{"report_id":"d39c8075-c198-420f-8101-94c4efe3152a","version":6,"status":"done","tags":[],"date":"2025-11-25T08:26:32Z","url":{"schema":"http","addr":"bigwin181.online/","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"104.21.9.14","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bigwin181.online/","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"title":"BIGWIN181 = Website Slot Online Dengan Beragam Fitur Unggulan dan Jackpot Besar Setiap Hari","dom":{"size":100386,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8588)","md5":"ba6909353c7987b4ea931e8213839099","sha1":"231ee9c7d7b4e70cf3d0c1dca69600e9bf8ffa1a","sha256":"997cd1445cc2da58939c105775ec4f4c8a3f42f7ac5bb423943f8b3eee7f39c2","sha512":"fb3c3eb66ae4d38308c4a1028af8b99b13ee1070d79f427a7a0e7da7fdf5a97199e295cb454848af49d178106cec800ec912dcf3f213a685ce931d08a12f9850","ssdeep":"1536:gZ5F4g5A4WR2vInGg9qTvZdl6t6pz/DAaC+lf7Bdm2X2e4BlEw4eY7oSggZ7:IvZ2E8ecSggZ7","tlshash":"a4a31be2e9f4207851838356aba4ad6d3e1ac473d7220a08f37d9fd89fc3e45991385d","dom_hash":"domhash3ab756256ad41a33595a0e2fd198b534","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bigwin181.online/","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"104.21.9.14","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-30T08:26:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"bigwin181.online","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-17","domain_rank":0,"first_seen":"2025-11-25T08:26:33.3745Z","last_seen":"2025-11-25T08:26:33.3745Z","alert_count":30,"request_count":31,"received_data":1541843,"sent_data":14159,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"cdn.ampproject.org","ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2025-11-24T02:45:29.084539Z","alert_count":0,"request_count":3,"received_data":309860,"sent_data":1270,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"assets","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2015-06-13T20:18:59Z","last_seen":"2025-11-20T06:53:16.91404Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":392,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","size":12729,"data":"","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","size":284545,"data":"","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","size":7812,"data":"","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/skywind.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/skywind.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-9df\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TvZK5p7LhK5rQFMQBYTpxJ78wd700piwUF%2Fq5%2Bj03CihqCDH4ELGiRelmzyZofwjUGoE9Ji%2FgoqYgVuOnBLQpLQEElvkhDhd9fUpSV9eW5Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d0ea0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"a0b38f92e69d86d82b06b924702b94ea","sha1":"f274f160adbe994020f989734531a1898017c215","sha256":"dabaf93d04d9e3daa51e0d6e42a015c5db50c67255a8629388dc06913ccd7227","sha512":"918fcc9345bd7d59dfa7f0a016f7ef00044f3455ad53cd74471ae976e5bd38d0a8187c41e543269fce29140abe0040e3dae03127d15cadf34d2b58a5934b1c6c","ssdeep":"","tlshash":"bf512a68a076e436d7ed5ead07027b1fad62069048cdeecf65db366c8c3170966c805b","first_seen":"2025-08-04T07:43:21.458306Z","last_seen":"2026-03-29T22:55:54.731892Z","times_seen":48,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Lucky_Neko.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Lucky_Neko.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-4b24\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UnGBzwfpucfGgATLmhptrD39DxymQq7sq1f2x0SQHS8SVNEgO9c4d0GphvsEioHiYy4OzUgeHmNJ1RjxJ9dufWwTlvSMIZBp8XOzfThR8AE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d36a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19236,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"b06c087aa3f1526a775c9b3fd633f5a8","sha1":"a831d3ca5bc091e8f88cd1ed7c4f184db7a2e5d2","sha256":"4044872c3e5d744d5fb0695775ce46089c6b3406b0db8f79525586275c6811d3","sha512":"f5b882dea2fb321d361f359e52faa955bb25577c9fe9def543171b15eb95de94cdd7145c874b1cbd0dc977debdb6d2834c495b18d752ca7237a0359be65a2d74","ssdeep":"384:uUc6MbovGpR5xJHjPqGbgqoVEn3i2tnIsK0W:uXBpFlqegqoVE3iMI9j","tlshash":"5082d06d35cdc0e4a709e498696be0a41be1c8fe5a1d2171ac285c9fd06fa43c1f0c5e","first_seen":"2025-11-09T07:22:35.725861Z","last_seen":"2026-03-29T22:55:54.72012Z","times_seen":43,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Sweet_Bonanza.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Sweet_Bonanza.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-42a2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BwyqAH%2BF0mRJuEEZGOr%2B7brL7BZfhTXorjXYb1T%2FrGgo2Eh8%2FhlB%2FyKmtEQzzxhIveOYH6%2Ba5xD89r2q8UVKSLomEP9VUJRKdPRcl7ru36I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d44a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17058,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"6cc91fa9659038c1b7d61d9e8794bb80","sha1":"a4b3eb53937f96b210bdee83f6a457cb812cb67d","sha256":"c9b4652aadeb482f64a781e182c4c61906eb9df7757ac769e279b19770187123","sha512":"db568efeb0255d637bdb478274eb34b75275e14546beb2aa6a1103a46871de599a3e118c7db9a2e95d25aa97a3d0b0972f195f64c29746c983ba36bd5dd776af","ssdeep":"384:gLI/khOlvvv15BzHyXBc/F5Q2gYCn6I6VigPFHqe+7:i/c1n1vzN/FyV7oz1+7","tlshash":"ed72d0cb1b5789e6ada0bee10afe349cef51034c1148e11e692b4a8a46d8d3720675cf","first_seen":"2025-11-09T07:22:35.717301Z","last_seen":"2026-03-29T22:55:54.736122Z","times_seen":41,"resource_available":false,"data":null}},"time_used":876,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":656,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/logo1.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/logo1.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sat, 22 Nov 2025 08:36:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6921761d-2ffd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pXZwxgPd0ZIEBYoUsCKGV72torhuLY1wVto4RkxUQxzPSYzkIvSBiE%2Fs5eVQOoGRtPONYMd3dGLkRwR%2F6xADveJ3VH2PNfQWFDiwuA0SwTs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2756cd2a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12285,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 34, 8-bit/color RGBA, non-interlaced","md5":"3b9306f00a5001fd29003b5310ceb800","sha1":"f042172c292181f1b79d13efda58d1b81ced37e5","sha256":"61a287dbaad185eb8d3c6d6b6d756472990d573841318e640476765aeb033b77","sha512":"0b148fb4a78c171d67e5a08a2d13459dc9815fcfd81285ae4a78d845f51a8991efdfef5dd89e064f761cfeeb44ba01b79a947cc0cbaf6652257da38b19721b1b","ssdeep":"192:ooONgOLPXsAYnKj/dDJF3284TPhpHWWnf5ty9wAl6NfsytJf1FHOHNYtjUNCFl:lOWOLv5q8DJsPhnnf5g9tl6bT6K7Fl","tlshash":"6842c020e615eadf5395ae5f8d9252421d023b257e27dfbf5c2405312bc705fc22aca9","first_seen":"2025-11-25T08:26:46.285496Z","last_seen":"2025-11-27T05:49:29.246015Z","times_seen":2,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":658,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/spadegaming.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/spadegaming.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-626\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Q%2BlP1Xw6dyxxCKcCYyake73e0dPIyH80IVc8CfNXpfO%2Bp79L5luA6WS8Kx%2FBRf2ZQs4i6zo%2BD93Sx88vM8F9BuXCmg2yc%2BVe4KCX%2FTdfWA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d13a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1574,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"4827d3a0789913967f7fef1a211f2ffa","sha1":"11d42dd123c8966fb207a37592199e20b7f25fcc","sha256":"cf6e6ef5e5f492884b09c6842bcde098b9541a762e607eb7976cfbf63468e046","sha512":"04212fdea17a6a4defd3e8bf647ab37d4751a2e379e8e4d134e39392788c90631dc48d181cae0ff704ca36fd3f70f88c4dc19cabfa094ee3d830d0991be3f1d6","ssdeep":"","tlshash":"3b31d7ea038bde3d402d827902484f707a93905776d6d0ad630b88227ea53f46a9a17b","first_seen":"2025-08-04T07:43:21.423542Z","last_seen":"2026-03-29T22:55:54.744504Z","times_seen":48,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":647,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Neko_Riches.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Neko_Riches.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-4583\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rdO0YBvVkrsbwySaJRdRJaif35So1B9L0YKpxQFkLaWZaQBYtQt7G%2BtF1IfJU0yp1r5b45zZerHOpEV5jA6lhFXVdttZJH7KmvQQynOwwMs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d22a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17795,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"9ca6e941f69f9e0663be37021aeeb61f","sha1":"587684cfc0e8985ef083c4c71723ade5aa419545","sha256":"583e9ee19f4de73d8a7b280481fdb0949521a10d2012f316fb00b78c83ab04ec","sha512":"244aa46c7e400bbc76d6edb91f86e63233b034f34db709e720d323c1e207f6bb84159bd29dab8451eb3cd743d0b15050aec24266dfeb45797bb5bc2c63c1282a","ssdeep":"384:lUgvx6Gr6WxM7l2+xYQDgS+beG+KP3yuh5WWVHqedXK5:Sg8Gjy7xYQ9iPTkedXK5","tlshash":"b182c17308aabd019ca4c15f3f34c9e23c77874985fa72d2167a7d83931297e7ca8916","first_seen":"2025-11-09T07:22:35.729625Z","last_seen":"2026-03-29T22:55:54.755177Z","times_seen":43,"resource_available":false,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Mahjong_Ways_Two.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Mahjong_Ways_Two.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-5515\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yixDyT4L2K7RD0NHE%2Bqhr2%2FV1UB%2B7eJtfOvvjUhQ%2B%2BNWUuzJXDPAk4hBois0uFgaHl%2BpQeqX%2B%2BwMmvH18K4XaJqjgmAR6cbFf8payZbDG5M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d31a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21781,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"c90812fc1590eb7d67c3d139d7608cc6","sha1":"1c4e6eaed6904539f8e39ac76f384834c6b87bb2","sha256":"96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da","sha512":"8a71d89562a5eb56d106ad79a73974ead8b203dc0eb6005e96c401ee539a087591268d4734c3a8aa8a1875a7da827a610a33b1ec2018b9fc9f463cea6f940d2d","ssdeep":"384:6SIu0KRJZinbbngoH4/on+Nqq3a2Ad4GDEnWEusZfPPN0FuDb:6SPJZsnkonMM4GDTPsdF0FW","tlshash":"9ca2e0fe1fa011e907c0a21e76ebbd110e3311e64bd469c332ca76e93c95b40b582eb1","first_seen":"2024-04-24T11:56:13Z","last_seen":"2026-03-29T22:55:54.72751Z","times_seen":45,"resource_available":false,"data":null}},"time_used":877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":635,"receive":242,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Starlight_Princess.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Starlight_Princess.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-4db3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FX%2B%2FHcz%2BM3a20xiT3aZby3IjLManvo%2FRiR1Gpeml1OAwGxCT7Q5urvQmq8rNOOqEvQQk5Fl0Splqe4GDHR9VUhqlOjpqHXrY1LKPoRY%2BrrY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d47a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"c0ebcad0fb5984762cc644bb6c4d1f07","sha1":"66944da6c62d610f240c8fd23aa001ed06f2a3ea","sha256":"dd1ea8b312c11f8c6b57ddfd4dc5f503ef59adb3fa76cfca40fe0aa93ee65856","sha512":"ebe1dc238bbb47f64bdb4c9903d072abdefe3ae80d4aad2981ca02d2f4519838047f47945e2371d8ac41983fac978370c15e3275f80d3f3668bc7713f2988af4","ssdeep":"384:w7fr5c8+AsA0IYiOYLR3ru919tQl8itETlMNKwe3jU3ygDi+B1MJ3gThMZEA5sIt:k5F+AfWmLgL9tQlilMNheTUigDB+J8h8","tlshash":"1492d019b4883932159e9d3eee90d4a0fc60ad020a9c7fef66d1f8a5244e2623b02c64","first_seen":"2025-11-09T07:22:35.731258Z","last_seen":"2026-03-29T22:55:54.717025Z","times_seen":41,"resource_available":false,"data":null}},"time_used":833,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":229,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:07 GMT","end":"Mon, 19 Jan 2026 08:34:06 GMT"},"fingerprint":{"sha1":"32:DF:47:F3:2F:CE:5D:A4:72:56:ED:4A:54:CB:BA:6B:00:BF:B3:E7","sha256":"5F:6C:43:00:4C:98:4F:F8:E7:02:6E:50:3A:2C:61:82:5E:27:43:6A:FF:3D:DC:DB:72:AA:8A:A0:E6:C1:B6:4C"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-auto-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bigwin181.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2976\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 20 Nov 2025 06:05:41 GMT\r\nexpires: Fri, 20 Nov 2026 06:05:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 440429\r\netag: \"9215b9e0dcad338a\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7812,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7690)","md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/bg2.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/bg2.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kaqrN94DCwIib1808VGfeIAzr3L5qVXCZGI54zcqhv5P89bep3%2Fck%2FpHZZ68eJ5OxkvPMc3kwRG5m6F4R0JSFjeNOlyDxIqdYZ%2BJjvRMc%2F8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a3fc2756cd1a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-04T17:45:41.371143Z","times_seen":478428,"resource_available":true,"data":null}},"time_used":628,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":628,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/favicon1.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:11.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/favicon1.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:11 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sat, 22 Nov 2025 08:36:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6921761d-12ae\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AvfNEHBdEgVh0VF%2FCbUxc8uEafHV%2BYACE4SXvvInybwnoS%2FisIDYQ8Rysum8uCjMM1jpu4P9zBEws2Ka34hOku4D4BddGc60ahA59GX%2BBgs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc27e1be0a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced","md5":"fdff31bdeda5cabcb71ff3c94df23f9b","sha1":"22fba8b99b1d026108d882c3d7ca8a9d0575cab3","sha256":"41bb565ef5ea4fb2f27ec39a07c620a46c23d6789f7281b7e8701ccea93767c1","sha512":"5f70dd6f08cfbca21e6801e938dd530fa114d837141d2a4dad8cbc6e62ffc1f0e5496b05474534546fbe87e1d281e722cd147ad0627185772f1297922f4ab978","ssdeep":"96:ml+/oNrEWAws+v4ugo0QArszE7ZRiIG1Fqfs/ms/DpMSZAoRb8UMT:U+/mls+ZdpArszARircFs/Dp0wXO","tlshash":"34a17e1bd61c397c28d20319e92e709eb053528a1a96ba7e65ed3cf40760f5cc53abc5","first_seen":"2025-11-25T08:26:46.289502Z","last_seen":"2025-11-27T05:49:29.270545Z","times_seen":2,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-25T08:26:08.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:09 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 22 Nov 2025 08:37:01 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4DlUjaZikF5MxTulfwCDOcHay6sBuqSsAfQEJ8yqa6Xjmo7fHpMWJ1x1j%2Bg5tCAAlH9szgLqfsCpGM%2FQYrqu4Sv%2BwKGo1wg0U12%2B3MX8\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a3fc26eaf1256b9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}],"data":{"size":88840,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8585)","md5":"66c3fbbdef01af2c59d35c20764f5177","sha1":"21c322787e8567a563da006646ce6f3c9bd6f59d","sha256":"4c1f31708e6746afc8ce9186a03c663703dd42c206257c441651ce53fa546e1e","sha512":"c86a45ff50429d87dd85738fb9e113b466ad9f8bb8a31b088800bd8063c04422e293fae5f65429453d4316b1484731910a963047367ca5261411d6dd944843b5","ssdeep":"1536:NnLehmTvZ9X6t6pN/DSa2ilF7Bvm2l2e4DlEE4eA7oAggwi:NvZAEk2cAggwi","tlshash":"fa93d7e1daf020746186879aaf746c9c7e4b90b7d6124a08f3be9bd45fc3d85c94389c","first_seen":"2025-11-25T08:26:46.290309Z","last_seen":"2025-11-25T08:26:46.290309Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1072,"timings":{"blocked":103,"dns":83,"connect":1,"send":0,"wait":865,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/bg1.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/bg1.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UTc9ttFqg07HTPUakmeTUVfV00YcXsmiRxTmclEO5wQd99d339frERawtsp4nOnXGoYqUIWUmW41la5wSmNIJv%2F9V06TiDfTUTtwBOmD4qc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a3fc2756cd0a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-04T17:45:41.371143Z","times_seen":478428,"resource_available":true,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/habanero.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/habanero.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-72b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oT7v9XBFdSVbQeNrk%2BF%2F40jf04kiaWSPIwjqH1O0h1zaBqgUwvJm8ii%2BDnPbok1IHA%2BFVEvqNUxheh94O2BLwR4Zj478zxJK30tbInxbcdM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2757cf4a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1835,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"aca8bded8b722bae0f80ac17a6b02da5","sha1":"bbbf8781e136cdd33e88cbde73d4c0aac50d4a92","sha256":"5be6825417fad6d0fabbfc4d478f21ae8cb1ea46e6726930e206cfdfae4f8d89","sha512":"4d7368514ebc7ebaec35c9940aa7bf05d450e08578a0a0a7a293595f40aeae406ae5f531ff604d728f5caa24ce606a132159346b30665ae3b1c727fb8d3b3766","ssdeep":"","tlshash":"1331f87ecaeac2c967c0933b4f30850f2226705eda28304fe45b55024624ba8674dadf","first_seen":"2025-08-04T07:43:21.420087Z","last_seen":"2026-03-29T22:55:54.753857Z","times_seen":49,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/pgsolf.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/pgsolf.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-fb5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uRD082zj1JxTIgusjMDk8m%2Bwr%2FwzLFzu59fusyBZyCA7i2iB42k2FPt3ts075pMzhuSdjKPNPKuDrTtWpHBER51nUtDucoRhuiCcycNXRpg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d09a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"603b53c97069a97ab3894f04a3761284","sha1":"7660539b8be95b3f1d331cca7b2f68b8951efe43","sha256":"13593bc0028d6534b866ca46a2d4892b9644f01fe8ddab8581abb4e68b235e56","sha512":"0e1657059f30a6a96e117eb2f1711273fade6a70d081e4cbe4a73d9c2ce2d0fecd437e9cf4900a6a896d95e95b876e1eaca86690324397fd59037daddcef677e","ssdeep":"","tlshash":"0f817f5f97e8d97afa0035017706f0dbe07b778466d54cc01ba0d26539d23d9c514077","first_seen":"2025-08-04T07:43:21.447832Z","last_seen":"2026-03-29T22:55:54.725776Z","times_seen":49,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Wild_Bandito.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Wild_Bandito.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-4cb4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9wZFCF7Npc9HYME6Dgq2f3tkWYaWgrcwxgshVUzaib2aM%2FzskshOqnNgqx70Co9%2Bd2s2Wh7lGVUv5r8PCL%2Bzjrub2ZDb75zFbonNz7vMDSg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d2ea0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19636,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"911838672d75d53326341e56fb1ad30d","sha1":"14b2a86da3f9b2c518df7a4ca1ebbc5cf2377018","sha256":"1b7f4d32ec53ec79cc1a05b885628ff702c40a1dc88443f74b5da1712f8e2597","sha512":"f34b215bc5c3e540a478164c5adacc5bfaef7502b4ef881d0fbdcf26a7ffd460924d4ead6e1969840336577138652d6d68d509e1b5a5c782f7fe22ef5cb1bfa4","ssdeep":"384:VyeCrHpn+1XmIZN5znTLGt/dqmT4raYSpmG8yNcevGI3LeStN6s:VyeCrHpMXTzXGJdqmSSpmGTNcez6StMs","tlshash":"d392d1358a56fc132833e42b6140cc68d26cebc690e2dd824bf0e992f47c399c2605eb","first_seen":"2025-11-09T07:22:35.728085Z","last_seen":"2026-03-29T22:55:54.732528Z","times_seen":43,"resource_available":false,"data":null}},"time_used":844,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":223,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Gates_Of_Olympus_1000.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Gates_Of_Olympus_1000.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-11c69\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C0JN%2BcqLLliHzgQhMJ0mcYSE8hVdJAO9DWOkimpQNs6oBaiy3fX8deL4SU4H%2BNl413lhypsJSYPu1mxo9O%2BEDw3eJZKiVshFLVZtk0KhJFM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d39a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced","md5":"96eec605edfc20f387400c63dd86ed36","sha1":"1066777d76a0a7fb5751a5795af5185aed8da460","sha256":"d727af290ebf9fa32251c757ce0f9eb03accf041a88867d8270d09fa91282667","sha512":"14baa0cec2d2e79e94b4aed74a85f0dfa3066d6c4b6179c48301602bec5506a6c75ba2f5a1c6c43d6c50bc0c28ea9be9c9dc6d81a5c8cf9efa6e81547606a8cf","ssdeep":"1536:TQw3aNpfJiCcpdpPZkNHBZVKQYuCD4aSUZSzLBA:93azqpdpPOZBYuAqA","tlshash":"c563027b78836947cb47d3a8cb252da14db6e2b5a8777849e3c2b4e900240175f8df1b","first_seen":"2025-11-09T07:22:35.735987Z","last_seen":"2026-03-29T22:55:54.720728Z","times_seen":41,"resource_available":false,"data":null}},"time_used":1158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":645,"receive":513,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/banner1.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/banner1.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sat, 22 Nov 2025 08:36:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6921761d-104a2f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2%2Bnj0z%2FH%2BHzz2zS7PXhh5tf%2BCZwILDyBInPOn6cdVafnzWLvPLWfherem32kd7LCsolCfPaEI4jrMpvPS9KLmdC4ec1kYOuEk8bdAg9EczU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2756caba0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1067567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 736, 8-bit/color RGB, non-interlaced","md5":"8a4549e760ee1d43e9aca681459edc0a","sha1":"89640cdf245796096517b1cc2b558a4d5d6e5281","sha256":"ec88ebe6e228901f8e2dce2e5a3ec4eeff95056cd52445dc80d702fb41ad2691","sha512":"f856bb913dcd0d1a504138aadd54a8922c51da37de0740c656d719186b1c46c7f15c4be11107daba4d3965895decf4d756d38dcc4e51ca8bc8fdad9e96964333","ssdeep":"24576:c4BTt68HCG/qTyMjiVWfDnfPmCZaJOUHmsBqVRjWqh/j8cQ3:ESCGmy8iVWr3iOUHrBqV23","tlshash":"06253304b6f6c74de48248b564437d2f57a707c7ced38125aae8f63264acb112bcb792","first_seen":"2025-11-25T08:26:46.293443Z","last_seen":"2025-11-25T08:26:46.293443Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1785,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":1196,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/allbet.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/allbet.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-dce\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dZrTGg0ndN%2FwZHWULj%2F96ErqXBrjZSCjM%2FbTD9D9IrN1he5VPowGT4WY%2BJ0M49n6KoqF6P1MhNn%2Fvh0dIKu0N6WZvCvGX8wE%2Fslw9V434wM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2757cdda0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"51e841ba74e4368658966b1d78d2fb9f","sha1":"be2aa0358da2d1409ca1a9cfc9e455bc299af173","sha256":"fc7e852ad493cdc2e4d96fc8a64d843785d11f981a06a8a4a239bd63361924fe","sha512":"0b94353b8639b994d38e8923b8860833188c0a7cb4eb3247b317899668edda9ed27bd404dd9243e7444b39c3f9cb5b05a5bccbeeb877528a5d5b21f3ad5c2d77","ssdeep":"","tlshash":"22716dee850addd5143d4822f010a5f1e126e8f7c48a1909b763f690a6ef37a96ccc57","first_seen":"2025-08-04T07:43:21.408928Z","last_seen":"2026-03-29T22:55:54.728102Z","times_seen":48,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/evo.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/evo.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-693\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sxXLI8CN3gWD%2BDYBRpsNXlIWJW5htIinFz86VFJCN%2BdjslygBEdtakG%2BdN45W%2B%2B5UA5GO68%2BHTOYV3yZFnAv2QFBtEjp3W1sZHD6BEoVdlo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2757ce0a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1683,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"c2d872d6928a4be86156a36de8de115d","sha1":"c2408d7c23ab55594d62bf9dd0195e6be2fd1973","sha256":"559d189380c6d22dc89a967cf313d9e9bb9f15f9e1e261eb96327cc04036e217","sha512":"1cabc382a664902a64c00f8f39f70fa3fa70c7b42b376d127dd6c0cd6def197a669da9f08db5ac67603af285261c9fb4d7b4be20217a37860394c6bbff78106c","ssdeep":"","tlshash":"fe312c963951d18cc0271f2ee5ac5071c7958b8173e31ed74042e87f6cc8f96159471f","first_seen":"2025-08-04T07:43:21.430071Z","last_seen":"2026-03-29T22:55:54.723185Z","times_seen":48,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/pragmatic.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/pragmatic.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-d84\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0zCEg7a7Gq2S1FUOj4OJa6nRMPD3lamWS2XAbwO0wnjh0taauKswyY7dRcKR7q9xfFc5PmGvBe2PbarWsSp9Hqgm%2Bdrgx1Kn6fcUZIMcGyk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d0ca0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3460,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"b4d106ede927d2a0b504e2c47d483258","sha1":"69d064ee816b2e2805cee2aa97c63b51260f98bb","sha256":"7881852448bcb7772faceaf2fa11f9f759151b17d7f312f6c43f39a7134201b2","sha512":"5879c578834489440d087b11bfb01ac299be4801ddc3a53479304da19f43f27cc5d640f4a13e2c1ed8e7c340125f79470d0d320df14142f453af2fb0ae998e2b","ssdeep":"","tlshash":"3a615d659348e0fbad0db4f98205c064aed8c489b5399fd74b1e736c527115711946f0","first_seen":"2025-08-04T07:43:21.413418Z","last_seen":"2026-03-29T22:55:54.743734Z","times_seen":49,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":618,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Maneki_Neko.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Maneki_Neko.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-4ed8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xz2hJ5RvIo%2FMX%2F3wM3vxQEw22R3lqEhcz1KfalND%2FgWNShl14tSZOdH8%2BACaD4Gf0F4nNgX59kjY9kOfIZHCTY5lac0adRD5ARLjbYng6Xw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d1da0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20184,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"e399385611bd8b9127191b104ac628cd","sha1":"5360107e96c9c6c415586df7be5390d273aee91f","sha256":"5d9f673ecc3ac41d3a5b7fe6d4762515f8911ee7c3d7c44da293cd44535d4fe1","sha512":"7869b36389cbb60292b6dbd09fa02c9d621fd84fd0d17d36428aa5bc0dc6fd2c44a8e71840ebc3bb4a7142a0c42cafb7ef45f18cf3c93bc10ae76f9c3b13dc85","ssdeep":"384:HTNdSM613ujS4q7SWmQhUP8n07+BAnr0fbjo3Sc:cujS4Bs+Pv7rgjj3c","tlshash":"1392e0ec011dd1f6ecc517b9e5a49cb6430a2037ca05be495beb3fe60bf29156288e25","first_seen":"2025-11-09T07:22:35.714246Z","last_seen":"2026-03-29T22:55:54.719503Z","times_seen":43,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Mahjong_Ways.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Mahjong_Ways.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-4db3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IoN0ICw7NIFZ%2B%2BD6YbIHHpaNu%2Fp7N%2Bqy3ievC4kEtG6dOGAjAYqV8mqnJs3vX1Sfm2%2BJNfiCMGGEuaqU45djTjOd%2BoD%2B9zsHHoY3UbQjzIk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d25a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"61d1e492057b2a1f99c54ab9e8214aac","sha1":"6cb4ceeb0ef5850310f072e986d4094776d8a879","sha256":"a84b2a2f15fae03e8afbe9cb7ded8c4e2b0caadf04d9ab075376eee5cd575888","sha512":"9cb9f43db5baae78a3f0a8c78e155aadd7fb78d4a62882cea5cb0161d2e82b1d9877786cd666959be0d37c7468cee2ae366734f5210d66a5e4dc78cd46ba154d","ssdeep":"384:LuZ3Rn2ztAyd6A+0GLMxbDytJuOj8MowKbkoYoQu5tIpuQmP5JIY/sO:LuCxAy0HTRtT6wK9Y5otEuQmhJIYkO","tlshash":"0d92c0afc5e053c1dc7a063061cad9556cba0701e568d7660ff7df0a422cd895ca5f25","first_seen":"2025-11-09T07:22:35.71637Z","last_seen":"2026-03-29T22:55:54.716301Z","times_seen":43,"resource_available":false,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/sbo.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/sbo.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-9bc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VQ7QWhPfiKjlTIan8cIw7KXmgxcflCVdzcuvLsMI0FeeeukLbEctG0JPdys3pYpoa%2BcS5qjjEcdt0TiUhV6miWTNtnRqyb67PuTE6nXeKnQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2756cd4a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2492,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"1eb5fc8a2414d51a0f581e395ef1c3b9","sha1":"abaf9c42c0d9a66237d321a1cb63ffc63881a60c","sha256":"d9355c738b1f0dd9541be0249e15a433b2af6007ba9c779d7a4d65527cb866ca","sha512":"de3e2abc83d33a15186843634a25b8509e817e3c84e37fddd1546676b2345200d63a273fbf1b257178a9ede050d4191c0a3ded83e070176a3eb59c495c20205f","ssdeep":"","tlshash":"5a5138e3eb18d311f222293027c9a4a8cd80c854290f2b87e556c9bc0d18f04e328fc3","first_seen":"2025-11-09T07:22:35.721152Z","last_seen":"2026-03-29T22:55:54.721793Z","times_seen":42,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/joker.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/joker.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-15ab\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G9giLi6Kg53PtDlK5wK%2B9hVXWR4AjpaRgT%2FGtOwD31KqG4TgYoBB8kSVsBzmCPR8IGaBSkKJQTWhJ2LoUYiW76xTzkQUKUhHY0VgtXo86No%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2757d00a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5547,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"ccd70496b2f6669ff0d2d86d9928d318","sha1":"e826302ee622cc4764f7b825f538ad50a61f3843","sha256":"c5af13cc239036aec95da5fa61bf292907e84049c7a962d7421360054b3a6b8f","sha512":"85396a9adba6ab1968375ce0ab3a957975c4df065e7c785dec03861bfd0844343137b79e40de0a0d0f927c7f94763faf2b28e3f9a3368c8c0b0b50f9bec657ea","ssdeep":"96:3iklvDNCU71PseHmHZH637xL9ddJmIZn9alI+vgd6+QlV9wHGr8v5hXx2TzjGfU:S6vDNCfeGR639PTDgC+vgd6Bn9wmrkte","tlshash":"fab19f29a25f31c6def00b47f88e2947384a445349bd355fd838d5b4b5c65089e5e0a1","first_seen":"2025-08-04T07:43:21.399939Z","last_seen":"2026-03-29T22:55:54.72433Z","times_seen":48,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/playtech.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/playtech.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-85a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OO2tGUljatT5kYbswRsN5hCOQqy4iYaZ5jIpyZvjFARjf%2Bh8fwweUJu7sidfBUBbr%2BGSiGPx1y88RNga67ZUt%2FCIunorP14kdqK%2FGvnCUxI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d0ba0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2138,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"51240eddaf3c2d8bee4ebe2e35805cff","sha1":"bf7ca3ba327efeec1dc57a3759eccec5b243f2d6","sha256":"2fa5e88ebef8569d133724c0fbb4dcb6e6ec68898a00f1ff7c2b064d57f56938","sha512":"d82f9805eb741133135cb288390680852589255bf07f0890b9625d8540c61df4eaca97b77b7022008e7ea532f2798c73ee3dc9fdd25289c8350851c9c17bc543","ssdeep":"","tlshash":"4e412a55d6cedd65c165b4a1ca8eaef008f186206c384e669811fca1c0f8f5054db0ff","first_seen":"2025-08-04T07:43:21.384034Z","last_seen":"2026-03-29T22:55:54.754577Z","times_seen":48,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Starlight_Princess_1000.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Starlight_Princess_1000.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-5036\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=huWuCO0qRUwNQZau9BuDcoGwuYAlXgQ%2FddECqTM%2FW0Daj2TQA56UekhEzUCHuNpS7o1uZeZNs5uHt13ULyhqOl4jZo0SyQzxbFfjrRG7ZEE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2759d3da0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"8856089ab4b68d53bdd836fdd3576888","sha1":"81dfbda447ae714e52058a1e9ae7f02a06a92b8f","sha256":"6487950f5df3d7c69655c80faa7aebf12f4fd4f9cd379717a6ac00a6a83326e0","sha512":"ca858723ffc89ac94d82b22810edbf759bf8d4755d3e743cc38f2cf746aa239e44b8073d24d199699f9d81684fb27027e98fd3d6719253c49aa682336bdc56a3","ssdeep":"384:SNgtVerrhUVOY2bprkrAMDl2+Ja886egfdJNigcNYOvt2iq9DQCRxf7jw:SutchRbhiDlMgfdSgcNxW9Mkzk","tlshash":"9992d1201e5ad6536f084972c899cb5b803988b405ff6adfd32359bf96b64235caa730","first_seen":"2025-11-09T07:22:35.733101Z","last_seen":"2026-03-29T22:55:54.751813Z","times_seen":41,"resource_available":false,"data":null}},"time_used":804,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets/jackpot.gif","fqdn":"assets","domain":"assets","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.182Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jackpot.gif HTTP/1.1\r\nHost: assets\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T17:46:17.157563Z","times_seen":13340936,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/ag.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/ag.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-a7f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sc%2BFC3atnxx4%2BNLJEAZd7Yj4YeTrUjZ746LzJn5dujhkeGJfLQDq762t5kUbPoVYpUXTs7SYhthRv%2B3QDg80yxx5oX89%2B6OGucvEglDmgLY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2756cd6a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"9ec82a0ac2423d44bb1cda3855552475","sha1":"8828193e6fc256da3d7271efecd390da90178cb3","sha256":"6d7e3da449b02f557eae2ca54876242e463caa64c07e4ca876987c51ec43c7b8","sha512":"43a139f62f68c03fa17cbd62137685e142bf0b343a2856c6fefa997aa4b8f194b200b3a5173df9dabcab7698aefab6442730322fbac2359aa00c6ada80a06267","ssdeep":"","tlshash":"27511ae3a474fca58c796663073128b1174b88c862b88747108ce84895affac48f90e7","first_seen":"2025-08-04T07:43:21.434382Z","last_seen":"2026-03-29T22:55:54.753189Z","times_seen":48,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/slot-gacor/Gates_Of_Olympus.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/slot-gacor/Gates_Of_Olympus.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-50f3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=28hfK6gOPAy5c1iCVcIeOFOLq6mOpMGyD%2FQkRXyxigil9ajlwNfGuWUNCINJ7RuTbHCswCW3SXizXNVqvb%2B6j6fp7MvRWSYXAQf1J1fOWdo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2758d17a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"1e5dda3c08a922e0980da584b8c0e781","sha1":"483b8fe05f6c033d0fd95f506ddc2131c5fcc3b9","sha256":"67cf9cb897b74d1187d19cb8ce0930b791e577c8f0717a67900ea5f560e04c91","sha512":"6fe54cc3403bcf56009aa039b37fee907bc7b875dd031d563ab545bd127e0da6862e4cdeccfcf02703bcd3b18d106a59b57ac9b81922d2791235ca78e5b24b4a","ssdeep":"384:HIvJ9sxRVaZyWpCDC+p6MHdhZrFHC9Hrxcg7KiC2LoZ8Zd4kuOgSJ8BRWBLZAk:HFVeyWpCDC+p6MtrhEH9i8Zd4kuO9C4N","tlshash":"3092d08ef406e8ecb2550d69dc91aebb8d7404584b24fe45feff0a60cdc024c9224aa9","first_seen":"2025-11-09T07:22:35.713467Z","last_seen":"2026-03-29T22:55:54.713777Z","times_seen":43,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":232,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/jackpot.gif","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/jackpot.gif HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:11 GMT\r\ncontent-type: image/gif\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-919a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6xLo8Uf78FccK1wVNr7ziLL11c0r479bHd%2FjCqIxd8tAFcIv5ok27FVjeYvMdvTuU9prFwIzFJ9Gi2C4tq2W2oQKZnjAnPLF3OZVuvnosHE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2793ee7a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37274,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 944 x 152","md5":"2c3a8618de935022ed758178ae7f9296","sha1":"ade54978fa891be0e6c902c441f3e88dda8749dc","sha256":"c354e0c19cf4e773db138503626afb7627343c97bca47a8a3a894f71b8b13747","sha512":"c1b3550d6392274451be8d15d198e18d1f36a1c1a703022280df07f6ec25f8ed023a2e1b0f250ecf33e6704429556fbab35ae1c152f01211ebd7a5a2876eabe3","ssdeep":"768:uAeUNPDMWfSXshIElcF8vw1Ml6b8A+QXF9lXtzc0cyFHPpdkVzlE:oyDlfSchIElcavw1Ml6b3ZX7jvExE","tlshash":"06f2f14bca775ad88c7171303c3b112b5e0c64e436f6ac6954f46242b21761fb9c8be3","first_seen":"2025-10-02T15:47:03.186224Z","last_seen":"2026-04-01T18:07:49.50901Z","times_seen":173,"resource_available":false,"data":null}},"time_used":939,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":629,"receive":310,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/favicon1.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:11.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/favicon1.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:11 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sat, 22 Nov 2025 08:36:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6921761d-12ae\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DgWQ41baYigLvjfCgFjZkqnh1FmLhGTKBkuO%2BK71W6GVogeq9%2Bmas7zToSMMLrZ9jnPOBTsghmIL4pWa1kjwIz16AhkacGsfLQgy8U3gWaU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc27e1be2a0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced","md5":"fdff31bdeda5cabcb71ff3c94df23f9b","sha1":"22fba8b99b1d026108d882c3d7ca8a9d0575cab3","sha256":"41bb565ef5ea4fb2f27ec39a07c620a46c23d6789f7281b7e8701ccea93767c1","sha512":"5f70dd6f08cfbca21e6801e938dd530fa114d837141d2a4dad8cbc6e62ffc1f0e5496b05474534546fbe87e1d281e722cd147ad0627185772f1297922f4ab978","ssdeep":"96:ml+/oNrEWAws+v4ugo0QArszE7ZRiIG1Fqfs/ms/DpMSZAoRb8UMT:U+/mls+ZdpArszARircFs/Dp0wXO","tlshash":"34a17e1bd61c397c28d20319e92e709eb053528a1a96ba7e65ed3cf40760f5cc53abc5","first_seen":"2025-11-25T08:26:46.289502Z","last_seen":"2025-11-27T05:49:29.270545Z","times_seen":2,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:07 GMT","end":"Mon, 19 Jan 2026 08:34:06 GMT"},"fingerprint":{"sha1":"32:DF:47:F3:2F:CE:5D:A4:72:56:ED:4A:54:CB:BA:6B:00:BF:B3:E7","sha256":"5F:6C:43:00:4C:98:4F:F8:E7:02:6E:50:3A:2C:61:82:5E:27:43:6A:FF:3D:DC:DB:72:AA:8A:A0:E6:C1:B6:4C"}}},"request":{"raw":"GET /v0.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73132\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\nexpires: Tue, 25 Nov 2025 08:26:10 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"b52f38ef99ad402e\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":284545,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64627)","md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":98,"dns":64,"connect":8,"send":0,"wait":25,"receive":16,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bigwin181.online/assets/provider/ibc.png","fqdn":"bigwin181.online","domain":"bigwin181.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bigwin181.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 17 Nov 2025 07:06:25 GMT","end":"Sun, 15 Feb 2026 08:04:04 GMT"},"fingerprint":{"sha1":"B6:D9:5F:6C:64:47:F4:A9:55:4E:E9:F0:35:6E:84:B7:BB:BB:21:29","sha256":"BD:4F:38:60:83:0D:02:7F:69:11:45:F8:47:D7:49:8A:51:9E:1D:81:53:3E:EB:76:A0:E4:1E:1A:04:92:47:31"}}},"request":{"raw":"GET /assets/provider/ibc.png HTTP/1.1\r\nHost: bigwin181.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bigwin181.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 25 Nov 2025 08:26:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 12:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691b1967-7f4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c8%2F1DjX7Ax3G4TYZW2P4mu%2FsqoXstZWRVIK%2BUiYstfcyUACvJeoXDjXaDbLaV3nFru8XqXylf7nXc2t3sKVSAsgI8Zt6MEGnJDtUaEN4%2BM0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a3fc2757cfaa0f0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2036,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"c6ef6e99034bb0c02df5c0592230d85a","sha1":"f178f8c49029d68e8a71b2863ad17d82d4cafd8c","sha256":"a7a8143652db6d97b090e0d945bf646b08fcaf32616b441e2349baa1120b8bf6","sha512":"a12ce38d751d11f9c896056a67f5f7bba21cc02d615be44ef48b10c559ec5bec1901ced5a20ec4ec6f500d8a705b4b80b7a781cdaadbf1097b548db80055083d","ssdeep":"","tlshash":"7c415dd31169e93446e0e3f70596947b537801bde1225c58f11da9f305b971ac27643b","first_seen":"2025-08-04T07:43:21.441948Z","last_seen":"2026-03-29T22:55:54.723748Z","times_seen":48,"resource_available":false,"data":null}},"time_used":649,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":649,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"bigwin181.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.21.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bigwin181.online/","date":"2025-11-25T08:26:10.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:07 GMT","end":"Mon, 19 Jan 2026 08:34:06 GMT"},"fingerprint":{"sha1":"32:DF:47:F3:2F:CE:5D:A4:72:56:ED:4A:54:CB:BA:6B:00:BF:B3:E7","sha256":"5F:6C:43:00:4C:98:4F:F8:E7:02:6E:50:3A:2C:61:82:5E:27:43:6A:FF:3D:DC:DB:72:AA:8A:A0:E6:C1:B6:4C"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-loader-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bigwin181.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3937\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 19 Nov 2025 16:07:32 GMT\r\nexpires: Thu, 19 Nov 2026 16:07:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 490718\r\netag: \"a1ee3895c747c6e2\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12729,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12614)","md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":61,"dns":21,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}