{"report_id":"084a1965-02d1-47aa-b669-a0c877c5ebd1","version":6,"status":"done","tags":[],"date":"2026-02-26T14:37:59Z","url":{"schema":"http","addr":"universal-picture.com","fqdn":"universal-picture.com","domain":"universal-picture.com","tld":"com"},"ip":{"addr":"54.215.31.113","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"title":"WINTERMUTE","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"universal-picture.com","fqdn":"universal-picture.com","domain":"universal-picture.com","tld":"com"},"ip":{"addr":"54.215.31.113","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-02T14:37:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":4,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-26T14:37:36Z","timestamp":1772116656,"ip_dst":{"addr":"Client IP","port":52482,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.18.28.108","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2026-02-26T14:37:36.858043+0000\",\"flow_id\":1237512596014827,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.18.28.108\",\"src_port\":443,\"dest_ip\":\"172.18.0.33\",\"dest_port\":52482,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"ip.ddnspod.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":850,\"bytes_toclient\":213,\"start\":\"2026-02-26T14:37:36.837355+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-26T14:37:36Z","timestamp":1772116656,"ip_dst":{"addr":"Client IP","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.18.28.108","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2026-02-26T14:37:36.880076+0000\",\"flow_id\":1688366050449971,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.18.28.108\",\"src_port\":443,\"dest_ip\":\"172.18.0.33\",\"dest_port\":52494,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"ip.ddnspod.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":213,\"start\":\"2026-02-26T14:37:36.858675+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-26T14:37:36Z","timestamp":1772116656,"ip_dst":{"addr":"Client IP","port":52496,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.18.28.108","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2026-02-26T14:37:36.997994+0000\",\"flow_id\":48238299194072,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.18.28.108\",\"src_port\":443,\"dest_ip\":\"172.18.0.33\",\"dest_port\":52496,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"ip.ddnspod.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":213,\"start\":\"2026-02-26T14:37:36.991960+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-26T14:37:37Z","timestamp":1772116657,"ip_dst":{"addr":"Client IP","port":52510,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.18.28.108","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2026-02-26T14:37:37.040567+0000\",\"flow_id\":21770563306528,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.18.28.108\",\"src_port\":443,\"dest_ip\":\"172.18.0.33\",\"dest_port\":52510,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"ip.ddnspod.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":213,\"start\":\"2026-02-26T14:37:37.017440+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":3,"received_data":65059,"sent_data":1704,"comment":"","tags":null,"fingerprints":null},{"fqdn":"universal-picture.com","ip":{"addr":"54.215.31.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":11022,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wintermuteloop.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-17","domain_rank":0,"first_seen":"2026-02-26T14:38:01.890561Z","last_seen":"2026-02-26T14:38:01.890561Z","alert_count":40,"request_count":20,"received_data":2496177,"sent_data":10133,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":499,"first_seen":"2013-12-18T13:14:30Z","last_seen":"2026-02-25T12:43:06.823364Z","alert_count":0,"request_count":1,"received_data":114323,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"worldtimeapi.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2018-06-28","domain_rank":18362,"first_seen":"2018-11-05T15:58:25Z","last_seen":"2026-02-19T23:05:32.235674Z","alert_count":0,"request_count":3,"received_data":0,"sent_data":1470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sc-static.net","ip":{"addr":"3.163.248.4","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2017-03-16","domain_rank":3142,"first_seen":"2017-09-05T18:35:04Z","last_seen":"2026-02-25T20:14:02.006161Z","alert_count":0,"request_count":1,"received_data":59423,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"ip.ddnspod.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2019-10-25","domain_rank":4307005,"first_seen":"2025-04-05T17:51:06.28219Z","last_seen":"2026-02-20T09:04:42.493649Z","alert_count":0,"request_count":3,"received_data":0,"sent_data":1431,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.wintermuteloop.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-17","domain_rank":0,"first_seen":"2026-02-26T14:38:01.88283Z","last_seen":"2026-02-26T14:38:01.88283Z","alert_count":20,"request_count":10,"received_data":166786,"sent_data":6008,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"10568b780a0d314b06f4ae6be4a339f7","sha1":"2c0ba855511dbe4d8ce3bf061282976a34fd375f","sha256":"97611d5571f8e91da4b84e7fed039c19126ed0d05a358286b229ee99b23e61d4","sha512":"f1d5ba897fc7e7481668825a9b1fc036114a015a88759f3df8a3f52521648c16dcf66dd17116a513a7ccbc3f4d62eff48fde1b11b4905917762aec42d1009705","ssdeep":"96:nfkdoq1aBIBOjsXgInhubwM0eb9X+T60YTHs:nfkdoq1aBIBksXZhu8M0k9X+T60YDs","tlshash":"beb1991b69e56468a703b0ba8c3fa406b521042f099cbd407e0cd7769f8953daab4edd","size":5554,"data":"","first_seen":"2024-07-26T08:05:53Z","last_seen":"2026-06-07T05:03:57.018709Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f7d4fbff71549398ceffe8189db57c5b","sha1":"9ddc56ef19489e0d21f74eebc29c92b469ae6fd4","sha256":"ca663f53ed1b54e1f40c4b17ba2257f76179690249527bf88d268d9d178995a3","sha512":"bb5e60f5eec27743c6cfb79705632ad071bd6cdfffb44d8f0ce4e2c884c1bb531e06e6aa80bee647986c34bb4bad620495cd48c61e8d30441914687444b03b1b","ssdeep":"","tlshash":"e3f09e1b1886b07e53d760b6593bad5b322a11472c5119077d4c80242fe083d7ef5fde","size":623,"data":"","first_seen":"2024-07-26T08:05:53Z","last_seen":"2026-06-07T05:03:57.019407Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d30bf2ce505ae9387e75911e6e6a02b4","sha1":"337c39d5389aa300577afe07585b93a5d98977ad","sha256":"3f892fc1c9bb281b8758440251b7899dd052685cef87cae5702635dc2a088752","sha512":"1a7025b34cec889e2ef962fc421321620e1a9709e8c5a6aacecd829c897b5f7fcd83edbc3498924446eff1c7aa237487e1713454160aca46b988e78b9c7696fe","ssdeep":"","tlshash":"c0c08cc4a0d26d101e02a41020ef24e89024802674481b028c94d8882e220b09233ed8","size":139,"data":"","first_seen":"2025-09-20T19:56:22.389448Z","last_seen":"2026-06-10T21:35:42.644143Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"07855ad82014de17e2ebe423523b6464","sha1":"bc0c6530190b7ab109101c0074f7f9f02a134be1","sha256":"4f7b70c98f1d6a02941a91e05c3f218decbe787a5d46fb53c48b10e8daf705c2","sha512":"3e7ca687b43a1ab8c6a5fc755fe50cb531ff99bdb173feb2d16ea377d8c95e0fccf38dd1dcb12dfd9a087ecb86c7d02296e5e2b821acd571a99fc258c9eaf8f1","ssdeep":"","tlshash":"a4c080c4a0d2bd04371675a654af38d49028442670581743dde4dc543d130b0d237d9c","size":160,"data":"","first_seen":"2025-09-11T15:57:32.414843Z","last_seen":"2026-06-10T21:35:42.649057Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bbdcff399fdea9a5e6ba7b76e99cd25c","sha1":"9598c321977767c3375f0c256e29a2aa8ad93f75","sha256":"7759b1a1f9531da032ecee7bc448de9f497aa3d73fb2f5b7adda8e085f395752","sha512":"56d90dee46144b3a2b2b9b2bb807a812210213514507ecaf1d000a57164c9a2f9bde6dc066a144da213d921984629679a174a5cc0ad15217286e9cc295d03cfe","ssdeep":"","tlshash":"8cc08cc8a0c22d101602a45020af26e4a034882b70481b128c94d8482e220b08233e98","size":139,"data":"","first_seen":"2023-04-15T19:29:39Z","last_seen":"2026-06-13T22:58:24.220694Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c5d7f6a8ecd91ebf6cc974297f65c918","sha1":"33887bc7c32f4f1ca776e2da09a07ecc28e7cce1","sha256":"73f2d76b712bcad7f6c8699c180afd8cb5e44451c9a8005e4e8b5818a99dae6a","sha512":"91cac552941ef0df049023c4f9fb67c51f0782eaaa9dda76d4109f1435efaaf4991886d0eedfb47e33c508fb3b05b44cc946fa1877dad879398a8071b67a02cc","ssdeep":"","tlshash":"65c08cc8b0c36e00160264101aaf25e4a028402670482b128d94e8483e230b08233eac","size":147,"data":"","first_seen":"2023-04-12T10:08:15Z","last_seen":"2026-06-14T00:11:55.789851Z","times_seen":3022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/register-huqQJP1Q.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac5442e1f72f32e9c0fd82b70a7a7d4e","sha1":"d6719bef8a06c199a8a24cdbd0271ec91dc4ca48","sha256":"c52e7a656e26dbdd7d02949fc3a3356ba130f0b453b5adc1221bc146e6dac5d6","sha512":"b1c2ac899e33bcc60df9c842d536017b23ccf7d76f3263534ab68de439631eebd34d5fd2715f0cd0e217c48f0009d32e4cb26cb48be71002d0f6db06a926dd4f","ssdeep":"768:OEQbNqrpM9toHE2XiS/YrsPrcJqrpjwELtqPj4LquOxrTCh5moxETTiWQomXbhbE:OGQraLFqmxVcY5AEaEMWZyK17g9V","tlshash":"2f43e78c71f89cfb56eb65de3a274422f12f456fb440aa52c6789e473c23e509261f38","size":55325,"data":"","first_seen":"2026-02-26T14:38:10.466555Z","last_seen":"2026-03-14T12:57:47.266401Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/route-block-B_A1xBdJ.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"703a0c9620dd946cc85f5ccee2828005","sha1":"2cf601f3dec2169adb9a1f53d1c99f802094dac1","sha256":"f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625","sha512":"ae87c9f33c47a5457881291cd2dacae870d242aeeb8fb4b738e44315480d2fc14aa61b978bb41637d428db06df5e2bae0403fb8e9a326f52725826bc0b899a00","ssdeep":"","tlshash":"4680003a082000b230a0008cb2a0880000a0203c3b222288228802e20302080e888e00","size":27,"data":"","first_seen":"2023-08-18T09:36:36Z","last_seen":"2026-06-14T00:53:42.770693Z","times_seen":741,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"caad72fe48a09f8a060e5dd1477935fa","sha1":"f2b5ddb3021c1d3b5df6a518c7b555a7ffaeba39","sha256":"3097fffe06a687f15fda650f93d6f5303679a4fc78db9645da44a7aa4fa902fb","sha512":"1ad398a20e4693fe3fcd02aa2ffd3fa8f2c7bc1cafdc3778ed28300852491cc74174c17f930f387a3d75c02a35aa21100f56df21ee41f5222850cea0d1edee06","ssdeep":"","tlshash":"b731682918ea1118b2177166e17fe70d2725501b2dd4fc097a0cd2240f9997ee6b8cae","size":1591,"data":"","first_seen":"2024-07-26T08:05:53Z","last_seen":"2026-06-07T05:03:57.020035Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c771a56c31bff8ba6299f63241568899","sha1":"3d6509d1f412e744a937e891546180b1093f7ccd","sha256":"c0b3a74335ec3f96e25be399971bafea9e3513f821dd3b4009608de199fd4f2a","sha512":"f859c02090a494b60671d2dea13324fc38d926b315de977edb5889e587917facd9d2e4c1e73e0edb3f0112b5af30b8d05d33a173612c81f4cdbcab5bcf47a03c","ssdeep":"","tlshash":"7b0128e59986483146db31fa2a9e301070318003b908beb0386f15446fdd33ed3f6bd8","size":689,"data":"","first_seen":"2024-11-20T07:54:53.452195Z","last_seen":"2026-06-07T05:03:57.027217Z","times_seen":489,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseInput.vue_vue_type_style_index_0_lang-q3EkYUip.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d347828b949bf9bea44ad8a19e9807ba","sha1":"cd537bd405b92070aefd036cdcb923b140651730","sha256":"b43f285accadd17d811af49a6709b7677782a98e420571b61805b8b36af7798c","sha512":"19e3eac2e312642a3e5c06abb91b2b86aeed92675e7db2c3d07c80425984a5a4bd463bc66a5603d91d501eafa7e0f60bdd37cfd615f6aaf94017a198236bede5","ssdeep":"96:YpBMC8KUVJnRo0i40KbNk+XHyohJGXwj5wZXRkB1L8sKYuBkcWRm081QnLP7mnvJ:Ypb8KYJHBXHyohIXwNwZBkB1L8RYuBk6","tlshash":"55b195497ac07cb50b936dfe61bf2460e41eba4b7d24d985a0e4eda13e269009063f38","size":5437,"data":"","first_seen":"2026-02-26T14:38:10.476561Z","last_seen":"2026-03-14T12:57:47.291465Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/default-B8fREOxl.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8932c4dcedc64dbed769d77f9424bf5d","sha1":"7e42cbaf5e62f0a266f5f12b25ce823e06f56ee1","sha256":"1e49fea9b0a7185c28d6f658dc439a51c6b654e9ff83fbee6fefa8e6c2e03d43","sha512":"29b0f0bba2325cb339faa2f8e801cde5db6846329f64456dc51bfa8326531ff0f2b1c829ad53fc80dc9e94a4a77d12ffc35e5071c11f1dd41ec288465d7612d9","ssdeep":"1536:/uFlgua7D4N403iyVCqxHIn41p9zxIyV98:/6+nIN4EEgF1p93V98","tlshash":"9663094d35907c71639719fe2a37a085e12e6e5ab016e7c2e1ec8d433db792845a2f3c","size":70501,"data":"","first_seen":"2026-02-26T14:38:10.455986Z","last_seen":"2026-03-14T12:57:47.284118Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"94d71ca3d432c5a150ba0fec148bec8a","sha1":"f149c8d29e80003d26ed2e460cf5890f8bf67978","sha256":"5c8151446c3fb9fb384c25e941b64d83149cba01d5a7905fd2844d6b4679114d","sha512":"9e345046d828729d97f78fe91cdc987f97e0088d6de76d2171141348aec8b658006105e5172bfb5845491d5782b26c57a8c4245f30fab81daf9bd33adbc71ce3","ssdeep":"","tlshash":"24c08cc4a0c62d001602681010af34e49024402670481b428c94ec882e230b08233eac","size":139,"data":"","first_seen":"2023-09-13T19:31:22Z","last_seen":"2026-06-13T18:00:41.426462Z","times_seen":871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseUserTab.vue_vue_type_style_index_0_lang-CliMHsf4.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ad0ca790f526aee342f535a9eb39fc63","sha1":"5b88293f4779558327ffe12a45ad77b681dd7da6","sha256":"d56e096bc63f84420950768e3a3409e514c07a4c9312bf8034bf738d77ce4421","sha512":"54bc1477589ecf509d1b2d976b3f257606a07f0b9525e5c95875d3f4a3a0caf10e87e5745ec362fab00de3cc96282c6a7be7ad9420c73d73e3f04e5267fec385","ssdeep":"96:GrMZf4PERrKW27N4VySQT9/D+5E87W6dFMX/aGazTO+R+OWyVLoXApUiDyA:GrZER2dDUEcW9PaDTO++OvVLoXACiDyA","tlshash":"798164cd75d5b4f607aa2ae8273b0066d03ee9413927c985d09d49923e37914e2b7f3c","size":4107,"data":"","first_seen":"2026-02-26T14:38:10.462863Z","last_seen":"2026-03-14T12:57:47.289913Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8766d825c5bd2a811181b542945bbb65","sha1":"9ff690681c8b747aeba947adbdfbbcb450a8485e","sha256":"68fe516cf90e719d2feb46469a2772410eb445e9bf90678c321fc5fb490a46e9","sha512":"2bcc5c60fdc54523ca29b56ece9d1f09a726c6183e56ebfcc4d552aae986f76f2fff5b71c77aa7c1e7727b6068096413aafa534dc290d40efca2b9d4f7cb412d","ssdeep":"","tlshash":"adc08cc4a0c22d001a42681428af25e4a028442b78485b128dd4d8882e630b48233ea8","size":147,"data":"","first_seen":"2025-04-02T11:56:25.922219Z","last_seen":"2026-06-10T21:35:42.641599Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"76811db4a3d5546de19bc46f245652b4","sha1":"065ddba5bf95b5d1f278bb4a908a53fc4f0a41b2","sha256":"237e40d42319f90c108ee79382b7200ea26929d92fe7799cf0bd33efc343ebfa","sha512":"f7d218cf377027fbcbadd061e0a97768fe6955ff69385e531406117b74cd36e368441724eabbcca6f4424131d73e6f50baf10591dde8509fefd6f7cfa727dcf6","ssdeep":"","tlshash":"efc08cc8a0c22d002602a61020af39e4b038802b70485b128da4de483e630f58233e9c","size":147,"data":"","first_seen":"2023-10-29T04:01:47Z","last_seen":"2026-06-12T15:27:34.427917Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a28e056a6989b49de8bf0c6fe7a9078e","sha1":"166889dc07218cf99767d4179177e393a87c50b5","sha256":"5adba9de6f8cd98bd9f208363a88990f71f45bc7eaa3b277fa7fc86d54f0ecbb","sha512":"5fca1b898fe0243788c1e8403086ea2b8f6374b3575b8c71ff971b969f1e1325eb301221aad3fa4f9447bb8df6c43021297674123c156e4fd1a322d5cd3cdcc9","ssdeep":"","tlshash":"acf0ab0b199008319707b17a2a7fec0a1e42201f29646671be0c95109fce97e4664d5c","size":506,"data":"","first_seen":"2024-07-26T08:05:53Z","last_seen":"2026-06-07T05:03:57.026572Z","times_seen":599,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d2b2b050757ba3d24426c42c3e4676f","sha1":"6a3359c5389d7d41f4b9647878b29cf654f5fc63","sha256":"da3abe33f5dd2abd814eb50229fb90d0ab61f7553b0154dae0cf129be7e7980f","sha512":"1c678470e263ef5bc0a5f8b44714ccd7cac330e2a61742d4735579da012208167e3b6672534f5ed217b285ff49c4204cc060936cf2f2d7e1625e10df79bed04e","ssdeep":"","tlshash":"b0f0eb130cd900af6f2710bd2b3faa1236a41113044ac020fc0e8720af20e7c1724acc","size":656,"data":"","first_seen":"2025-09-10T03:49:42.458429Z","last_seen":"2026-06-07T05:03:57.031683Z","times_seen":357,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"34891d837510472385e0882047d64658","sha1":"61b8cd545e0baa1b04b62ebc5549f0fb8f533b42","sha256":"32bef447f9cddd7dce8bb9df1cd7c1abdf4d9ff6368ab3254995e05c4c8c3ac1","sha512":"ef0079309c46e8335dabc2cded9197aa16ece64c533c77e2bfab14437af0dd89159f4cbd13b556adeb7c372b716f2a4670a349d955f6fd6faa514d79b087bccc","ssdeep":"","tlshash":"3dc08cc6a1d22d001606641018bf28e49028402a70481b078d95dc493e230f48233e98","size":143,"data":"","first_seen":"2025-09-11T15:57:32.404287Z","last_seen":"2026-06-10T21:35:42.640022Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"36bb790e7a2fc2b78ed38d785c5fb06e","sha1":"3164f2ab3c7b9d0388b2ccd0d8dbd4162546391e","sha256":"1a2acc077a8febaf2bd08b5809a87295a71e96c7ac3f679ef6b1ab13adb5cdd5","sha512":"9419b10ada51d3a556f3daf9570f96d310b4524dcc9180be22c8f3f94aa5768110c080356fa4b5d809e76c7f459e4c15057a03791234e67680176cc94c38c5b6","ssdeep":"","tlshash":"a7c08cc8b0d22d202606aa6424af26e4a0244067714c5b138ce8ec582e620b08233ea8","size":149,"data":"","first_seen":"2025-07-26T09:56:03.559376Z","last_seen":"2026-06-11T22:52:33.981238Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/PhoneSelect-1pOm40zH.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a569214db2d91c7842687961c46b0e93","sha1":"8a7f41c51c81a743d9c31a0a21387d6386f3390c","sha256":"efe06e420ac6965569bec6ef5dc2bf8ab67188cbeb10debbe1ea5898bce4d75e","sha512":"abb8279dee8b6f153d77694e7206c0851673ab6adfeb3d5be3ecd699f30ac8c07f69bfd82d38dd37fbd26c1ad3e394f15e797747851bb95c4cf5eb6bdd610c44","ssdeep":"1536:S1/hHMa2nrNXQoJXDvu9sdFqChkw6Oga3/Z0Nuc+qwZDhBnNeOsfq9:CH9D9sdFDhkw6Oga3/Z0Nv+qQArq","tlshash":"4033e94521805ff953b1edc1d05be5069376d9863036adca70aabfe420d38db1a2fb68","size":53997,"data":"","first_seen":"2026-02-26T14:38:10.458512Z","last_seen":"2026-03-14T12:57:47.278559Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"70dbd7ade763706614c7ee99973dcc9c","sha1":"0b980ef4fe3e17d253fc2cdb672f1208736b733f","sha256":"b47f6cb105860d35b4ae512c22696a33157a365f4c885a33488f22ea8a3b6a03","sha512":"03c1f60831856975b61bea126ead239f116235fb0422178425d6b8c86553a3548d487c919f0f3f81e14de201680f63b7be24106589faffd8f3c56b28c2d19b45","ssdeep":"1536:pO5TpRdo54F0WN2Zbjcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV76/xHK8ITrm:s5TpRdccKFU76x1H","tlshash":"6eb32e4d6cb3612285b3b1bf8b5f924172759883301def20794d9b646f80e7c53eaad8","size":113990,"data":"","first_seen":"2025-07-29T21:33:08.487755Z","last_seen":"2026-05-12T02:27:32.127067Z","times_seen":3808,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1d2e741da93f46b00b851a1f3cbdddf0","sha1":"46965943b95d47c9d7390b05ed720d0fe71c38a2","sha256":"390359e285b664eee269fbe39b3e547e156a5356523395c62cf0ad044aa87f54","sha512":"9d5bc0446bf79a775655456ceb34a422eb0080ea2b7ab09e5bb69da022ee9d9d8c701bcb347dbd513647151ee393772096bf45f9f87cf82c3f07e870c090e483","ssdeep":"","tlshash":"69c08cc8a0c22d20aa12682015ef24e4a0248426744c6b128dd4d8582ea29b48233e98","size":149,"data":"","first_seen":"2023-05-11T11:46:06Z","last_seen":"2026-06-13T05:13:30.868436Z","times_seen":2898,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sc-static.net/scevent.min.js","fqdn":"sc-static.net","domain":"sc-static.net","tld":"net"},"ip":{"addr":"3.163.248.4","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"121189e361b1b6f3e7b0dc47fec6b383","sha1":"d98a2320209759d2f3f6d0991e45917703feb238","sha256":"c9c236ba3c81fd6f5cc61494d64d13153014817bc343fef249d9bf9826a5266c","sha512":"cdb2ea94f746977e8d6ad0d01d7f131f8adf9c32976e736d5f9b0a72151c1ed651d8fb31e27a5624bc5b8f780453be496348873b57a05c3a6743593c661389f2","ssdeep":"1536:kQ870ziaayzjPOevVJm0tlsuHrih9HHVZ1GJV51kxx0Kb:78chTl49dx0G","tlshash":"6e43d78cb7e9b02503973472497f541be33bb9646c0bc650c526e5883dbc69e9237eac","size":58763,"data":"","first_seen":"2025-12-10T19:39:08.014146Z","last_seen":"2026-06-06T11:35:15.665092Z","times_seen":12540,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-14T02:32:28.510262Z","times_seen":693211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-14T01:09:41.620925Z","times_seen":6252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"10e247b1e2fdabc6df5924c7ba030143","sha1":"5ffb3521af2f1de2346aafc24cd370f96eb2492e","sha256":"eecc77cda212e1b84aa604a30d271abf4f89ef8930c7527adb67f3f4e47bfd6a","sha512":"51902aceeb1ae468f85fba2fb32c97f1cd1b3ac9c0a5920ac0f97a073de2974584878855d9a8258bd080d65ee031f548be5238c84ebf1f5186bbc6b0a9b7117c","ssdeep":"","tlshash":"07c08cc8a0c62d202a06e91010bf38e8a038802770891b028ea4dc483e330f48233ed8","size":150,"data":"","first_seen":"2024-08-20T18:12:14.496137Z","last_seen":"2026-06-10T21:35:42.646638Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/index-DidECXtN.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f19be1bbe42237a30dc4197961c935be","sha1":"d41c3388c7db514250f342777ac558110e5e07bd","sha256":"8966748149262aed8940c006ac2c9a6af47fc02125077dae4f2c890db775848a","sha512":"5cd815933b6a1e14facd375a3098d90d687cf315659fa6db67d4aa37b4f2e1abbf1bae791976dd8819dca45162ad48de1ed510c29383bfa2f398e802d1485bad","ssdeep":"49152:e2LiZQQ8gKOcwJXWqb08CSWW5v5VqeVFzAARrHNFl:qjB","tlshash":"238584282a6bf3949558c0dbfa373c84c19dd18ab00b54d15f794bb31bb2752eaacd13","size":1816264,"data":"","first_seen":"2026-02-26T14:38:10.510523Z","last_seen":"2026-03-14T12:57:47.323705Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"43a144a646cd1c3aa47c6e97b8997f16","sha1":"751520d68e01030d76aaa27829bee42de57b33ae","sha256":"7400aff6408f23b72deadda0905ff4dc8eb4af368f7e8026063918149826a7d6","sha512":"85eff0527e8a86cde19b0e67070c8f71528670484865bafb4b88ee54f83b48f575275ed10cf343f0c84d4c0a425f6632b5b1bdfdfbfd75c6702ee856d28f512f","ssdeep":"","tlshash":"14c08cc8a0c22d101a02681414af24e49028442774481b068cd4e8882e230b08233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-13T23:52:22.80886Z","times_seen":4149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d30bf2ce505ae9387e75911e6e6a02b4","sha1":"337c39d5389aa300577afe07585b93a5d98977ad","sha256":"3f892fc1c9bb281b8758440251b7899dd052685cef87cae5702635dc2a088752","sha512":"1a7025b34cec889e2ef962fc421321620e1a9709e8c5a6aacecd829c897b5f7fcd83edbc3498924446eff1c7aa237487e1713454160aca46b988e78b9c7696fe","ssdeep":"","tlshash":"c0c08cc4a0d26d101e02a41020ef24e89024802674481b028c94d8882e220b09233ed8","size":139,"data":"","first_seen":"2025-09-20T19:56:22.389448Z","last_seen":"2026-06-10T21:35:42.644143Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-14T02:34:50.174674Z","times_seen":228920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"679a388bc52a1ff5419e13c3f38acfea","sha1":"5c7be435dbb1b2f358a0ce0701459e850740c7a3","sha256":"7a54979638a8150b7f40611eb2ebfec129b0b5e416d2c886d9551e418e18efdf","sha512":"d7629133d11da119b7a734dc1f2b8d60f2fd58eb5bf13710a41d4201d69fbfd39bc2c3bedbd77b3adb66205e83ed43c4ec60f45e01fd219066e93a215904132d","ssdeep":"","tlshash":"6dc08cc5a0c32d001602645024af29e4a0284026b0481b13dde4e84c3e220f08233eac","size":142,"data":"","first_seen":"2023-12-24T00:38:06Z","last_seen":"2026-06-10T21:35:42.643549Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ip.ddnspod.com/timestamp","fqdn":"ip.ddnspod.com","domain":"ddnspod.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.195Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /timestamp HTTP/1.1\r\nHost: ip.ddnspod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":663,"dns":0,"connect":8,"send":0,"wait":0,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/api/public/init?d=1772116656181","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /api/public/init?d=1772116656181 HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nst-ctime: 1772116656184\r\nst-ttgn: b6d426c4db51a2ed3e67cfada383d7c4\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:36 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wintermuteloop.com\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5pW%2FY9I3JdOr678W%2BbODnbQozztTXqQJxGfWnjqKVHJurvFV%2B3bx7vJHWO7%2FFrua8dMiMEKOOV8XOmil3tD7bIrvLiIf%2FNOlpMKq844miaDmeWUpWLY%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d402e704caa56f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16427,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4d6edab3db4e1fc1cd3b46fa943a1985","sha1":"126296e7fe491f676b424d576fbf164bf367151a","sha256":"6548bba0fd85586a3a9f7eaecf131989cd6c3d5b1ccbbf4a222b371732429d68","sha512":"63592263f057e59be06487220104a8680ce76fc8c57d0993eb232f29dd8681485e16e2c20ad00b09831784c62804f0ab2d6b8915fa78529e34988d32610a62f3","ssdeep":"384:LQiL//k91XnHdwTm6ej2U1LCMUMkij5752w:LQiD/kh","tlshash":"66720b2e1076ccb7d7e278ce76873118a47e3182fdc88bdd5b38fda402ed16a811a565","first_seen":"2026-02-26T14:38:10.452693Z","last_seen":"2026-02-26T14:38:10.452693Z","times_seen":1,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":22,"connect":9,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ip.ddnspod.com/timestamp","fqdn":"ip.ddnspod.com","domain":"ddnspod.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.017Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /timestamp HTTP/1.1\r\nHost: ip.ddnspod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":1,"connect":9,"send":0,"wait":0,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/default-B8fREOxl.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/default-B8fREOxl.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9i%2FG375Z56WA5s5%2BQsVr7WnYVsxhly5%2FgNMQwzVX%2BV5NX0T4C2C2w%2Bx0SiTrHBkcfNO7X5mWs4%2F2%2FhVRI1H9oXKu6Q4L%2BlzbUKq7fEt3pm1iIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a9e8c83c2c3caa03b0c7d258c964bf2d\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\ncf-ray: 9d402e769ac407e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70501,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8932c4dcedc64dbed769d77f9424bf5d","sha1":"7e42cbaf5e62f0a266f5f12b25ce823e06f56ee1","sha256":"1e49fea9b0a7185c28d6f658dc439a51c6b654e9ff83fbee6fefa8e6c2e03d43","sha512":"29b0f0bba2325cb339faa2f8e801cde5db6846329f64456dc51bfa8326531ff0f2b1c829ad53fc80dc9e94a4a77d12ffc35e5071c11f1dd41ec288465d7612d9","ssdeep":"1536:/uFlgua7D4N403iyVCqxHIn41p9zxIyV98:/6+nIN4EEgF1p93V98","tlshash":"9663094d35907c71639719fe2a37a085e12e6e5ab016e7c2e1ec8d433db792845a2f3c","first_seen":"2026-02-26T14:38:10.455986Z","last_seen":"2026-03-14T12:57:47.284118Z","times_seen":4,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/PhoneSelect-1pOm40zH.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/PhoneSelect-1pOm40zH.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jZCP%2FnUZtEnamboM4nAyfKPuRcOaSu%2FZelG0Oe824qT7qZfWXWtRSTXoBfv%2FAMwt5XAPnRwTnCPHDDHls5RYW1QFeXW%2FmMb5uPRiUdLqojUKCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"b4c773c74e518bcff45fba68f1cd2a07\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\ncf-ray: 9d402e769af207e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53997,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52701)","md5":"a569214db2d91c7842687961c46b0e93","sha1":"8a7f41c51c81a743d9c31a0a21387d6386f3390c","sha256":"efe06e420ac6965569bec6ef5dc2bf8ab67188cbeb10debbe1ea5898bce4d75e","sha512":"abb8279dee8b6f153d77694e7206c0851673ab6adfeb3d5be3ecd699f30ac8c07f69bfd82d38dd37fbd26c1ad3e394f15e797747851bb95c4cf5eb6bdd610c44","ssdeep":"1536:S1/hHMa2nrNXQoJXDvu9sdFqChkw6Oga3/Z0Nuc+qwZDhBnNeOsfq9:CH9D9sdFDhkw6Oga3/Z0Nv+qQArq","tlshash":"4033e94521805ff953b1edc1d05be5069376d9863036adca70aabfe420d38db1a2fb68","first_seen":"2026-02-26T14:38:10.458512Z","last_seen":"2026-03-14T12:57:47.278559Z","times_seen":3,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/route-block-B_A1xBdJ.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/route-block-B_A1xBdJ.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/assets/register-huqQJP1Q.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=velJTcIKG5Zg086LznJOTRmk2owpxpHDlBfoukVSO8eOBa4x18bavSJY34z%2Fq5l7SRaa8uvOgPp7ZXSe%2BkSPoow2EBmN419U2rLquPjNs19J1g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"f9816492016a63d0b09768dfc8623c79\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e775d4807e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"703a0c9620dd946cc85f5ccee2828005","sha1":"2cf601f3dec2169adb9a1f53d1c99f802094dac1","sha256":"f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625","sha512":"ae87c9f33c47a5457881291cd2dacae870d242aeeb8fb4b738e44315480d2fc14aa61b978bb41637d428db06df5e2bae0403fb8e9a326f52725826bc0b899a00","ssdeep":"","tlshash":"4680003a082000b230a0008cb2a0880000a0203c3b222288228802e20302080e888e00","first_seen":"2023-08-18T09:36:36Z","last_seen":"2026-06-14T00:53:42.770693Z","times_seen":741,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseUserTab.vue_vue_type_style_index_0_lang-CliMHsf4.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/BaseUserTab.vue_vue_type_style_index_0_lang-CliMHsf4.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/assets/register-huqQJP1Q.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SStHei41ELM6sQZA52ekor7ExYQvJlGAWjOVAOu4IdQYo4ST7dfmmte15NXhETiPe6lHLSuQX%2BbBQDrgeww8SMAd5aYRbLWdczgWf0F9pzqPRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"eba7d0cbf8a432ab199b369a7be59420\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e775d4507e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4107,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4106)","md5":"ad0ca790f526aee342f535a9eb39fc63","sha1":"5b88293f4779558327ffe12a45ad77b681dd7da6","sha256":"d56e096bc63f84420950768e3a3409e514c07a4c9312bf8034bf738d77ce4421","sha512":"54bc1477589ecf509d1b2d976b3f257606a07f0b9525e5c95875d3f4a3a0caf10e87e5745ec362fab00de3cc96282c6a7be7ad9420c73d73e3f04e5267fec385","ssdeep":"96:GrMZf4PERrKW27N4VySQT9/D+5E87W6dFMX/aGazTO+R+OWyVLoXApUiDyA:GrZER2dDUEcW9PaDTO++OvVLoXACiDyA","tlshash":"798164cd75d5b4f607aa2ae8273b0066d03ee9413927c985d09d49923e37914e2b7f3c","first_seen":"2026-02-26T14:38:10.462863Z","last_seen":"2026-03-14T12:57:47.289913Z","times_seen":3,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWuYaalmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:38.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWuYaalmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20940\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 09:28:30 GMT\r\nexpires: Thu, 25 Feb 2027 09:28:30 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:09 GMT\r\ncontent-type: font/woff2\r\nage: 104948\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20940,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20940, version 1.0","md5":"a12c5550f2906ab80563eaafd7ce813d","sha1":"4b50a7794f2b3416043afc2ed60aecc17fbbb0b9","sha256":"7608821ae7a01e76cb42e6fda12421e5f546efd79bd51850b75d39831423f3cb","sha512":"b2a554052bd711dc4aec353beb257127b9bea72cde8aac7913d3aea6813b6ddb3f1074f449c58df73d9a9e1240203f385e35f2ede83a41fb9fe6d830086f302b","ssdeep":"384:xOIoARMcfbhzGqvcMaVyOUyAF4dShZZbA1x+LJPr3vlV2uzF:ZoARnThQVLUy2c6bA1eJpJzF","tlshash":"1392d13003c27e27f45777be2aca0abad1b134d2b26f64fd8259859055011994f2ff1e","first_seen":"2025-03-17T10:03:33.583976Z","last_seen":"2026-06-12T07:13:06.74868Z","times_seen":384,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/register-huqQJP1Q.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/register-huqQJP1Q.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1mvtIqW4KGh1TWA62vOq5vjpvirMJh6vp1hZne9Fg8T5QFk%2FJcBITk0qw5Bfn%2BwfUad17Th9epia7PnPhqrtDFx3S6f%2F%2B4R2aAVc2BTd1zZEog%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"d37d94827c02846e41668885d4124261\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\ncf-ray: 9d402e769aed07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55325,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (55324)","md5":"ac5442e1f72f32e9c0fd82b70a7a7d4e","sha1":"d6719bef8a06c199a8a24cdbd0271ec91dc4ca48","sha256":"c52e7a656e26dbdd7d02949fc3a3356ba130f0b453b5adc1221bc146e6dac5d6","sha512":"b1c2ac899e33bcc60df9c842d536017b23ccf7d76f3263534ab68de439631eebd34d5fd2715f0cd0e217c48f0009d32e4cb26cb48be71002d0f6db06a926dd4f","ssdeep":"768:OEQbNqrpM9toHE2XiS/YrsPrcJqrpjwELtqPj4LquOxrTCh5moxETTiWQomXbhbE:OGQraLFqmxVcY5AEaEMWZyK17g9V","tlshash":"2f43e78c71f89cfb56eb65de3a274422f12f456fb440aa52c6789e473c23e509261f38","first_seen":"2026-02-26T14:38:10.466555Z","last_seen":"2026-03-14T12:57:47.266401Z","times_seen":3,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/default-B8fREOxl.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/default-B8fREOxl.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/assets/index-DidECXtN.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9i%2FG375Z56WA5s5%2BQsVr7WnYVsxhly5%2FgNMQwzVX%2BV5NX0T4C2C2w%2Bx0SiTrHBkcfNO7X5mWs4%2F2%2FhVRI1H9oXKu6Q4L%2BlzbUKq7fEt3pm1iIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a9e8c83c2c3caa03b0c7d258c964bf2d\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e76dbea07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70501,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8932c4dcedc64dbed769d77f9424bf5d","sha1":"7e42cbaf5e62f0a266f5f12b25ce823e06f56ee1","sha256":"1e49fea9b0a7185c28d6f658dc439a51c6b654e9ff83fbee6fefa8e6c2e03d43","sha512":"29b0f0bba2325cb339faa2f8e801cde5db6846329f64456dc51bfa8326531ff0f2b1c829ad53fc80dc9e94a4a77d12ffc35e5071c11f1dd41ec288465d7612d9","ssdeep":"1536:/uFlgua7D4N403iyVCqxHIn41p9zxIyV98:/6+nIN4EEgF1p93V98","tlshash":"9663094d35907c71639719fe2a37a085e12e6e5ab016e7c2e1ec8d433db792845a2f3c","first_seen":"2026-02-26T14:38:10.455986Z","last_seen":"2026-03-14T12:57:47.284118Z","times_seen":4,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/upload/img/696123258043.webp","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /upload/img/696123258043.webp HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41162\r\nserver: cloudflare\r\nlast-modified: Fri, 09 Jan 2026 15:47:50 GMT\r\netag: \"69612326-a0ca\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lC1wpjzgHTD6Xi9BywKD%2BQeiIrp%2BvdmHF7fJOLPDtBI0h%2Bd%2Fk9fTMe8laJsqycbGB6fJiLR%2BJY8n8H0mXzV1LRwFl%2FkKcGr5bk%2BXCRMngRfp9GH4pck%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d402e77debdbe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41162,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1e5474276d48ef4d07411ff70dc496cf","sha1":"58f9e294aeec3aa4175c49aadec6dfb86972055e","sha256":"d86c5f6cc33e1d993a8ccd33cd1aad209d2473e16b4c5ae9500459b7490fc7ee","sha512":"c7d954f208604d644db923463b75606c03d2512f095f7e181eb384e157ce5c4a22f863942fc741d38284d7d53f7c72ccb54ab06c4175339fe4db4d898ec7d125","ssdeep":"768:BIh88lb0f/V0iU+/b9vw7KfVXxs33wgMlfhX90eiQ6QQJNN4Tjwe:BTf/V0e/dVB4fM/tYQ6QQJNN3e","tlshash":"1803f12794f80ca8e1cdcaaf89c5e3735dd99000aa74f40d5dea70ca4c7bf85e61e985","first_seen":"2026-02-26T14:38:10.468713Z","last_seen":"2026-03-14T12:57:47.267581Z","times_seen":3,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":386,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/upload/img/69611c7e5ff4.webp","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:38.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /upload/img/69611c7e5ff4.webp HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21642\r\nserver: cloudflare\r\nlast-modified: Fri, 09 Jan 2026 15:19:26 GMT\r\netag: \"69611c7e-548a\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AaN0i%2BMYgMNgKu8HElLPK3lY4SfAEnw52bfflG8Xs3V6P1AClEvICPJ0IoPrEJKHmHe9eBkAjpaz9YGzasA9b4X6LgA9KYnZAz%2BkDWRaE3wCCZW%2Fs64%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d402e79ac2cbe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21642,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6c89bad3a769ae79d97f65502067ecec","sha1":"08281ef78fab1b3832a1d25e1d0e5fd8417eb017","sha256":"98b5bf4c69c894d49943796d75d4462fc8dfd8e67f224f831f2f2823db97eba9","sha512":"5c8414695a7ad2a89f82d18a21f960108f968c57ca29a90008a9c00effd321c37701b98b08e050c2d855086ae73405cd122811ba42d459b7e54a8187705695ee","ssdeep":"384:b87Hc7IVrUkV2N8MD08x3Y9VWanDP1gC9nOlT9F+Q:b87Hc7IrV2+Yx3QVWaDP1b9nO19Z","tlshash":"f2a2c097ae00bc4a2e5c38310d9e4e76dc79af08830ad5b9f94154786efbf9509093a3","first_seen":"2026-02-26T14:38:10.471195Z","last_seen":"2026-03-14T12:57:47.297221Z","times_seen":3,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/upload/img/696123258043.webp","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:38.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /upload/img/696123258043.webp HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41162\r\nserver: cloudflare\r\nlast-modified: Fri, 09 Jan 2026 15:47:50 GMT\r\netag: \"69612326-a0ca\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zp9mTrM8ZGO4vkNkuP1MDeSDzhcnRf1uXYXhSFwi4QwTDfGM5HOP2rmDHWz0fTdyzNHpCNBKfcASxm6uQ5vfcDnoeXGTPtm9YQlrMJwrFdJWPGfPhBA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d402e79ac36be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41162,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1e5474276d48ef4d07411ff70dc496cf","sha1":"58f9e294aeec3aa4175c49aadec6dfb86972055e","sha256":"d86c5f6cc33e1d993a8ccd33cd1aad209d2473e16b4c5ae9500459b7490fc7ee","sha512":"c7d954f208604d644db923463b75606c03d2512f095f7e181eb384e157ce5c4a22f863942fc741d38284d7d53f7c72ccb54ab06c4175339fe4db4d898ec7d125","ssdeep":"768:BIh88lb0f/V0iU+/b9vw7KfVXxs33wgMlfhX90eiQ6QQJNN4Tjwe:BTf/V0e/dVB4fM/tYQ6QQJNN3e","tlshash":"1803f12794f80ca8e1cdcaaf89c5e3735dd99000aa74f40d5dea70ca4c7bf85e61e985","first_seen":"2026-02-26T14:38:10.468713Z","last_seen":"2026-03-14T12:57:47.267581Z","times_seen":3,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/index-DLMn7-xO.css","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:34.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/index-DLMn7-xO.css HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:35 GMT\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lZbof0qtuHLjIS8WpT8nB589HX0Etwklwi0C61i69OwLx4WfGP8hfKBHQ%2FugHuoRsr5cFqqS5B%2BEfeB2X9KKXRB%2BUdVQHoEIJg5xB%2BACGmQYPA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"5323e71f6501f0168951c9c3a4ebb2b5\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\ncf-ray: 9d402e62e9c907e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":253093,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"b6b71f9f2a1bf741da427d9d49e72304","sha1":"e834b4c24cfe89d6233e3a81aad1ce445e9addd4","sha256":"0a9e2360413d2b85bbae721e0603d81cd22acc6730717063df11a06475165d8f","sha512":"4acdc60d951bbb601fd87a22a13a2318f2fb25dc8f41bf3fd89660fe481b71427e9e2b02c4b335c845c9113b92397c70b46a09b7355d63e899a0c45073901be1","ssdeep":"1536:UtIyNBi3MFYaQj7FCwsBlDOFIxuVoxODOI+lgRrUmEXIs7fzCbx84CaFWDVZ3Mjr:UnNIClDsIxuVSE84ecjZ5","tlshash":"183439b56685507cef17ce3353c96a9cb01df121ef8289a1f50969248bdb3bb1722738","first_seen":"2025-12-20T07:12:13.41849Z","last_seen":"2026-04-14T13:35:54.340852Z","times_seen":21,"resource_available":false,"data":null}},"time_used":1102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1094,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/api/public/init?d=1772116656181","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"OPTIONS /api/public/init?d=1772116656181 HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: st-ctime,st-ttgn\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:36 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wintermuteloop.com\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: st-ctime,st-ttgn\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BDZlezloT5PvOtGPKzFpE9RnJBJ9bVbsSwTvlEFDn8WXtsVoCOXUcmjG75R5iZbUUWV7NlVY%2FF71tSDdWxHEA7KJFA7qDStCsojtZ4lWMv48uVzSIS8%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d402e6dde73be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":562,"timings":{"blocked":89,"dns":22,"connect":9,"send":0,"wait":385,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/upload/img/690b36fe306d.webp","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /upload/img/690b36fe306d.webp HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13246\r\nserver: cloudflare\r\nlast-modified: Wed, 05 Nov 2025 11:37:34 GMT\r\netag: \"690b36fe-33be\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Uk9pS3xpMsjf4BcP25oFZIHhJr3vBPTVu34rMikECxpd4gakM8Q7ARpboBwJAWQ55ajcz1iZZq%2B%2FwTgaGIQEgE0XhMibhhQrVr4hKLQ9vM%2BbdHuSMtg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d402e721c60be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13246,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f85dbb107b929af7f7e4b8ae94065d0d","sha1":"eaa951860a9a43e4e96a72be1290638b7c8c5f1c","sha256":"674b2b724569ddc551c9eaa318f1ba05ef797496aa5fbc4e7030b965cbb7e5d3","sha512":"558982369ea3c91e3459617591814cc075b5d3bcf438723ad1fb0247e2e46c5e46e43dbe685fe74c2f1bc1ab8117ade1a2c962a75f8b7599454194f77c852b08","ssdeep":"192:fLwSacORXc7q8CYrC5U8KtJE5i5AgSRIl96bPYvqRN4x1Vjv0oqGkbi3F8WH:f/tG8CYrCW8KtJRXGPYiRGNXqG1VJ","tlshash":"3552ce6da36113a892cf09fc27692b0128fd7197f5bda218b07bc5968ae10715c4c7af","first_seen":"2025-10-27T17:59:41.853125Z","last_seen":"2026-04-03T08:12:53.728803Z","times_seen":10,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":382,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseInput.vue_vue_type_style_index_0_lang-q3EkYUip.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/BaseInput.vue_vue_type_style_index_0_lang-q3EkYUip.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/assets/register-huqQJP1Q.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Jrtm6wCHnG5zifbH21wr7tfyvx2cMLRD6LW5jtSFgeMMX3crbNekXpJrlNjfRvrSDbVRKQfZOJIpwHDqCQI3HSYocYgZcmmDAmWFhrF%2Focoeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"c9b4d5e644d39efca6285d4d2cd0c95a\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e775d3e07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5437,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5436)","md5":"d347828b949bf9bea44ad8a19e9807ba","sha1":"cd537bd405b92070aefd036cdcb923b140651730","sha256":"b43f285accadd17d811af49a6709b7677782a98e420571b61805b8b36af7798c","sha512":"19e3eac2e312642a3e5c06abb91b2b86aeed92675e7db2c3d07c80425984a5a4bd463bc66a5603d91d501eafa7e0f60bdd37cfd615f6aaf94017a198236bede5","ssdeep":"96:YpBMC8KUVJnRo0i40KbNk+XHyohJGXwj5wZXRkB1L8sKYuBkcWRm081QnLP7mnvJ:Ypb8KYJHBXHyohIXwNwZBkB1L8RYuBk6","tlshash":"55b195497ac07cb50b936dfe61bf2460e41eba4b7d24d985a0e4eda13e269009063f38","first_seen":"2026-02-26T14:38:10.476561Z","last_seen":"2026-03-14T12:57:47.291465Z","times_seen":3,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 21:28:29 GMT\r\nexpires: Thu, 25 Feb 2027 21:28:29 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:10 GMT\r\ncontent-type: font/woff2\r\nage: 61748\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20612, version 1.0","md5":"b07da7aa3e4f363c5cdbc11312239e8c","sha1":"47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8","sha256":"e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa","sha512":"420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532","ssdeep":"384:k5Eu+yl5Y9RpwjjmD/8Qu+POP9w+oB7rezldH9W4EMs8qCr9WvS80M8T4PTEXPFw:YEu+/Jw3FF+WP9DC/ez79jcCrb8BK4Eq","tlshash":"8192df6bce71497ac711262c773917addb8b44f627f91f2ba0562411c7b8e015c2cc7a","first_seen":"2025-01-09T06:25:34.419113Z","last_seen":"2026-06-14T01:37:20.755498Z","times_seen":47074,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":96,"dns":4,"connect":8,"send":0,"wait":12,"receive":3,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/api/public/get_lang_json?d=1772116656983\u0026lang=en","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /api/public/get_lang_json?d=1772116656983\u0026lang=en HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nst-lang: en\r\nst-ctime: 1772116656985\r\nst-ttgn: a69c1f1882739c04241940a2378ef8f8\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wintermuteloop.com\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dz7iIPyhUD4kImuvT7QQORufqfkjy4H4vVsyV0bBRXyaV9ozmlOBBe3Vj2grT06WR3zvTVP8PPY%2BPVkNeLSlQyDrqWd%2FqM5fHXh9z2uMntJAdoZCTtM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d402e74bcf4be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21879,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4bd1c6b94b14a8bd2435fc6e08279f4e","sha1":"2cf470d8c755e4384ab35d44dfedc38573407862","sha256":"3b6d440f384a3610e7117b60aeb9647fe87c92980d9c366aa9bb11a761ccfb19","sha512":"265f9dca6fa0f9114dac6a00b17cb690964644c2d40f291db178cd8084d84dcecf553622e9d65337272f85526bde710899f4c69e894c7eab62224fbdd9f88aac","ssdeep":"384:iYTNyOJhIZCKnPsn8dXoNYN0tPaupvYVtQ2tdCFmG1wGrvv0LqS1qB5wcv6j:z0OjWCKnkn8Z50SeqQCdZG1px6j","tlshash":"1fa2e94b620117b34ed35bc2786e1d4670f961e3125688ae4cdc851c63aef69f3b728a","first_seen":"2026-02-26T14:38:10.479163Z","last_seen":"2026-03-14T12:57:47.269648Z","times_seen":3,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/route-block-B_A1xBdJ.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/route-block-B_A1xBdJ.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=velJTcIKG5Zg086LznJOTRmk2owpxpHDlBfoukVSO8eOBa4x18bavSJY34z%2Fq5l7SRaa8uvOgPp7ZXSe%2BkSPoow2EBmN419U2rLquPjNs19J1g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"f9816492016a63d0b09768dfc8623c79\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\ncf-ray: 9d402e769afb07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"703a0c9620dd946cc85f5ccee2828005","sha1":"2cf601f3dec2169adb9a1f53d1c99f802094dac1","sha256":"f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625","sha512":"ae87c9f33c47a5457881291cd2dacae870d242aeeb8fb4b738e44315480d2fc14aa61b978bb41637d428db06df5e2bae0403fb8e9a326f52725826bc0b899a00","ssdeep":"","tlshash":"4680003a082000b230a0008cb2a0880000a0203c3b222288228802e20302080e888e00","first_seen":"2023-08-18T09:36:36Z","last_seen":"2026-06-14T00:53:42.770693Z","times_seen":741,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseUserTab.vue_vue_type_style_index_0_lang-CliMHsf4.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/BaseUserTab.vue_vue_type_style_index_0_lang-CliMHsf4.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SStHei41ELM6sQZA52ekor7ExYQvJlGAWjOVAOu4IdQYo4ST7dfmmte15NXhETiPe6lHLSuQX%2BbBQDrgeww8SMAd5aYRbLWdczgWf0F9pzqPRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"eba7d0cbf8a432ab199b369a7be59420\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\ncf-ray: 9d402e769af907e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4107,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4106)","md5":"ad0ca790f526aee342f535a9eb39fc63","sha1":"5b88293f4779558327ffe12a45ad77b681dd7da6","sha256":"d56e096bc63f84420950768e3a3409e514c07a4c9312bf8034bf738d77ce4421","sha512":"54bc1477589ecf509d1b2d976b3f257606a07f0b9525e5c95875d3f4a3a0caf10e87e5745ec362fab00de3cc96282c6a7be7ad9420c73d73e3f04e5267fec385","ssdeep":"96:GrMZf4PERrKW27N4VySQT9/D+5E87W6dFMX/aGazTO+R+OWyVLoXApUiDyA:GrZER2dDUEcW9PaDTO++OvVLoXACiDyA","tlshash":"798164cd75d5b4f607aa2ae8273b0066d03ee9413927c985d09d49923e37914e2b7f3c","first_seen":"2026-02-26T14:38:10.462863Z","last_seen":"2026-03-14T12:57:47.289913Z","times_seen":3,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/#/register?ref=686977","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-26T14:37:34.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:34 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nViYKohIohVT8kfY%2FIt7k8TOY5Xlr5CuBL%2BE1vHPpCUdhAlwNJC4zUjfR0RnaSJUseFhZmWJVHRAno4%2F4AEfCf1dAIRquHRTujKLCeYOMBpWIg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9d402e60ab78c8cb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10661,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"930229be0f3431ac1f9e317df938fa02","sha1":"069efa2541f3d35dba5500653a0071c7d52af830","sha256":"39f64637bc61054faa818ea0934b12e08524170f0b1d1930872f4f45f12b51df","sha512":"aff441d9cdc8a358f5fb79e0e9e506df2d5a0e0eddcd5ad72b99443a13ab9cc9da36b6088100e28a2711bb154d8781fddcd7f62ccc6b6f64d2af21299fbd4845","ssdeep":"192:SUYfkdoq1aBIBksXZhu8M0k9X+T60YDIVkKy5cbjlxixIb8IuQGthsriMHLqj6cO:xYKkBzsju8pk9X+OIjlYAuN4qLM2G","tlshash":"7e221e5b2ce6a028630370ba8d7ff50a7625001b1998fc007d0cd6345f99a7dabb5eed","first_seen":"2026-02-26T14:38:10.481032Z","last_seen":"2026-03-14T12:57:47.271551Z","times_seen":4,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":59,"dns":18,"connect":8,"send":0,"wait":88,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:34.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /js/telegram-web-app.js HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Thu, 26 Feb 2026 14:37:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Jul 2025 14:26:51 GMT\r\netag: W/\"6888da2b-1bd46\"\r\nexpires: Mon, 02 Mar 2026 14:37:35 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113990,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (768)","md5":"70dbd7ade763706614c7ee99973dcc9c","sha1":"0b980ef4fe3e17d253fc2cdb672f1208736b733f","sha256":"b47f6cb105860d35b4ae512c22696a33157a365f4c885a33488f22ea8a3b6a03","sha512":"03c1f60831856975b61bea126ead239f116235fb0422178425d6b8c86553a3548d487c919f0f3f81e14de201680f63b7be24106589faffd8f3c56b28c2d19b45","ssdeep":"1536:pO5TpRdo54F0WN2Zbjcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV76/xHK8ITrm:s5TpRdccKFU76x1H","tlshash":"6eb32e4d6cb3612285b3b1bf8b5f924172759883301def20794d9b646f80e7c53eaad8","first_seen":"2025-07-29T21:33:08.487755Z","last_seen":"2026-05-12T02:27:32.127067Z","times_seen":3808,"resource_available":true,"data":null}},"time_used":1095,"timings":{"blocked":521,"dns":105,"connect":23,"send":0,"wait":47,"receive":0,"ssl":395},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/index-DidECXtN.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:34.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/index-DidECXtN.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:34 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1QbZs7JVE6A2XYnzHmmoX6tqajp99ZydUfl%2BW3z%2FUKKvomOjFAcO2Y%2FwiLlMHnpZvO4j5jX6WnZGu8wNnFNdAMqb1QXVWVAEtk0GRbUCaCX2jA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"bdfaf9c115b02b3c749143e68ada5f9e\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e62e9c007e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1816264,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6919)","md5":"d976def1b7711042c55b8966ba185e8d","sha1":"96f3e654319b0db0008e019273fae5d1ffaeadca","sha256":"55a8b1f406d2ec0d8789c947766255ab94c4d89b1d807d5265fd9e36afb2c301","sha512":"297ce7ed6585db69c642cb0188da69be2cb7214c3dcf98745ee59c9842eb1b3cd4d37f5e5df6de2ec492535ba8249983c76cdfd2f91f1a0e9b09e9cd94561ca6","ssdeep":"6144:qPGzhBOKItxpx8KC+TaLk/7BpRe2rsNRJr/KcRG85WKfAP974pyMo2x:qPGzhEV32LivRIrQ85VAKpVo2x","tlshash":"ee2579282a5af3449858c0dbea373c84c59de18ab40b54e15f7557b31bb2393ebacd13","first_seen":"2026-02-26T14:38:10.483742Z","last_seen":"2026-03-14T12:57:47.285226Z","times_seen":4,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ip.ddnspod.com/timestamp","fqdn":"ip.ddnspod.com","domain":"ddnspod.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.993Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /timestamp HTTP/1.1\r\nHost: ip.ddnspod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":0,"receive":0,"ssl":4},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldtimeapi.org/api/timezone/Etc/UTC","fqdn":"worldtimeapi.org","domain":"worldtimeapi.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.037Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/timezone/Etc/UTC HTTP/1.1\r\nHost: worldtimeapi.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":932,"timings":{"blocked":95,"dns":837,"connect":845,"send":0,"wait":0,"receive":0,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldtimeapi.org/api/timezone/Etc/UTC","fqdn":"worldtimeapi.org","domain":"worldtimeapi.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.891Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/timezone/Etc/UTC HTTP/1.1\r\nHost: worldtimeapi.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":861,"timings":{"blocked":106,"dns":755,"connect":763,"send":0,"wait":0,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/api/public/get_lang_json?d=1772116656983\u0026lang=en","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"OPTIONS /api/public/get_lang_json?d=1772116656983\u0026lang=en HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: st-ctime,st-lang,st-ttgn\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wintermuteloop.com\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: st-ctime,st-lang,st-ttgn\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XyIBs1YPSSbW%2FtQ7wyvke8y%2BWnXFT4EwbIN7QLKnTIqRFavQqQtfvPcPWbMTsuzqjVI%2FuoHnB59zLBUPi%2FZGxsaP8y55GYf9slCmjW490rDiMLWWVwQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d402e725d38be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"worldtimeapi.org/api/timezone/Etc/UTC","fqdn":"worldtimeapi.org","domain":"worldtimeapi.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.053Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/timezone/Etc/UTC HTTP/1.1\r\nHost: worldtimeapi.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":627,"timings":{"blocked":82,"dns":545,"connect":553,"send":0,"wait":0,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/api/public/home?d=1772116657011\u0026language_type=en","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"GET /api/public/home?d=1772116657011\u0026language_type=en HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nst-lang: en\r\nst-ctime: 1772116657013\r\nst-ttgn: 465835df08dab99ee337632ae300558f\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wintermuteloop.com\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mY4MZ1GhblzboKu%2F3GCnfR1O7hJssbmbQNqn5w5LfZdpc20dDkRNwS3mb4mYkZLKfJWqyAfNv8KONnRROlh1F0mBye8wGBkGAkXAtoyx%2BbL3fk%2BvbkY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d402e74cd2ebe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3673,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"50dbe61500fd9f9e3edc7e5366e6215f","sha1":"c7168bd826b73a84f172b2737dda7d6902dbda29","sha256":"340612a2e7c15112298d529195c2aea76a05a611b1a06d2fdbf17a37c6dbfb9b","sha512":"ebc5caa093c49e12851cd22dfcb4eb417fb565bb614a554f77422ca78d79dd1f71a8e028aec62aaec4ee5750555dbb11a80b595cec531027d8cdd574529f352e","ssdeep":"","tlshash":"9c71de9282f2da144c5111e12b111bfd205cb42df36f1ce26bedb47fd898e8457369ae","first_seen":"2026-02-26T14:38:10.485371Z","last_seen":"2026-02-26T14:38:10.485371Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseInput-QBaNTw53.css","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/BaseInput-QBaNTw53.css HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NQ30%2FnJS90BrnP%2Brx1Wy7Fj1gxQH6dpkd42Ui95fHoc8jAv%2F3q4GQIGK%2BtKTtTTBZ4FUYYTAPUPp7CMqqmp%2FJurnoMJ7SSGvmv0EAdl2U2biGw%3D%3D\"}]}\r\netag: W/\"7f98d76884361e0ba35f82d1995e0461\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\ncf-ray: 9d402e768a8c07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1462,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1461)","md5":"4fa5644ea4fc009d0f445cf73c8bd5e4","sha1":"78698d99e34fba61acf45776d2372b6e7652f36a","sha256":"71f88b96fcf04dec8e9f6889d5ee36170d109d0c421fdb2d87f6a0dfa267d5ee","sha512":"ad9db746cff222ab05c6d73ebf59bb76732bfbdbdfdde55690833a984cf04a15b71ae4c6ad5975d3a1420346a379637424b6f9fadf021ac928385f952248948a","ssdeep":"","tlshash":"a8315e081d60ef1b2cae6ef3e5c8da872c1855b35fa39d45d140602687958b53f3fe68","first_seen":"2025-05-06T14:23:01.814581Z","last_seen":"2026-06-13T03:38:45.193344Z","times_seen":147,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sc-static.net/scevent.min.js","fqdn":"sc-static.net","domain":"sc-static.net","tld":"net"},"ip":{"addr":"3.163.248.4","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:35.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sc-static.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 22 Oct 2025 00:00:00 GMT","end":"Fri, 20 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:63:7D:63:F2:DF:8F:C5:65:EF:16:8E:06:3E:E4:66:D9:41:67:CD","sha256":"91:A8:D7:CD:20:36:14:EC:9A:D5:10:BC:DD:44:F1:9D:26:20:78:F8:92:93:7B:37:6A:F8:E9:7B:FC:7E:72:66"}}},"request":{"raw":"GET /scevent.min.js HTTP/1.1\r\nHost: sc-static.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript;charset=utf-8\r\ncontent-length: 24779\r\nserver: CloudFront\r\ndate: Thu, 26 Feb 2026 14:37:35 GMT\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncache-control: private, s-maxage=0, max-age=600\r\nset-cookie: X-AB=83f59cad166342b7b070988e687dccd8;max-age=86400;expires=Fri, 27 Feb 2026 14:37:35 GMT;Path=/scevent.min.js;Secure;SameSite=None\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 677df3933c00907ecb7cdafc768e98fc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 0DEheHyLwaamY7lumjq-scFPaWb-I0y4jyEMkNHQ7KF3yXYbDlUuYA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":58763,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (58736)","md5":"121189e361b1b6f3e7b0dc47fec6b383","sha1":"d98a2320209759d2f3f6d0991e45917703feb238","sha256":"c9c236ba3c81fd6f5cc61494d64d13153014817bc343fef249d9bf9826a5266c","sha512":"cdb2ea94f746977e8d6ad0d01d7f131f8adf9c32976e736d5f9b0a72151c1ed651d8fb31e27a5624bc5b8f780453be496348873b57a05c3a6743593c661389f2","ssdeep":"1536:kQ870ziaayzjPOevVJm0tlsuHrih9HHVZ1GJV51kxx0Kb:78chTl49dx0G","tlshash":"6e43d78cb7e9b02503973472497f541be33bb9646c0bc650c526e5883dbc69e9237eac","first_seen":"2025-12-10T19:39:08.014146Z","last_seen":"2026-06-06T11:35:15.665092Z","times_seen":12540,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":23,"dns":13,"connect":1,"send":0,"wait":39,"receive":1,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/favicon.ico","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:36.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:36 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\npriority: u=6,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QE5WQiZwiNFxH7TfA6P87TGkNoPAPr1sZfrKusRmEBrGxP6rbTJnbQT6iwh8t12Yjm2KWd8KF3l3vLKn69wLsQlvmHBwz21tU8iXM7GzbLi2gS5WvTga1usZ4uZyxA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9d402e6f099707e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10661,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"930229be0f3431ac1f9e317df938fa02","sha1":"069efa2541f3d35dba5500653a0071c7d52af830","sha256":"39f64637bc61054faa818ea0934b12e08524170f0b1d1930872f4f45f12b51df","sha512":"aff441d9cdc8a358f5fb79e0e9e506df2d5a0e0eddcd5ad72b99443a13ab9cc9da36b6088100e28a2711bb154d8781fddcd7f62ccc6b6f64d2af21299fbd4845","ssdeep":"192:SUYfkdoq1aBIBksXZhu8M0k9X+T60YDIVkKy5cbjlxixIb8IuQGthsriMHLqj6cO:xYKkBzsju8pk9X+OIjlYAuN4qLM2G","tlshash":"7e221e5b2ce6a028630370ba8d7ff50a7625001b1998fc007d0cd6345f99a7dabb5eed","first_seen":"2026-02-26T14:38:10.481032Z","last_seen":"2026-03-14T12:57:47.271551Z","times_seen":4,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wintermuteloop.com/api/public/home?d=1772116657011\u0026language_type=en","fqdn":"api.wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 19:37:49 GMT","end":"Fri, 15 May 2026 20:36:29 GMT"},"fingerprint":{"sha1":"50:D1:0D:4F:70:84:31:5C:E3:01:08:19:69:85:C9:1A:90:1E:AB:E1","sha256":"3C:20:51:BA:C8:B7:82:DB:B7:5F:05:FF:D7:CE:F5:EF:20:2F:FB:FC:69:AF:4B:CC:5F:C3:B4:38:53:95:20:1F"}}},"request":{"raw":"OPTIONS /api/public/home?d=1772116657011\u0026language_type=en HTTP/1.1\r\nHost: api.wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: st-ctime,st-lang,st-ttgn\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wintermuteloop.com\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: st-ctime,st-lang,st-ttgn\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oX8SQRZT5vrOCEIuPr4e6LuYAWPzdlUgkztmH4tHmCEtdI2qM8lsqLOXLldzsKh657hGsYik0zABYQ5EiLoZuXhsvVr65WQrdTdZTXUPxfGerCb3Etw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d402e726d8fbe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":376,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":376,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"api.wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/PhoneSelect-2-LaZofN.css","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/PhoneSelect-2-LaZofN.css HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lq5%2B3kajQZW2TtcT25zY2QEwFd9BMbCHB8uCDxvWEUW%2BqBZVF5iQlACrf9j7HZopVCIk80FUwc3SWeRxbMcyA1z7R8Ajkjl6NesLBBVrqpajxw%3D%3D\"}]}\r\netag: W/\"77462601ceb32b994a21bf7b4fc23141\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\ncf-ray: 9d402e767a7e07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8659,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (8658)","md5":"fb70e17e83ca6baf9c15cc277a0ca784","sha1":"8ff8f8ef5239ae990c6fb70b7eb6dc0f2be64988","sha256":"06c6b859fe356e00f80ae15d259a408fff375d7c8015c60edf29b76d8978a0b9","sha512":"3aff63fdcc8b6a35f8cc8c1d24e11a10f6b47f7e8f62dfacf589d8c6ce8d05b43453da0f11949391dd17fafdb04f75e6e45b09f4ed31738f4a2be38481743073","ssdeep":"96:1XSJMmV/0c6bxr7X3NY9gnYkWsoVg4w1AfSBHIeTWViMKQtHXRSunBE2gB4zf9:1XXfnf1A6wrHXRSuna4zF","tlshash":"e4025416a694617d5f3b7265cfc3cac8e33fa760fe419a61b18250281ddbaf0e533948","first_seen":"2026-02-26T14:38:10.488525Z","last_seen":"2026-06-10T21:35:42.621057Z","times_seen":7,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseUserTab-DVdcH4fp.css","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/BaseUserTab-DVdcH4fp.css HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kn2Uir9OewMJTbxcAq1%2FVGlkEK9Ahr2a3wB8hjlTZ3nhVsyZGPdivb3KwTOs5Kw6Z3FjpjA5SVmWJjqNkh7ohK4EXBmhH4Lx08KIW77AXWjzAg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"d220730bd5c0a69dcefb0e619cfae803\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\ncf-ray: 9d402e768aa207e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2571e9c1678f7890b2944076ddacb4af","sha1":"d36697fae0e1aecd7f151e50ea3808c9f155e5f0","sha256":"d27ee7a4a4e398c3fd2bb36d227fa8d1a2c0d648ababbf68b900c279709230b2","sha512":"6c1a50c9b8cc632500a99e5ed2e7b6b4f1ef621db803b52a9c4a59fbcf03bd6fce5ae57bda4b07f1b4bef632dde82ace2b87e26ebbf6a3aeaa64b620a5147500","ssdeep":"","tlshash":"37d0a91c0894f0be28c9b2a81fa852dc08aa2205fe035fa83024bd2101d6af5213bc6f","first_seen":"2025-09-11T15:59:47.603631Z","last_seen":"2026-06-10T21:35:42.622457Z","times_seen":94,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/BaseInput.vue_vue_type_style_index_0_lang-q3EkYUip.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/BaseInput.vue_vue_type_style_index_0_lang-q3EkYUip.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Jrtm6wCHnG5zifbH21wr7tfyvx2cMLRD6LW5jtSFgeMMX3crbNekXpJrlNjfRvrSDbVRKQfZOJIpwHDqCQI3HSYocYgZcmmDAmWFhrF%2Focoeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"c9b4d5e644d39efca6285d4d2cd0c95a\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\ncf-ray: 9d402e769af507e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5437,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5436)","md5":"d347828b949bf9bea44ad8a19e9807ba","sha1":"cd537bd405b92070aefd036cdcb923b140651730","sha256":"b43f285accadd17d811af49a6709b7677782a98e420571b61805b8b36af7798c","sha512":"19e3eac2e312642a3e5c06abb91b2b86aeed92675e7db2c3d07c80425984a5a4bd463bc66a5603d91d501eafa7e0f60bdd37cfd615f6aaf94017a198236bede5","ssdeep":"96:YpBMC8KUVJnRo0i40KbNk+XHyohJGXwj5wZXRkB1L8sKYuBkcWRm081QnLP7mnvJ:Ypb8KYJHBXHyohIXwNwZBkB1L8RYuBk6","tlshash":"55b195497ac07cb50b936dfe61bf2460e41eba4b7d24d985a0e4eda13e269009063f38","first_seen":"2026-02-26T14:38:10.476561Z","last_seen":"2026-03-14T12:57:47.291465Z","times_seen":3,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/PhoneSelect-1pOm40zH.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/PhoneSelect-1pOm40zH.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/assets/register-huqQJP1Q.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jZCP%2FnUZtEnamboM4nAyfKPuRcOaSu%2FZelG0Oe824qT7qZfWXWtRSTXoBfv%2FAMwt5XAPnRwTnCPHDDHls5RYW1QFeXW%2FmMb5uPRiUdLqojUKCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"b4c773c74e518bcff45fba68f1cd2a07\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e775d3a07e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53997,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52701)","md5":"a569214db2d91c7842687961c46b0e93","sha1":"8a7f41c51c81a743d9c31a0a21387d6386f3390c","sha256":"efe06e420ac6965569bec6ef5dc2bf8ab67188cbeb10debbe1ea5898bce4d75e","sha512":"abb8279dee8b6f153d77694e7206c0851673ab6adfeb3d5be3ecd699f30ac8c07f69bfd82d38dd37fbd26c1ad3e394f15e797747851bb95c4cf5eb6bdd610c44","ssdeep":"1536:S1/hHMa2nrNXQoJXDvu9sdFqChkw6Oga3/Z0Nuc+qwZDhBnNeOsfq9:CH9D9sdFDhkw6Oga3/Z0Nv+qQArq","tlshash":"4033e94521805ff953b1edc1d05be5069376d9863036adca70aabfe420d38db1a2fb68","first_seen":"2026-02-26T14:38:10.458512Z","last_seen":"2026-03-14T12:57:47.278559Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWuYjalmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWuYjalmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://wintermuteloop.com/\r\nOrigin: https://wintermuteloop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21004\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 01:38:41 GMT\r\nexpires: Fri, 26 Feb 2027 01:38:41 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:09 GMT\r\ncontent-type: font/woff2\r\nage: 46736\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21004,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21004, version 1.0","md5":"549a12cc5504190e9168c9ef067f10a4","sha1":"af382bd9d67df6cc5bbd9b6d23c21f0fe5b23bb0","sha256":"2bef6bc763635f137e6b49fc7d01d0d1f74e55413d92a21ce76c9c92c3457150","sha512":"271d3acdc15c8c8e60d2153c31616df649bace3429b6ad778e00585bf31200dd6df8a75f8599f3ace01002a7f8c82454944688fcec6074805e51fe915bb69cb2","ssdeep":"384:16XGGqcnjWuLeGaKO0xHk62MrFybkkW2wTZde91/JimTbBtkVo6zIqP0:16DqoW+sP0xkbScfWR1de9Pteiv","tlshash":"a692d1c62432a4ddf554cbb54a0f42d0fdd9169b80d482c8d030c9eb66e23bacf2991e","first_seen":"2025-09-09T02:02:00.241493Z","last_seen":"2026-06-13T08:34:34.343333Z","times_seen":3591,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"universal-picture.com/","fqdn":"universal-picture.com","domain":"universal-picture.com","tld":"com"},"ip":{"addr":"54.215.31.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-26T14:37:33.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"universal-picture.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Feb 2026 10:39:24 GMT","end":"Sat, 16 May 2026 10:39:23 GMT"},"fingerprint":{"sha1":"F0:98:8E:DC:BC:AD:08:3D:7C:1A:28:8C:A9:8F:28:90:94:28:31:24","sha256":"4E:37:44:BD:94:2E:68:B0:CF:01:9B:C8:93:F7:F1:41:D6:C6:3B:3E:F1:F7:CB:7C:AC:9D:B3:68:15:E9:3E:CC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: universal-picture.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/plain\r\ncontent-length: 0\r\ndate: Thu, 26 Feb 2026 14:37:34 GMT\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=2592000\r\ncache-control: private, no-cache, no-store, max-age=0\r\nexpires: Mon, 01 Jan 1990 0:00:00 GMT\r\nlocation: https://wintermuteloop.com/#/register?ref=686977\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10661,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T02:33:46.2129Z","times_seen":16402294,"resource_available":true,"data":null}},"time_used":1045,"timings":{"blocked":443,"dns":115,"connect":154,"send":0,"wait":156,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/default-4kb3TcCj.css","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/default-4kb3TcCj.css HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cJfNH2wbxIgZ4g15fEzj5IoPW%2FCM0AJn6k%2BkOE5qsh22hmVJaQkfVFmC5eQpT5CVXZfIZ0pNi%2B6f%2B8kIfoI7GCjAVlzZjlNg6N9IM%2BMuKu4%3D\"}]}\r\netag: W/\"9441074b5a64db554b6f52dcd9ef813a\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\ncf-ray: 9d402e767a6607e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":324,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (323)","md5":"5f833ad75b374a6b86e1056ca53b450f","sha1":"21acc48fddcf853be9084864fcdb92a8953752aa","sha256":"bcac8a6975a4b2bc3f57d808216e8f26b70e861e4dc8085d74c78315bbdf969b","sha512":"a666826fa208c3b8eaca2f7b43e0caa2bb315f0248e1c611d6ab1c8e81e657f672205f8fa6ad932b433ec083923147880cddcef57ac52b26deaa6326ff6aa145","ssdeep":"","tlshash":"77e026282a5a390c505bd192f9e04a2ccc38f747d8625a5fa2681b0705935e626b7b9f","first_seen":"2025-11-11T12:55:34.234606Z","last_seen":"2026-06-10T21:35:42.608659Z","times_seen":29,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintermuteloop.com/assets/register-huqQJP1Q.js","fqdn":"wintermuteloop.com","domain":"wintermuteloop.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintermuteloop.com/#/register?ref=686977","date":"2026-02-26T14:37:37.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintermuteloop.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 16:24:12 GMT","end":"Fri, 15 May 2026 17:24:03 GMT"},"fingerprint":{"sha1":"57:F3:6C:BB:C8:C9:7E:0D:E4:33:C8:BE:12:EA:F5:CD:39:47:92:C5","sha256":"93:AE:FA:15:8F:3B:61:04:2A:29:A9:CB:E6:0C:B6:6B:BA:2E:DB:E4:D7:43:0D:BA:E3:4C:F9:A8:F8:B1:DC:20"}}},"request":{"raw":"GET /assets/register-huqQJP1Q.js HTTP/1.1\r\nHost: wintermuteloop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintermuteloop.com/assets/index-DidECXtN.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _scid=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q; _scid_r=1Lq9pxeuMM3R1r1A8dnhVsjPeSu-Tr8q\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:37:37 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1mvtIqW4KGh1TWA62vOq5vjpvirMJh6vp1hZne9Fg8T5QFk%2FJcBITk0qw5Bfn%2BwfUad17Th9epia7PnPhqrtDFx3S6f%2F%2B4R2aAVc2BTd1zZEog%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"d37d94827c02846e41668885d4124261\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\ncf-ray: 9d402e76ebf107e7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55325,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (55324)","md5":"ac5442e1f72f32e9c0fd82b70a7a7d4e","sha1":"d6719bef8a06c199a8a24cdbd0271ec91dc4ca48","sha256":"c52e7a656e26dbdd7d02949fc3a3356ba130f0b453b5adc1221bc146e6dac5d6","sha512":"b1c2ac899e33bcc60df9c842d536017b23ccf7d76f3263534ab68de439631eebd34d5fd2715f0cd0e217c48f0009d32e4cb26cb48be71002d0f6db06a926dd4f","ssdeep":"768:OEQbNqrpM9toHE2XiS/YrsPrcJqrpjwELtqPj4LquOxrTCh5moxETTiWQomXbhbE:OGQraLFqmxVcY5AEaEMWZyK17g9V","tlshash":"2f43e78c71f89cfb56eb65de3a274422f12f456fb440aa52c6789e473c23e509261f38","first_seen":"2026-02-26T14:38:10.466555Z","last_seen":"2026-03-14T12:57:47.266401Z","times_seen":3,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"wintermuteloop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}