":"ce99d8c775697f50624e764e9539277295f32899","sha256":"8481d17c69c611dbb0f396b75a8db77a3949e930c2607e30bcde30c5250b0670","sha512":"9e62f83abb836463f797f6e69dd76e7717d4ec62c4b568753e6c52a78e83be6d4084567c75dff1dc3a93d614f5ba98e4812a54f6ba9942cecf3a54af498aa72d","ssdeep":"96:3fEmdOF6XLY0CryM3rHlhsnAgH0e2M22LXma:3f744XLY0/M3rFAAkV26Lj","tlshash":"97915b530b021be2f4398e7f6747134ef6ee7c938869aa971130d726b4300da894ed9c","first_seen":"2025-12-24T03:03:37.125942Z","last_seen":"2026-06-06T14:49:45.107305Z","times_seen":25,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-24T15:30:45.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:45 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlink: \u003chttps://win148.org/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://win148.org/wp-json/wp/v2/pages/18\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://win148.org/\u003e; rel=shortlink\r\nserver-timing: amp_sanitizer;dur=\"178.4\",amp_style_sanitizer;dur=\"102.2\",amp_tag_and_attribute_sanitizer;dur=\"66.1\",amp_optimizer;dur=\"16.5\"\r\nstrict-transport-security: max-age=63072000; includeSubdomains; preload\r\nx-cache: HIT From win148.org\r\ncache-control: max-age=0\r\nnginx-cache: HIT\r\nlast-modified: Friday, 24-Apr-2026 15:30:45 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}],"data":{"size":158274,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (34754), with CRLF, LF line terminators","md5":"d25fb2ffd5c8ffb7a2c5b84fb5b36076","sha1":"751c117b85b4de922ec6aec5341ab6ab14e20880","sha256":"726cb0b76d454b51a77f609d2cac95956a3890927b91cd92389612a171d3c4b8","sha512":"cffd42c993334212c01f6214c321f8131e229c383659d8ea0b52999ca6c8d344b3188ee4b392fd99fe0033e7a6805f596850a12987ab4656074f48ed739b2a17","ssdeep":"768:HhYWNMJ/UXyCP6yHqZhFU5Jv8CuC7LwZFU98tJFEXauGIEcSm8Yg4gPjnXB3Hh1R:CM36yKun0EXyQe","tlshash":"abf3a563384a102f6217c79161f8f5bb9d45c80fca325a45f9aebbc8c781e52757632c","first_seen":"2026-04-24T15:31:35.538849Z","last_seen":"2026-04-24T15:34:11.742487Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1297,"timings":{"blocked":563,"dns":230,"connect":166,"send":0,"wait":166,"receive":0,"ssl":170},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Fortune%20Tiger.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Fortune%20Tiger.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9930\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-26ca\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9930,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"79202bcd2793ac01dc2d904c67e2c5cd","sha1":"0c828da538db49b7baf6bd30addc921ee7dc424a","sha256":"27d8ad8629056991138ca12d9c11807cb4b622425ff7edf3ce2c6a88da59236a","sha512":"a05a27dc2bd8d21fbe3a95c2be417219eef15ed083c68e308e60faa2a57d780fe1f0900e443c9c5eb03c7f03be4e6dab4b254c495889ea1a165140e05c1a1829","ssdeep":"192:EfwqA+qSEfQRvctgr5ymxVnMv2CdIqYz8KXlsxUyPXRPiIZLiK7M9IGHj2og:EfwNt6T5NxVMv2CqqYzVXa1ZPDZ+K7M8","tlshash":"9422af247b255eebc1494f3a75b99b90533f3e0a2687451d6d089c2a83e94c5c4267f2","first_seen":"2026-01-23T08:16:29.884449Z","last_seen":"2026-06-08T10:12:57.630907Z","times_seen":76,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":170,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-sports.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-sports.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-8d5\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2261,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b20a49fddd0d926e7e58ed50a11d79a1","sha1":"11f10538f09b7253a1fbb831f6da312736d17576","sha256":"4a42f32fe9b71b31d4d4d31598631d21cbc718119c28b24337aef5b3f4d8052a","sha512":"898fde53fc5660117b20afc22e0f8184d83d687911cc5fbae99cc165581f29620d954d47ad980bd0d60e4d0332b9384112f331f5fb7505ac21bfc641c47d459e","ssdeep":"","tlshash":"32419b7b9b8cc15c29479308cf72d0a4574f60beb27fe6b259aee3b061578a4e053d14","first_seen":"2025-09-25T02:02:34.973644Z","last_seen":"2026-06-08T10:12:57.586841Z","times_seen":136,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Fireworks.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Fireworks.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10792\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-2a28\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10792,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d49d3d88f792ea606c259984fe4afa91","sha1":"dcb5c0f3b3ef52a5cba686de542741d078bc72a8","sha256":"c492a7ea13013935b53c2544db48d89991e79651895ead3b0ab169bfe1a28d10","sha512":"4aa447090dd0013e3dcf8140c593b2e3b3c3e3260d6480587b6da52a8e4a01f8e3b6b75ae0318b4c334c2f643b6949e39c6ff5ac416eb4dda2ab5fe353c649b4","ssdeep":"192:Wfw3EtOhBCcMtqYrknjqhOYWdwVhN/oQYA39ju0sgLioDBgo8Lonr:Wfw0EBYtqYrk8OYk+/wQYA3JsCVgoj","tlshash":"d022c06ab7184598e225bf31487bca5deb2473608c4b06ee9a2d4def4312c316024c9e","first_seen":"2026-01-23T08:16:29.87931Z","last_seen":"2026-06-08T10:12:57.59292Z","times_seen":76,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/pragmatic.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/pragmatic.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-f70\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3952,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"2b7c9803856443d10c0ec7ba404448c3","sha1":"02dd3b31dd3934519bbf7f06335e556c66d3b3b9","sha256":"63aca758fa264a3c3ef204bac37c08e30dd8d06a308bd77194884a343a086dbb","sha512":"ca1492e4fc6743741ae13ced3558bc2d4d136021ccb39d425d0ce73f42ae27fb9715960c740b98ae643c7068f022262c349c231cebda78c2991d050250a0a6ba","ssdeep":"","tlshash":"c1815c29f2c05f059194996258fd293791f25e50d5a08e3e8bebc47408282fa897ccff","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.344538Z","times_seen":1674,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Special%20Games/Olympus%20Wins.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Special%20Games/Olympus%20Wins.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28356\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-6ec4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28356,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5850a3ad3ef6715817e2e09de6872288","sha1":"417fbf2ceb33c54a7ee5bec3cd72a94f47de0342","sha256":"bc4f79caf19dc802e01d2f341eec73bf6bdf7d429befa113a95a4f494038d684","sha512":"d0e61d2466c4d17029b7bd63a2db03fc1fc31fd84dba77ad3a37a84e30e1351389e55a249a7c351ed05a53cbd1e11ed3d1fc8e7d401c987989f0599e1bae1d63","ssdeep":"768:GFYyJye3So6IU7neMbOkaZffRY6dhLDwQovu+Y+DM:qX3Y7vbgffK6PfwQUBzDM","tlshash":"f8d2e0787236ef9ef415fcf8508187bae98b64b9c7b9070342d8857540a348bed052ee","first_seen":"2026-01-21T02:34:00.910073Z","last_seen":"2026-06-08T10:12:57.629859Z","times_seen":83,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-whatsapp.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-whatsapp.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-414\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1044,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c07eb2ac90ea41e70e261e97ab9d5349","sha1":"f66a1436d1c8a522cb850f890f565fbd4332b509","sha256":"c99c3511b150e8ec6c46e1e9461ac50cca157b21de6389e90d04f994f96d2dfc","sha512":"2a17cf3431b2959fac6814b28554d6679bc913766a2b9cf6d6877a789ff157a357536bb6f358e05099f83db1460652af92f955ed8ae7dfa68fc6a6712c661a26","ssdeep":"","tlshash":"32113ea8e34491b9ae2ba3a4861575f4b44924de90d5223487b0dab0b6226e4b25d0dd","first_seen":"2025-09-25T02:02:34.990836Z","last_seen":"2026-06-08T10:12:57.611642Z","times_seen":137,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-new.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-new.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-7b52\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31570,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a173b42136ae2cc120ffb3ed1c86f012","sha1":"e51c4ab12a6f22969239cba878300bf73c694ddb","sha256":"df07b31dff5f94f7d9834abe032a71c2ae90750bbec1b7a4c9065534a5d06a0d","sha512":"09b399ebbef75f2b7f69f829f83102c1febae661477e6fbb916cadd9feb23d461e3a7d2cf144a9aa9c1d9a1bb6f41b5afa66abf8ef28f4185f9ca7eb96523ee7","ssdeep":"768:F8PtxoRbbfdykklFZvuVni4ubPxVsfPcoV1O:F8PoR/dDavUnUPIM","tlshash":"10e2e00fce8da7ac5106125c303bbdae0cdc5f0d800c7aeeb5c2b5a725e755540b6b19","first_seen":"2025-09-25T02:02:35.015663Z","last_seen":"2026-06-08T10:12:57.625169Z","times_seen":138,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Bandito.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Bandito.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11522\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-2d02\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11522,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"78dc23e2b3a212fe912a4406c5da14f0","sha1":"fdb3332bd32bd5740f8fccb5a12f6d6b2553ddfb","sha256":"dd336d5ddf59d3554551ad83b35d0b6d5919c4b9d8d8bb3084da9c826c90c5c8","sha512":"2bdbec1174ace5d9296328992f1de17e9ffad361b8f061ffd8c3d76eaa1b3caa3db95d2571f78345e6449f0cdee607eb972ae6f99c30a6b12e9832190abea3b1","ssdeep":"192:+fwGsGlyfV8WXIFgzMYG5rHuuMEJ18sYOIZBbfD3e+DARAaEaHM7KCZ:+fwGx2VTIiAN5rHursuTbfjeGARAmY","tlshash":"3232ce1851c5005ce71882b8a0b08671e275a7f968f38b81a3fd0f3d7e84957e32d22e","first_seen":"2026-01-23T08:16:29.873102Z","last_seen":"2026-06-08T10:12:57.606197Z","times_seen":76,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/habanero.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/habanero.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-b6c\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2924,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"6fdcf2c4077e1a01c1387becb47eab76","sha1":"9e644b73bbfbd059798cb3f38a50afbb6d51c947","sha256":"063b0b0af325dd011bb3cd4f69e62c3ebb3e2a8033a9f255552a1ee6a47cc842","sha512":"0519f574e77eeb96f2b534b554d6e52300fdaa50c27711e3674e8b22400534ddf89a3a2e2d029b3e455f98423d4a1433964cfc05abb7ba29d32425256e1fa9b1","ssdeep":"","tlshash":"8c513e4cbb83da0ca18c7b521cf65106a71385869c81b8b4ed4fe40f4c70aeb5d5c9cb","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.329589Z","times_seen":1674,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/idnlive.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/idnlive.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-9ea\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"57238310e793f343a2749339be32a3ac","sha1":"95bb671a06008427ede2e08a5463dcca1562a644","sha256":"620a982845b3e7a490990f96b64c2c594bb4d418058873c2a3691e2d86b0cb07","sha512":"233da09c46f08c7b3c28d84317b19761490a6f28aebded877ac5941638cff99a7ec7ab61dcf2de28e71904a131a3333d1f4a8eee2e1f07fc80be9b90cf5a1ef4","ssdeep":"","tlshash":"4d512cce9a129a428aa9e54724e80011862b0a414860afdcf54bdc972d7617f416b7de","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:28:46.262853Z","times_seen":1542,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Special%20Games/Bang%20Gacor%201000.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Special%20Games/Bang%20Gacor%201000.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17704\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-4528\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17704,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cf565f7b2fe854a2e92874082706b1d5","sha1":"2e46a36bdcb1bc9088c65c0b049d566b8e36f3fc","sha256":"27164b3e2f7507bf0424f8844f2b141e7695fe0e96b79b0766038cd15ea68b0b","sha512":"1f1024069a06460478079c4d2e3bd8bbd7809975538b6457067500b9fc8f0d448117d3f21f3272fda7e9ecdaeda71ab24abaeb947ac5a936ae69bd0df1be1964","ssdeep":"384:1FYNg70811Us/ZP8y0jvk8nkvG3DpFBAntLz1HyKwTGCgrk54bauSS:1FYyQ0CyWc8yG3DpviYKMGCaakBSS","tlshash":"a782c02c9e28a952dc26ae3008f29f79e1f27730cf7a76c6f1355ba94650041e9df294","first_seen":"2025-04-20T20:42:45.317495Z","last_seen":"2026-06-08T10:12:57.61743Z","times_seen":79,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Popular%20Games/Fortune%20Gems%202.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Popular%20Games/Fortune%20Gems%202.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7722\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-1e2a\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7722,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"395767ab50723b40425b2a6a25fbede3","sha1":"c3d21776170226aa219a67fb750f3d60d6113c31","sha256":"ffb1d637971247d2da54592361d5686f79031f68129d1b26711380b0500a16f7","sha512":"1e0b02a6bd5ccfffb75abc36f5ab2c22bd4e78ba9b0e5100becf8e5205ef60843befe1ba8e52335ff6992be9fb772a3b19186d4d0624d3f1e4552f4d5509c380","ssdeep":"192:sfw2Evm5UEAvQGp5pOGjOHZNCV3yhgubzIuF:sfw2v+EyzTOHZFC8/F","tlshash":"95f1b07713a029cdd5122ef5c4ee9fc3a394d1230962a44757f915752c193cc7db61ca","first_seen":"2025-09-25T02:02:34.981732Z","last_seen":"2026-06-08T10:12:57.627898Z","times_seen":134,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-gacor.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-gacor.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-1ca0\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7328,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"28be3ebe36b4f622b2c016a5b982ee96","sha1":"67cdee1777292763762d3e6bf2ed7be8d1778358","sha256":"728f042de7cb294c66d0ca3d71e2347b826069bf11aeea349e1fb455a80d5dae","sha512":"f83ced0fbe98802d88bd8405f0b38aa036c4f6c8fa95f334fbaa22bbcb3a66ee5901f985ca98c470214756d7ac0810964cfba6244ed23cb014cc91d5409813ab","ssdeep":"96:DDFFFFFFFFFojifevUtedzLnxFuSeznsKj90kt3x2YNNIfsCTUpBDKunKZhuiXu/:D0iix1Lnx4dzHj90ktTh+CEuiMyeSm","tlshash":"3ee16d29a178e46fdfe99177a06344642f1e5063f772a7c04ea203f35b49e5104aadfc","first_seen":"2025-09-25T02:02:34.993923Z","last_seen":"2026-06-08T10:12:57.605676Z","times_seen":136,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/joker.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/joker.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-1173\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4467,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"d6046ada089141ed514a2c248ba348a9","sha1":"ac6af3ec4c8d0025c3498501f0b5ff169f50fdab","sha256":"a5894ebe20a0a276641ce8fe77f073ea3127a35e307937d00d46606a6d07e5e1","sha512":"9bec604475449cfffc72317d9ece25fb7ec460b1f463d288052c6a436d26848116b60832425da59d040aa1f43ed4964d575442480231030d8e797a89daa3a494","ssdeep":"96:aqQRGY0xUhfkh08d2luU5IqeesF93z/mc1MYtWum:aq+0xUS2U2lueny93z/mcyYtWum","tlshash":"fe918e58dd037e0e5d5e0a9230e85d9688bb8502deb4b81e78d7c2cb42f8166c85f6f7","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.309495Z","times_seen":1658,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/axis.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/axis.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-775\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"8a33ceba37cba67565691bad0b376d11","sha1":"524d0127ba8fb90930c258d1f6dccc2e021596d4","sha256":"da7d51e54f2ec453b76dde1951be25a7e76d2cbd19ceb53b07bca4a09d950c94","sha512":"a3ecb95fc952a21271163c09059df357a3b3b0e94dfdd98f676b5edd4fcc20456e26f384b796acf63f6fe925919c8056b479a95833b1bd6962881993f1298d82","ssdeep":"","tlshash":"6641f9cbc0c3ac01f5aa951028f711229d1249449fd1e46ab9dfd81625b45f59d28dd7","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.242434Z","times_seen":1530,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/uploads/2026/03/Planet-Favicon-300x300.jpg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/Planet-Favicon-300x300.jpg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 19 Mar 2026 03:32:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb6e40-25a4\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9636,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82\", baseline, precision 8, 300x300, components 3","md5":"c5ffc2375ca661470ff62735926fa986","sha1":"11db5e08fccc0f6e7357ac0b9f3ddb411999e997","sha256":"32ef91e8de6f019506979dee12fb049564883080de1eb749c103e551dc7da4dc","sha512":"e713223b95ebd1945e84b511392006243972c10fdd03f39ae40be8e02690db3eac44d8a27af99ac480eb4a5e4186d682137e76d6657c84d71fd0983f61ec77d0","ssdeep":"192:3fq3PdjfVp2yDfjAHH03kctoloP4dzP6/plNJIKEWtv:PqFZpFDfjCH0UctoCwdzP6PQu","tlshash":"50125d4789068ba1157a1895ad031b6c2b1c7e3cfcd6e96d01739eeb7820bf68cac11d","first_seen":"2025-12-24T03:03:37.104902Z","last_seen":"2026-06-06T14:49:45.113919Z","times_seen":25,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Treasures%20of%20Aztec.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Treasures%20of%20Aztec.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10782\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-2a1e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10782,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3f6971171c98cb28509c0affc63e94ce","sha1":"e47f69d0eb8b4ba10f24da756eddc29dca248c77","sha256":"8ddc609407ad06f1e0d387c1022336c60eecced0e548bb0e5847b7abb8e14fa6","sha512":"765a42ce9ca6145749713bc6f8b87ef91bb5c8dabd803f8cc1ac62a48b7925d7eb1b96cc39c35dbac9f361ba6572b0e9524530ed4418197670a0fa68f48e4b4a","ssdeep":"192:cfwkJVT3gl2ILouPsfTfyZT6VXVA06jmvBl6roYQSXWjDiN0n+BkXoNiv:cfwk3Ql2IoFfe6VlJ6jo/nPzeBwv","tlshash":"7422afb133a018a2de9e8fb19a7b4fe7224c4534e6324c5900149771ee8219de32d3f5","first_seen":"2026-01-23T08:16:29.869802Z","last_seen":"2026-06-08T10:12:57.598039Z","times_seen":76,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/telkomsel.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/telkomsel.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-aa8\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"ccfef8b817b38862ea38cd51ad5eda48","sha1":"7bc6d8db79a495b725ad203aa9228e9178b8ac0b","sha256":"1efc5dce3145bdeabd5c9549aa768207802f3d94f85af872e74e936dc6c6e32d","sha512":"dcb90a21a291fb3d2bafb121ecadd54cae3dbc1972a5058f943c9e3335fe40efd0684adce586a469094a3e9bbeb73f89942c2da48a363ff6e9ea8351cf168002","ssdeep":"","tlshash":"ab510ac8f9856811b2556d9728f86037ce095880cdf0e09669d7f122687c1fdddadcf6","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.334295Z","times_seen":1539,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/gopay.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/gopay.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-a06\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"b8771de54536e9d754dc58a51d9da827","sha1":"5740b8950fb4137da7040b6e929fef6a371504d1","sha256":"450c5693b4a594e025753ada485c95646f6f9b95434887a2b9be52776aad1397","sha512":"6388ef540f6228b2423372814408aaa0bdc01ea66dc9dcaee162c9b0813677177fadac544b34ac7f6b3b472bfd186b9f1d6a86921e3f5794a6b2fa9fa8a06f9b","ssdeep":"","tlshash":"fd511a1dfd04bc43315de2671ce15526ca04acc0cde1da2bb65fc417aa746d04aaa9ef","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.281267Z","times_seen":1543,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/webfonts/Lato-Regular.woff2","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/Lato-Regular.woff2 HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69bb651d-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":833,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":833,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Special%20Games/Gates%20of%20Olympus%20Super%20Scatter.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Special%20Games/Gates%20of%20Olympus%20Super%20Scatter.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 75668\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-12794\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75668,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"01fe5da7b4269eb1c9d1e45127eef691","sha1":"9f3e91297f474caf63fa864136c169beddc952fa","sha256":"346324fd057e06d67f4a7cb8bfc56934d25d6ec11dec8744db22082160dbeae1","sha512":"01c680ec30415613e124ccd45ea5f6f7ba691cc7f3f6da6d33995f476c1350d31950bd7c284fca2dddff70aa527614c6ec19b36b4321f3ac4e1101a8b1caf57f","ssdeep":"1536:WCE/a4LDE+L8XKBzV/bQDrVGBbS/pgXpRYaJsHvoMD7:WUd+sKBzo4Bspg0EsPoM3","tlshash":"ea73027693c04784e4cc037feab28a18efc13cb64e46d287b5021167e50ebdee62d659","first_seen":"2026-01-23T08:16:29.891383Z","last_seen":"2026-06-08T10:12:57.589642Z","times_seen":112,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":333,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Special%20Games/Le%20Pharaoh.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Special%20Games/Le%20Pharaoh.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14670\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-394e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14670,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9b6993f8630ed645637f0ab7b551b605","sha1":"6e6bdd8b455cbeb6ced7d9cd1f9b538057a47d36","sha256":"28db4437904a6273bd764ea4848c12af17e3c82c6faafa6c34d81dceeeb3364b","sha512":"e1a33009783d0ee5794ec55ad8a6c891e5523ca9d3c67b7c4079b7a76d7db582f9623929e8f28b0cd6556e793dd058a5bb7de4f57539b6544c5e0d9c55fb2ea7","ssdeep":"384:dsCZ8S6XXM235Kq4BpViAUqBRJFnQma3RoEBnT8uQE:J3q8niGRJemahoESub","tlshash":"4362d000d932f9d6db3ae22a0dde63e960ac8997d10d92ac6d48958def34653a107353","first_seen":"2025-09-06T23:59:48.465512Z","last_seen":"2026-06-08T10:12:57.587424Z","times_seen":173,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Treasures%20of%20Aztec.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Treasures%20of%20Aztec.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":295,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-livechat.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-livechat.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 660\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-294\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0fe74872581c27e3f51f93a18e19a1d0","sha1":"de2f2c1faa635b94fbb43565b3dd4e60a0621730","sha256":"c299f2ad30eabe7a952a624f3b77e999c3247fb224aa31f3bbc9e1febd72698b","sha512":"5d6d8ae6e8aaed964219222ca6326e6351f6734a2a6efc8923c8416891cc4763075deeaf7a61f948f376d7fbb53b48b4fa4769ceaef6f63aa5926df21d7afddc","ssdeep":"","tlshash":"ec0123c6db14f2b444ccbf0d8f281924f362703a9a7aad8c402a79a48402ec97944d08","first_seen":"2025-09-25T02:02:35.003499Z","last_seen":"2026-06-08T10:12:57.604101Z","times_seen":137,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-fishing.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-fishing.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-3373\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13171,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"439bdfe15387b76ef423f9fbf3025e60","sha1":"113e188775ed15cb01b501661d259044f68fd062","sha256":"d504d730aaf9d549072f3d71aa56cf02ad7066ccf1e64bf34c620a07a56322b5","sha512":"7cee952c3305707b269e7dbacb7fbdae4020177fae5f6585557d93b59e72e32a273826a196b3b3b609b4f9d72c00e3726845c74ac2ec94e917304f453bccf6b2","ssdeep":"384:Io8mhbe1nfrX9GxO2O1pBtdKvSea+nmUKwR0hHPb:Umhy1nfrtGYHX9KKea+nmU/R0B","tlshash":"124240ed8b71e9dd1bc27d1ffe31329aae1d70f92a729664c27fd28a1092cd49304815","first_seen":"2025-09-25T02:02:35.012022Z","last_seen":"2026-06-08T10:12:57.603575Z","times_seen":139,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-livechat-gray.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-livechat-gray.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 660\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-294\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0fe74872581c27e3f51f93a18e19a1d0","sha1":"de2f2c1faa635b94fbb43565b3dd4e60a0621730","sha256":"c299f2ad30eabe7a952a624f3b77e999c3247fb224aa31f3bbc9e1febd72698b","sha512":"5d6d8ae6e8aaed964219222ca6326e6351f6734a2a6efc8923c8416891cc4763075deeaf7a61f948f376d7fbb53b48b4fa4769ceaef6f63aa5926df21d7afddc","ssdeep":"","tlshash":"ec0123c6db14f2b444ccbf0d8f281924f362703a9a7aad8c402a79a48402ec97944d08","first_seen":"2025-09-25T02:02:35.003499Z","last_seen":"2026-06-08T10:12:57.604101Z","times_seen":137,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/webfonts/fa-regular-400.eot#iefix","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /webfonts/fa-regular-400.eot HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69bb651d-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-08T11:18:51.090449Z","times_seen":12183,"resource_available":true,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/slider/slider.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/slider/slider.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 110128\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-1ae30\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110128,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6c52d5a69c02085f4cc8de84c0707639","sha1":"bda6763af1ec137410634e29eef06f427e992543","sha256":"6d1c8af857e60d0ac4f9329bb2d612b0b03e6013a3a383b6fcca8b709d587cda","sha512":"714d9a3d907eb1bcb42acd20973abea873848bc592f32446c1f69337171a1f3f8f17308089df0194ff1809977165733fa4b0d6dec9d44d7c41a8a778678a6715","ssdeep":"1536:BaacgU180llUIfj19+XNFZPuzrVTTyvTIiz4+x9FEOz9Q5SzmM4WSOG766PTcG4W:BaBLt+6jwbutTs/z4S9FN9QMNJ8ka","tlshash":"85b312223edb0652f93835fbd0d6872ef775be5f60c0e38659af52470698e0035a9422","first_seen":"2026-02-20T11:50:20.731621Z","last_seen":"2026-06-06T14:49:45.121602Z","times_seen":23,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/microgaming.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/microgaming.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-2315\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8981,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 600, 4-bit colormap, non-interlaced","md5":"35024fae2032dd7b3dc0b010485f7a0f","sha1":"dc34e370159f57dd72a3dba7651fd32830b06134","sha256":"a378192e0e408800f48c068c8b2b88841fe8dff5214c81f0f5bca386ab155794","sha512":"ba24370710fc7075072300b1c47bf4cca12de32e0dd24272b6961c19319d8b1701f8e1ccde37822f9e1d062e8d756319f14a49485f3722d1e7c705c363ea69ae","ssdeep":"192:M1eSS3IF+3ASIJ4vcwEZ2y9Y4eEcBXRhv9uY12RD2xUR5ZBe:y+3IF+144vcwAXm4MR9scULPe","tlshash":"4902bfd7bd432528d002f4f15aaf417a9dcd62436fc0664f400db9d07acaf9981bb182","first_seen":"2024-12-22T07:43:19.401885Z","last_seen":"2026-06-08T10:12:57.604605Z","times_seen":827,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/panin.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/panin.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-9d5\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2517,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"c73d8ac115c9d42d48b2a3184c198271","sha1":"d86449166ea1fa2d8581516a68f1d720ff16233f","sha256":"cf7cf632c75859639c5e47534b6760c9ac44013dcd5d7bfe4c045cca5414432a","sha512":"cf89a4ed50cc1a7cbdf02c6589df7e55b7c49eb3f31208d41e288fe46cee5de39379808280ccae7052fefe9a892cb1d78cbfc54576f0a2981b67e2a352a4e4fb","ssdeep":"","tlshash":"2f5109cbf842ad11a24e848624e741398f07c960a9e4fc71714ec42e1b386f6e96c9df","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:12:57.588593Z","times_seen":1504,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/bjb.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/bjb.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-af1\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"0c352bba8c9f63f53360785ea6b0b89f","sha1":"b69681d8e5dc381c3c716a0eff800c194865ba29","sha256":"cd619749431bdcb7d09e5a62bc4cd4ed17119e8ae6fe783cfe2b4ceb43d95993","sha512":"bea94e91a2dbb8cd33273be1222ebea8bfe1db00febe2d055a436fc5f5a5ecbdb23d2a61ff6e377215684024a8d2fae9b254c1cdc88835b002639c40d0780863","ssdeep":"","tlshash":"0f517c0de5853e079418c6927dfe60221c228980c6c0ea57281fcc06bb701c94f7bcef","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:12:57.621776Z","times_seen":1386,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/ww.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:49 GMT","end":"Mon, 22 Jun 2026 08:35:48 GMT"},"fingerprint":{"sha1":"64:36:03:BA:E6:36:1D:72:CB:98:C7:11:D9:8E:7C:1F:6A:03:40:33","sha256":"76:A3:36:B6:E9:D6:FC:48:B6:5F:E5:E8:12:BA:E2:18:57:74:80:40:92:BD:73:3F:C0:FA:D2:FF:77:5C:20:44"}}},"request":{"raw":"GET /rtv/012603032146000/ww.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/plain\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win148.org/\r\nOrigin: https://win148.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13071\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 10:32:17 GMT\r\nexpires: Fri, 23 Apr 2027 10:32:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 104310\r\netag: \"d1df5c7bf2e3a902\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46270,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46150)","md5":"a58da1d57698a1cc695b99dd54509103","sha1":"0f4f3468d3b795cea101223f7f5b881683629e15","sha256":"8c54a748bcbd623b9faad8d3c1ab22c1ccd0f7be17b449102908dcc6f2a2ba7f","sha512":"31d006028f6ccd9723c5239a0e04ae70abd90f30e6a5546e1a55640fb949527d97ff3de51c7521658c8177ac14f50906006c3acc27e039ee31a078f1c9fd4a5c","ssdeep":"768:bCIFh7NY3GBGJ87rpB67WhEAyn8fUVCjkzQbyFpPcsKdN4emH+bUwTKtgyb9Q:h7aCV7zfUVZepQ+2gOG","tlshash":"0f230bb433a6546f839284e5005a3009e67e2c663006d8fcf678eed77cb199795b6f34","first_seen":"2026-03-18T09:15:17.837253Z","last_seen":"2026-05-12T09:02:27.521545Z","times_seen":586,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Special%20Games/super%20gems.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Special%20Games/super%20gems.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14976\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-3a80\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14976,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5f58e5a47eed94c5897a52e1b0af6a98","sha1":"dc0256eba148be7f5cbb82af54e67ea299f97e1f","sha256":"91dd073544df4cd0d2aa865cad79a763f7a50556275a13afecb21d4c9195f3ad","sha512":"2f79c99b882ac1378a70dece13d3b96daf10eafe6d215081674a05a5e5a681d081a0109c462e9da3af6a85ff9dbc5dd8032631206c5ecb405f47353c99988c54","ssdeep":"384:Ofw17kUYsei4XAOFZo2YKPbbQMbH5nUuAVzXYquAqlvXcdxDH89lRXP68:O417kUYsei4XXZo2VbBFquzhXcdxDH8n","tlshash":"ef62e1a11d7bd35cf0572e7b17118c512171ed43dabb9f000c494b6ee6984d42c49a2e","first_seen":"2026-01-23T08:16:29.885507Z","last_seen":"2026-06-08T10:12:57.59699Z","times_seen":76,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Popular%20Games/Neko%20Fortune.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Popular%20Games/Neko%20Fortune.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5240\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-1478\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5240,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41d046726c7027afa163c27e5b38b67f","sha1":"65651805cc461c7b9f4e630cfb65e8417ef24832","sha256":"eaa15efa36dd1c5ce1fc3557000f90b8b445180378be86aa837fcb98e6a9684e","sha512":"a98a0ceafb17a5fbaab03345af9308ba426708323565f2a01dd2b73d456af8cce111a3f071623f48be8203f6943adf634660d1687afa8de9f0540436a8c3393a","ssdeep":"96:Q6Elbw+iswrmEJoFYPo0sruao1WlKC+UnVdDB/LYJ5u7b95Tg19NfQ2:QfwYwr9oF0iruajAFyhL88DWX9","tlshash":"bfb1af2b1f30161cf10e727611022b16eaa9fc733324a8b2ac44e3e417c4d52b4ab7d7","first_seen":"2025-09-25T02:02:35.038102Z","last_seen":"2026-06-08T10:12:57.62569Z","times_seen":134,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":494,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Bandito.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Bandito.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":775,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":294,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/btpn.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/btpn.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-8c3\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2243,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"976c8fc9ca31651f1c1ac1a0bca5f8b5","sha1":"475e902161a298719789a4ef4d23c2a873c599ac","sha256":"45482f8a293b7acb55f6a149ecc4854bb2eec381edf7ea5e470a2d8941cf1afc","sha512":"8538e4af5b9d5df88cdae37c2ce17d76091b11697e908eb4ac3da485ba8805f0dc66fc49f29cf9736ec14758000e383734b7827cfb03c17108b28c5a14b0bcf6","ssdeep":"","tlshash":"6a41f788da018d0253cfc96b3ce544464d22a940c6e4e6b7538a80890dbe0fdaf6edcb","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.626214Z","times_seen":1511,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-bind-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:49 GMT","end":"Mon, 22 Jun 2026 08:35:48 GMT"},"fingerprint":{"sha1":"64:36:03:BA:E6:36:1D:72:CB:98:C7:11:D9:8E:7C:1F:6A:03:40:33","sha256":"76:A3:36:B6:E9:D6:FC:48:B6:5F:E5:E8:12:BA:E2:18:57:74:80:40:92:BD:73:3F:C0:FA:D2:FF:77:5C:20:44"}}},"request":{"raw":"GET /v0/amp-bind-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://win148.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13885\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\nexpires: Fri, 24 Apr 2026 15:30:46 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"9983d640b1fca272\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41957,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (41829)","md5":"378e19c639fc5eb26999204f145d6e87","sha1":"3967539a257b804710a39f669733ccb0653c16ba","sha256":"d3cb5ea23badbae7dcde8f720c7f8af543ae561eca84afe9f87936920aad9a42","sha512":"1abb62b8a831f13ed1ba0a5069207ea5bec77eed2e353c4b7b216e3a52179bbb728516499d0ef4ce0320ebfa9a24d18b477b723717d11de7e2e5942b864aad70","ssdeep":"768:OXCnqZrZK6LtckYVUCKeTDTfr8UrZLHc5Ql0p43fHLt+9TlVcAPnK07+hN0ZXrda:bq5dqLAUVjcw3zVKpJ40zQyU","tlshash":"a213d9b17282a43647d608f684367016e32d2956340ac8ecf1aceec77c77955b2b9e3d","first_seen":"2026-03-18T09:15:17.846899Z","last_seen":"2026-05-12T09:02:27.47047Z","times_seen":587,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":106,"dns":1,"connect":11,"send":0,"wait":18,"receive":2,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/ttg.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/ttg.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-c56\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3158,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"f177a8c24f7d00627f779b1544f26d7b","sha1":"1f88ae42b70427e917294beb790bda84321cd08c","sha256":"2c7aa701640a5b7503e3ace14124357537d5698ad832c1217a7c3290ccb64372","sha512":"dc8232386fc9dc22e3cebe562d6c708aa078294ea16f30b4d0d8bf1349e0fe743d9a8b3a7f287732f46e8eae0a60e2f2b4674298bcbf78b7fbbe20d4eb5d02b2","ssdeep":"","tlshash":"66511b52f65a6c4255eda08478f294338a3305120a54f0a5d67b484b8d8b3ea77cdaee","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.279653Z","times_seen":1665,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/sexygaming.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/sexygaming.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-14c1\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5313,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"c5aee88302f1236b8cc069d281a05905","sha1":"048d3123ca73c3f9f4e432378ea4cfcf467de417","sha256":"ab8a18edde422524883a5beb8842c4008f032de7f45601c2b37d7e40be19ac98","sha512":"7a18e0b8691f451f47dd0cd7a91052abddc353e332a9a19fd00dd2e01ea45a2565bf23eb170fd940e989f12adfb78a18cc8cb9ce9d8c136665eebf3e7611fa7a","ssdeep":"96:aqQqwG/92LyPMnYMuvdjEnGg4aD4Hn468sZTbZCzN6idRw:aqNrwyUYTdjCg468vdO","tlshash":"22b17d99eb1b58817e6aeca23cdb0bc385069082a415768b3ff784af1ca5155074f9ca","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.326048Z","times_seen":1652,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/tri.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/tri.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-844\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2116,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"a9332787c6c2381c0a4a5d6211e61883","sha1":"8b7837da9a9f5ac5a05479d256620f6c106e8235","sha256":"86a466018abf53f7175f4909de0826d5a8d405082ac2355b55d7d196fd47d2dd","sha512":"b7493b3a7b53cca8e2f63e5d6788d26b3b8c5af4adedc51d9db25fdfcff9a84d44af024762596b98e0ebd79278bf1d653cfa1e70b5eee6cf2c2ac3b1622b8f1b","ssdeep":"","tlshash":"2941e998d5631c41578ae98b28e14b278a0249c0d5b0c55771bbc04f87341fda8ae4db","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.333018Z","times_seen":1516,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/linkaja.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/linkaja.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-9a3\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2467,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"aa19546f0fa57ec054f592623dde7e62","sha1":"19fa186480ac2121f2647bfa6446c6a9a88f3fdd","sha256":"800b3f95f81e845bc3bc92ecf7880f2c7f57a15e0dc3f855bfd3e591b783c7ec","sha512":"13c85136e6887167c1be424dc4b18b1f4773a67c4495e3f83884c6bc1fb143d02c9b0609940661a6e1f26f953f581e1fa128437b0a314bc00533fd9549065af7","ssdeep":"","tlshash":"7b512b14fd116c42829ceca544dbd2a289175b44dad8e47bb4ffd01209f12b98b311c7","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.326965Z","times_seen":1535,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-anim-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:49 GMT","end":"Mon, 22 Jun 2026 08:35:48 GMT"},"fingerprint":{"sha1":"64:36:03:BA:E6:36:1D:72:CB:98:C7:11:D9:8E:7C:1F:6A:03:40:33","sha256":"76:A3:36:B6:E9:D6:FC:48:B6:5F:E5:E8:12:BA:E2:18:57:74:80:40:92:BD:73:3F:C0:FA:D2:FF:77:5C:20:44"}}},"request":{"raw":"GET /v0/amp-anim-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://win148.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 1675\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\nexpires: Fri, 24 Apr 2026 15:30:46 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"abff27f00e178db5\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3802,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3688)","md5":"55b12ea4a5e5ddcefab1d262fbc0d8b2","sha1":"bcc63b9b719ee9ec94c0859d4e9876f05cef77a7","sha256":"e8a02555e6fe00cf4382691d569b602f62a67b6fffa922334f4348f2782b61e7","sha512":"bf62b120d5b5ad6b8dfb44e98ed42b9cf9f04719b18433aff98fa4b4e079f4a9c2bcfd3dc5d611710d184f32cba77187a56370ab76815ca4c7f8e680db0f7281","ssdeep":"","tlshash":"4971b8b872c5b5365bd63cd2446b5405fa3964363407c868b168dfcf293a85624b6f3c","first_seen":"2026-03-18T09:15:17.862394Z","last_seen":"2026-05-12T10:22:31.884863Z","times_seen":539,"resource_available":true,"data":null}},"time_used":969,"timings":{"blocked":464,"dns":1,"connect":11,"send":0,"wait":20,"receive":0,"ssl":466},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Fireworks.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Wild%20Fireworks.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":295,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-telegram.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-telegram.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 450\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-1c2\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":450,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"130e17bb2e5677382f4f4c7a3d0dbddd","sha1":"5ed1cc7f6c854de08e060a28d3189ac2361441f9","sha256":"36376f530cd534fcffa169655bfa1e630cf4859fbf44421b23c3ebb6accec7b6","sha512":"544973680718bebace3bbfad0e04a2f8fe44d57e73cf3cbc24e11877e4899f5550fb5c9e3afd13059454f9d7c1c8d47d8078f26de3e35a583f4d718fb55d3dc1","ssdeep":"","tlshash":"8bf05c3dc289d232ee0f47715b64b1a844c7e2aea4c556ec90d52a30b013bc4711d5ce","first_seen":"2025-09-25T02:02:35.0703Z","last_seen":"2026-06-08T10:12:57.596098Z","times_seen":137,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/bca.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/bca.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-a25\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2597,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"7218454f8ed20e47c89c49f43dc865a8","sha1":"b3fe2c42a0ef40da7db91efd05fb16be761bbc7c","sha256":"a0effe9a2c5b748a827c592cff324be42a330b94f053bd596dbe4b45f2c18152","sha512":"843f06f1b1bfaad41cb112a544753066f22c40738164e790231f0e4bc10c1f1a0e9b804a15149a538779556a00dd303098ded75d9892e7c246219aecc694104e","ssdeep":"","tlshash":"2e51198ce8525d40b61ee1a03ac2057f92128dc0cfd1e90df8adc80e13353e497288d3","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.594482Z","times_seen":1510,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/permata.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/permata.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-a3f\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2623,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"806f1354ac8e117d1752f9b2e317c551","sha1":"a989006a1c24fd9c5c5cc8eaf48be64a9eabcffe","sha256":"71eb5481c8ca4c22d6723f161b36d8a333ff30bdd2c90018b2b3cd2f5a5ce315","sha512":"b7633840558abf2a4145b874c4c00e4b57c3f9eb3043a0ec2d5b4b94b4ea426c8a6bb661808c86565090f03185aae964fc0584059d54beb12eead460f1a8766d","ssdeep":"","tlshash":"61512b01f9044c01e489ae8134e38569d83b5582e7f5f036b19ae8672b645ba4e7e9c7","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-06-08T10:12:57.594999Z","times_seen":1513,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/bank/xl.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/bank/xl.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-99a\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2458,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"84094baf12f6cd3d4d8cf7557478370f","sha1":"6adfff2597d1986ca93211709d92364b7f31994f","sha256":"d64a7c2b38bd2b08c842b2f714e402f0ee9ed9884171a6e1e95f57cd57ccf748","sha512":"dc262d4198e9b38b9cac4987ac803b9ec8e2466510793608869213a56110a44f696935d767fa4ddebd00873886715bb784ff039fe24fae0c166530cb14e90849","ssdeep":"","tlshash":"9751f80da68218158beb99c106ea40224f064f44ce84e0e7b44ed4665ab42ec6dad9d7","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-06-08T10:28:46.349948Z","times_seen":1536,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:49 GMT","end":"Mon, 22 Jun 2026 08:35:48 GMT"},"fingerprint":{"sha1":"64:36:03:BA:E6:36:1D:72:CB:98:C7:11:D9:8E:7C:1F:6A:03:40:33","sha256":"76:A3:36:B6:E9:D6:FC:48:B6:5F:E5:E8:12:BA:E2:18:57:74:80:40:92:BD:73:3F:C0:FA:D2:FF:77:5C:20:44"}}},"request":{"raw":"GET /v0.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://win148.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 63621\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\nexpires: Fri, 24 Apr 2026 15:30:46 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"1fb0813db2f9ea66\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":228175,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64621)","md5":"fe1b81f958d86c98e88b86960a4dc246","sha1":"eb7c9593cf4980bd7774efec7f9579a9227d021f","sha256":"958c3f227881fbb4eebfe70f950f16384382a519ac0b708a073ae809205e312d","sha512":"bd2a0e6ce8551a58f83c095f7c1c071b061ac495337f58fda6b7e175344003a4687de1185d9ec87b1bfd4dd44fab2d6d54a6081b884c034bca5d6dac989a45da","ssdeep":"3072:dHxofahpFRKNAtM0sK8NQgU9SutUvDK3p9Pd+g3:XofahpF+At5s2gU9SutSDK3p9F","tlshash":"f524c5a53296b03247e154f5d4774002e3296998340b816cf8bceecb7ca9d86b1b6f7d","first_seen":"2026-03-18T09:15:17.810072Z","last_seen":"2026-05-12T10:22:31.89447Z","times_seen":888,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":108,"dns":0,"connect":8,"send":0,"wait":19,"receive":13,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/games/Hot%20Games/Phoenix%20Rises.webp","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/games/Hot%20Games/Phoenix%20Rises.webp HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10514\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-2912\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10514,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c21289780e769a42652a13a42e6a18c","sha1":"7e820d5eac9c757b422e2ab0fab8d71fae3c5f0e","sha256":"3149b18bea2b3b126d286d12ba322f15aadd22c1880e708c27f4fab10eb32de8","sha512":"e2451a454add3f041720a23b0b948c093b6d52de9d770d759a5ba65d066ffaddc7b91d3123c1cfe775d5abf4a11472cff5f67e833ea1fb039a42910c9bc470ff","ssdeep":"192:ffwiL+1S04TeZDIsGtiVyHbZCEbDR/L8e0l1OzOVT8kTk/8GrYkPwn1ncGB4hzSR:ffwii1SfTbsGtMydCEbDR/L8e0lEzOV5","tlshash":"1d22bf23c396112ad01e9670a07e4f819ba0be53ef1f3d654f8467a8300e7cda5d57a7","first_seen":"2026-01-23T08:16:29.894121Z","last_seen":"2026-06-08T10:12:57.59752Z","times_seen":76,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":170,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/icon/icon-beranda.svg","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/icon/icon-beranda.svg HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 633\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\netag: \"69bb7563-279\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":633,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ce9319d68508af5b4cb02f2be099c4d7","sha1":"068ed6d403ba85b7b422b945ec1fb0be3cc03953","sha256":"4cd403b39fbba4ba333bbaa04098f4884e4a711a6b38380f85d95d7614022aa7","sha512":"d6289390cca854592a56cf5ded2a9b56a1ad244e4be5e9f993560612bf1665d73966e6151eafc3316cc4499e55221fe09b2f152b71e355bce8e6e27a69ffc1d7","ssdeep":"","tlshash":"04f0ddb453c5af3c8c65abe4ce7138f4748e10be51d483a9c750c1709182dd07694cde","first_seen":"2025-09-25T02:02:34.972533Z","last_seen":"2026-06-08T10:12:57.603052Z","times_seen":138,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/logo.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:46.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/logo.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-58aa\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22698,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 54, 8-bit/color RGBA, non-interlaced","md5":"d865c73f978160a73a668c55e8e94394","sha1":"5e5f514d9c7c2d29e9e31161eca23c58b301735b","sha256":"350ab9f19e3953bdb844d608638baecb690ecb14e0750ad7c92e70beba949ca0","sha512":"07bd245cf45f8c61be10feb8b4655d1c7ac9ecbd87d48ecb91c1907c3578351d99d0c2bdaaa3fc50bf19856064017b4bbb075a7a50c60fd3d245be61e3177fee","ssdeep":"384:Q1TqkhFILoFFJkk3W9NNqLu0VLJ5v5VeB9Y8PhpvKSCYRo08/STpylLTJit615hh:Qqw2sFFGWuOPI15piSCGVhqLnv","tlshash":"79a2c099c2eb7333b9426e5717367fbbf7ac9023692466963b4041e9b604b438e144bc","first_seen":"2026-04-24T15:31:35.575819Z","last_seen":"2026-04-24T15:34:11.679082Z","times_seen":2,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/provider/ioncasino.png","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/provider/ioncasino.png HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-c94\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"f52b79a28e4fe23c2d7034200ec49243","sha1":"9e7090b05b1e04a59609aaa74023d254829c9b86","sha256":"2f413a04bfddefa9057a4a1c09ffebb389b048bff9a62717f64a292f2257d288","sha512":"a869da32caf575eed45a705779742b96901ea431bc4722131c930c0909359141abaf346ae6d43bf29a67235d8f8ff3f4c2d8a6eb86932aa52671175129dfa8fa","ssdeep":"","tlshash":"1b611a5e9e119c0d785ad94138f8a09bc632c144a870e905bad29d2bbd342fb9495cff","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-06-08T10:28:46.261889Z","times_seen":1651,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win148.org/wp-content/themes/oranges/images/jackpot.gif","fqdn":"win148.org","domain":"win148.org","tld":"org"},"ip":{"addr":"209.74.79.40","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win148.org/","date":"2026-04-24T15:30:47.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win148.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 01:55:29 GMT","end":"Wed, 17 Jun 2026 01:55:28 GMT"},"fingerprint":{"sha1":"EC:BC:28:9D:28:45:7C:25:CE:FA:BD:17:35:CF:43:13:97:D5:4B:C4","sha256":"03:C3:1C:C1:E8:0A:43:F0:3F:10:48:91:67:5C:94:52:B8:6B:34:23:BE:C7:F5:DF:80:D3:80:56:A8:79:D0:3D"}}},"request":{"raw":"GET /wp-content/themes/oranges/images/jackpot.gif HTTP/1.1\r\nHost: win148.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win148.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 24 Apr 2026 15:30:47 GMT\r\ncontent-type: image/gif\r\nlast-modified: Thu, 19 Mar 2026 04:02:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69bb7563-8fa9\"\r\nexpires: Sun, 24 May 2026 15:30:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36777,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1280 x 223","md5":"cadad72de39ffd45e6f881b535c2b456","sha1":"0830ce0a795b877a74ccf8f51b3e576a03de3e1c","sha256":"f1947084d9691c6833651d4e1ad24f3fd488cb0d71f7f7d04e2b2944707d66ee","sha512":"553a85e7e836b9be76b506dd18c9aaca3014f378a891ce50fbbd0e7f311e36bd0fa1bca3864e0161877654f7593a7bc471df40debc98444269032e0ad1da5e6b","ssdeep":"768:eUl3MgYCDyGkUEvzjZGYR9+4tFWSvOtyv8mNqT4wpVfXvojZLSIzhN:eicgYCDkUE7VGYz+4jW1s0mQrpV/wjAW","tlshash":"f4f2f1f8d5ef8c4371f0a3b81fa712caac7b55dd0832172619aafdf225851e23400798","first_seen":"2024-12-30T12:00:34.360152Z","last_seen":"2026-06-08T10:12:57.599606Z","times_seen":328,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}